urlscan.io logo urlscan.io
SecurityTrails logo

themorningtribune.com Open in urlscan Pro
2606:4700:3031::6815:3844  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://xpshort.com/AnjaliAroraMMSVideo
Effective URL: https://themorningtribune.com/
Submission: On September 04 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 101 IPs in 13 countries across 89 domains to perform 525 HTTP transactions. The main IP is 2606:4700:3031::6815:3844, located in United States and belongs to CLOUDFLARENET, US. The main domain is themorningtribune.com.
TLS certificate: Issued by E1 on August 18th 2022. Valid for: 3 months.
This is the only time themorningtribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 139.162.27.15 63949 (LINODE-AP...)
7 2606:4700:303... 13335 (CLOUDFLAR...)
13 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:236... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:211... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 192.0.77.48 2635 (AUTOMATTIC)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
5 52.205.189.122 14618 (AMAZON-AES)
6 2a02:26f0:ea:... 20940 (AKAMAI-ASN1)
4 104.103.89.41 16625 (AKAMAI-AS)
1 35.172.84.50 14618 (AMAZON-AES)
2 151.101.65.194 54113 (FASTLY)
2 2600:9000:223... 16509 (AMAZON-02)
4 34.200.163.91 14618 (AMAZON-AES)
2 52.200.144.123 14618 (AMAZON-AES)
1 44.193.192.96 14618 (AMAZON-AES)
1 23.205.239.15 16625 (AKAMAI-AS)
14 2a00:1450:400... 15169 (GOOGLE)
55 2a00:1450:400... 15169 (GOOGLE)
12 142.250.185.194 15169 (GOOGLE)
36 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
72 2a00:1450:400... 15169 (GOOGLE)
1 7 2606:4700:303... 13335 (CLOUDFLAR...)
12 34.98.64.218 15169 (GOOGLE)
1 2602:803:c003... 26667 (RUBICONPR...)
1 2 147.75.85.234 54825 (PACKET)
5 34.149.20.76 15169 (GOOGLE)
3 12 185.89.210.153 29990 (ASN-APPNEX)
2 5 72.251.249.13 32475 (SINGLEHOP...)
1 54.231.201.177 16509 (AMAZON-02)
4 2.21.184.200 16625 (AKAMAI-AS)
2 3 3.126.56.137 16509 (AMAZON-02)
3 52.87.80.187 14618 (AMAZON-AES)
2 67.202.105.24 32748 (STEADFAST)
2 2 23.75.240.210 16625 (AKAMAI-AS)
8 23.205.235.133 16625 (AKAMAI-AS)
1 132.226.63.138 31898 (ORACLE-BM...)
3 3 52.29.153.117 16509 (AMAZON-02)
2 2 198.148.27.140 19189 (PULSEPOINT)
1 52.1.249.45 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
5 18.195.44.243 16509 (AMAZON-02)
2 185.86.139.58 201081 (SMARTADSE...)
1 162.210.196.208 30633 (LEASEWEB-...)
1 3.229.81.87 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
1 64.233.184.155 15169 (GOOGLE)
5 5 69.173.144.165 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
3 4 2a05:d018:d29... 16509 (AMAZON-02)
2 4 69.173.144.138 26667 (RUBICONPR...)
10 52.223.40.198 16509 (AMAZON-02)
23 58 142.250.185.162 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
3 5 52.46.130.91 16509 (AMAZON-02)
2 4 185.64.190.78 62713 (AS-PUBMATIC)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 3.122.15.154 16509 (AMAZON-02)
4 11 104.18.18.126 13335 (CLOUDFLAR...)
1 2 52.211.77.239 16509 (AMAZON-02)
1 4 2606:4700:440... 13335 (CLOUDFLAR...)
2 2 35.186.193.173 15169 (GOOGLE)
5 6 37.157.4.25 198622 (ADFORM)
2 35.227.252.103 15169 (GOOGLE)
3 3 13.248.245.213 16509 (AMAZON-02)
2 2600:9000:223... 16509 (AMAZON-02)
4 2600:1f18:1ac... 14618 (AMAZON-AES)
2 151.101.129.108 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 3 192.96.200.41 30633 (LEASEWEB-...)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2 169.50.137.182 36351 (SOFTLAYER)
1 1 35.190.0.66 15169 (GOOGLE)
3 6 51.89.9.251 16276 (OVH)
8 23.35.237.56 16625 (AKAMAI-AS)
1 209.197.3.19 20446 (STACKPATH...)
17 23.35.228.47 16625 (AKAMAI-AS)
4 4 185.29.134.248 30419 (MEDIAMATH...)
2 2 151.101.2.49 54113 (FASTLY)
5 5 213.19.147.44 26120 (RHYTHMONE)
2 2 2.21.184.22 16625 (AKAMAI-AS)
3 3 66.155.71.25 13768 (COGECO-PEER1)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
2 141.95.98.65 16276 (OVH)
2 3 18.203.72.119 16509 (AMAZON-02)
3 3 213.155.156.181 1299 (TWELVE99 ...)
1 1 2600:9000:223... 16509 (AMAZON-02)
2 3 2001:678:cb4:... 56396 (AMOBEE)
1 185.86.139.93 201081 (SMARTADSE...)
1 23.35.228.23 16625 (AKAMAI-AS)
2 2 188.42.191.196 7979 (SERVERS-COM)
1 104.18.19.126 13335 (CLOUDFLAR...)
1 2 185.89.210.101 29990 (ASN-APPNEX)
2 2 54.93.60.116 16509 (AMAZON-02)
5 5 52.50.170.21 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 69.173.151.100 26667 (RUBICONPR...)
7 185.64.189.110 62713 (AS-PUBMATIC)
10 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 185.86.137.110 201081 (SMARTADSE...)
1 1 52.54.46.88 14618 (AMAZON-AES)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 5.161.47.120 213230 (HETZNER-C...)
1 173.231.180.197 32475 (SINGLEHOP...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.94.242.204 16276 (OVH)
2 2 141.94.171.214 16276 (OVH)
2 2 34.254.143.3 16509 (AMAZON-02)
1 1 2a04:4e42:400... 54113 (FASTLY)
1 151.101.193.44 54113 (FASTLY)
2 198.47.127.20 62713 (AS-PUBMATIC)
2 2 146.59.148.16 16276 (OVH)
1 1 2620:116:800d... 16509 (AMAZON-02)
3 3 35.158.200.182 16509 (AMAZON-02)
2 2 52.29.158.178 16509 (AMAZON-02)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 1 34.102.253.54 15169 (GOOGLE)
525 101
1    2606:4700:3031::ac43:98b5 (United States)

ASN13335 (CLOUDFLARENET, US)
xpshort.com
1    139.162.27.15 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: 139-162-27-15.ip.linodeusercontent.com
techymozo.com
7    2606:4700:3031::6815:3844 (United States)

ASN13335 (CLOUDFLARENET, US)
themorningtribune.com
13    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
15    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.de
1    2600:9000:2366:ea00:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
3    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:9000:211a:c600:1:4a30:d840:21 (United States)

ASN16509 (AMAZON-02, US)
d2nr2jos5slco1.cloudfront.net
1    2600:9000:223e:2e00:3:f434:dfc0:21 (United States)

ASN16509 (AMAZON-02, US)
d2f0uviei09pxb.cloudfront.net
4    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
6    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
9    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
1    2a02:26f0:3500:c::5c7b:6837 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
5    52.205.189.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-189-122.compute-1.amazonaws.com
track1.aniview.com
6    2a02:26f0:ea:4a5::2c79 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
4    104.103.89.41 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-89-41.deploy.static.akamaitechnologies.com
c.aaxads.com
l3.aaxads.com
1    35.172.84.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-84-50.compute-1.amazonaws.com
geoip.insticator.com
2    151.101.65.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
2    2600:9000:223d:2a00:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
auth.instiengage.com
4    34.200.163.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-163-91.compute-1.amazonaws.com
event.insticator.com
2    52.200.144.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-144-123.compute-1.amazonaws.com
eua.instiengage.com
1    44.193.192.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-192-96.compute-1.amazonaws.com
go1.aniview.com
1    23.205.239.15 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-239-15.deploy.static.akamaitechnologies.com
www.aaxdetect.com
14    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
55    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
12    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads4.g.doubleclick.net
36    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
72    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
7    2606:4700:3036::ac43:c951 (United States)

ASN13335 (CLOUDFLARENET, US)
ex.ingage.tech
12    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
insticator-d.openx.net
u.openx.net
us-u.openx.net
1    2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
5    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
12    185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
5    72.251.249.13 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    54.231.201.177 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
embedproduction.s3.amazonaws.com
4    2.21.184.200 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-184-200.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    52.87.80.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-80-187.compute-1.amazonaws.com
sync.aniview.com
2    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
video-ads.rubiconproject.com
1    132.226.63.138 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
3    52.29.153.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-153-117.eu-central-1.compute.amazonaws.com
ad.360yield.com
match.360yield.com
2    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    52.1.249.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-249-45.compute-1.amazonaws.com
s2s.aniview.com
2    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
5    18.195.44.243 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-44-243.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
2    185.86.139.58 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    162.210.196.208 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
1    3.229.81.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-81-87.compute-1.amazonaws.com
hb.yellowblue.io
2    2607:f8b0:4003:c13::5e (Tulsa, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    64.233.184.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f155.1e100.net
bid.g.doubleclick.net
5    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    2a05:d018:d29:3601:b498:ffee:4964:ac12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
10    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
58    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
1    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
5    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:4001:62::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r3---sn-4g5e6nsk.c.2mdn.net
5    3.122.15.154 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-15-154.eu-central-1.compute.amazonaws.com
protected-by.clarium.io
11    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    52.211.77.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-77-239.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
4    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
6    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    2600:9000:223f:9600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
4    2600:1f18:1aca:4281:1513:7870:1516:401d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
2    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
3    192.96.200.41 (Ashburn, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
2    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
pubmatic-match.dotomi.com
2    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
6    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
8    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
1    209.197.3.19 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: vip0x013.map2.ssl.hwcdn.net
servedby.flashtalking.com
17    23.35.228.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-47.deploy.static.akamaitechnologies.com
cdn.flashtalking.com
4    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    213.19.147.44 (Beverwijk, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2.21.184.22 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-184-22.deploy.static.akamaitechnologies.com
cs.media.net
3    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
3    18.203.72.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-72-119.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
sync.crwdcntrl.net
3    213.155.156.181 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com
d5p.de17a.com
1    2600:9000:223f:400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
c21lg-d.media.net
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
2    185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
2    54.93.60.116 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-60-116.eu-central-1.compute.amazonaws.com
pm.w55c.net
5    52.50.170.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-170-21.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
7    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
10    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.118 (Waldshut-Tiengen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    52.54.46.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-46-88.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    2606:4700::6813:ac6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
1    5.161.47.120 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de
matching.truffle.bid
1    173.231.180.197 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: ams-delivery-4.sys.adgear.com
cm.adgrx.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    141.94.242.204 (France)

ASN16276 (OVH, FR)
PTR: bixel-10.cloudy.ovh
green.erne.co
2    141.94.171.214 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh
pixel-eu.onaudience.com
2    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loada.exelator.com
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel.onaudience.com
1    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
3    35.158.200.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-200-182.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    52.29.158.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-158-178.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
Apex Domain
Subdomains		 Transfer
100 googlesyndication.com
7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 112
tpc.googlesyndication.com — Cisco Umbrella Rank: 145
585 KB
98 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293
bid.g.doubleclick.net — Cisco Umbrella Rank: 478
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
512 KB
75 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 264
gcdn.2mdn.net — Cisco Umbrella Rank: 933
r3---sn-4g5e6nsk.c.2mdn.net
3 MB
27 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 448
image6.pubmatic.com — Cisco Umbrella Rank: 606
image2.pubmatic.com — Cisco Umbrella Rank: 859
simage2.pubmatic.com — Cisco Umbrella Rank: 677
image4.pubmatic.com — Cisco Umbrella Rank: 845
101 KB
26 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 476
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 922
eus.rubiconproject.com — Cisco Umbrella Rank: 551
video-ads.rubiconproject.com — Cisco Umbrella Rank: 8293
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 993
token.rubiconproject.com — Cisco Umbrella Rank: 686
pixel.rubiconproject.com — Cisco Umbrella Rank: 319
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 844
61 KB
18 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 746
cdn.flashtalking.com — Cisco Umbrella Rank: 960
345 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 225
acdn.adnxs.com — Cisco Umbrella Rank: 594
secure.adnxs.com — Cisco Umbrella Rank: 435
46 KB
16 aniview.com
track1.aniview.com — Cisco Umbrella Rank: 1917
player.aniview.com — Cisco Umbrella Rank: 1720
go1.aniview.com — Cisco Umbrella Rank: 5038
sync.aniview.com — Cisco Umbrella Rank: 2438
s2s.aniview.com — Cisco Umbrella Rank: 2836
258 KB
15 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 78
27 KB
14 openx.net
insticator-d.openx.net — Cisco Umbrella Rank: 19598
rtb.openx.net — Cisco Umbrella Rank: 1493
u.openx.net — Cisco Umbrella Rank: 655
us-u.openx.net — Cisco Umbrella Rank: 377
2 KB
12 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 515
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 430
11 KB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
600 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 336
3 KB
8 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1059
1 KB
8 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 751
static.adsafeprotected.com — Cisco Umbrella Rank: 567
dt.adsafeprotected.com — Cisco Umbrella Rank: 516
94 KB
8 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 270
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
ads.yahoo.com — Cisco Umbrella Rank: 2202
5 KB
7 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1547
ssc-cms.33across.com — Cisco Umbrella Rank: 941
1 KB
7 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 8206
3 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
307 KB
7 themorningtribune.com
themorningtribune.com
50 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 749
1 KB
6 adform.net
c1.adform.net — Cisco Umbrella Rank: 614
3 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 501
2 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 387
mug.criteo.com — Cisco Umbrella Rank: 2794
dis.criteo.com — Cisco Umbrella Rank: 696
2 KB
5 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1650
2 KB
5 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 269
3 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 619
2 KB
5 insticator.com
geoip.insticator.com — Cisco Umbrella Rank: 23620
event.insticator.com — Cisco Umbrella Rank: 17622
680 B
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
imasdk.googleapis.com — Cisco Umbrella Rank: 424
129 KB
4 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 14848
pixel.onaudience.com — Cisco Umbrella Rank: 3345
2 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 538
3 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 452
3 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 798
s.tribalfusion.com — Cisco Umbrella Rank: 2081
2 KB
4 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 20053
sync.aralego.com — Cisco Umbrella Rank: 2822
1 KB
4 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1411
ssbsync.smartadserver.com — Cisco Umbrella Rank: 875
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 615
924 B
4 instiengage.com
auth.instiengage.com — Cisco Umbrella Rank: 17460
eua.instiengage.com — Cisco Umbrella Rank: 28826
23 KB
4 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 2819
l3.aaxads.com — Cisco Umbrella Rank: 4102
135 KB
4 cloudfront.net
df80k0z3fi8zg.cloudfront.net
d2nr2jos5slco1.cloudfront.net
d2f0uviei09pxb.cloudfront.net
122 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 288
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 747
r.turn.com — Cisco Umbrella Rank: 3068
1 KB
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4705
867 B
3 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1446
sync.crwdcntrl.net — Cisco Umbrella Rank: 721
956 B
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 579
2 KB
3 media.net
cs.media.net — Cisco Umbrella Rank: 1294
c21lg-d.media.net — Cisco Umbrella Rank: 1718
2 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 395
1 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 670
match.360yield.com — Cisco Umbrella Rank: 3772
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
region1.google-analytics.com — Cisco Umbrella Rank: 3463
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 66
187 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2329
1 KB
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 705
match.taboola.com — Cisco Umbrella Rank: 2716
528 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 27073
2 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 736
1 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2043
1 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 471
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 566
742 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 849
1 KB
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2704
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3105
207 B
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 48594
630 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 519
932 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1035
481 B
2 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1303
86 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 9270
914 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3780
464 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2386
534 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 417
537 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 20387
366 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5914
280 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1425
408 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6287
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 889
332 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 708
615 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1574
501 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 699
759 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 2138
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 690
443 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1000
574 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 14539
552 B
1 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 8370
1 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 370
704 B
1 yellowblue.io
hb.yellowblue.io — Cisco Umbrella Rank: 6425
439 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1078
1 amazonaws.com
embedproduction.s3.amazonaws.com — Cisco Umbrella Rank: 215234
1000 B
1 aaxdetect.com
www.aaxdetect.com — Cisco Umbrella Rank: 5583
342 B
1 avplayer.com
player.avplayer.com — Cisco Umbrella Rank: 10716
60 KB
1 w.org
s.w.org — Cisco Umbrella Rank: 714
472 B
1 techymozo.com
techymozo.com
411 B
1 xpshort.com
xpshort.com
878 B
0 rlcdn.com Failed
api.rlcdn.com Failed
0 netmng.com Failed
google2waycm.netmng.com Failed
525 89
Domain Requested by
72 s0.2mdn.net 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
themorningtribune.com
s0.2mdn.net
58 cm.g.doubleclick.net 23 redirects themorningtribune.com
googleads.g.doubleclick.net
7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
55 pagead2.googlesyndication.com themorningtribune.com
7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
36 tpc.googlesyndication.com themorningtribune.com
7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
tpc.googlesyndication.com
imasdk.googleapis.com
s0.2mdn.net
securepubads.g.doubleclick.net
17 cdn.flashtalking.com themorningtribune.com
cdn.flashtalking.com
14 securepubads.g.doubleclick.net themorningtribune.com
securepubads.g.doubleclick.net
7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
13 googleads.g.doubleclick.net 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
themorningtribune.com
13 www.google.com themorningtribune.com
www.gstatic.com
www.google.com
7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
tpc.googlesyndication.com
12 ib.adnxs.com 3 redirects df80k0z3fi8zg.cloudfront.net
player.aniview.com
googleads.g.doubleclick.net
acdn.adnxs.com
12 googleads4.g.doubleclick.net themorningtribune.com
googleads.g.doubleclick.net
11 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
10 simage2.pubmatic.com ads.pubmatic.com
10 match.adsrvr.org themorningtribune.com
7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
ads.pubmatic.com
df80k0z3fi8zg.cloudfront.net
ssum-sec.casalemedia.com
9 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
8 sync.teads.tv googleads.g.doubleclick.net
8 us-u.openx.net googleads.g.doubleclick.net
7 image2.pubmatic.com ads.pubmatic.com
7 ex.ingage.tech 1 redirects df80k0z3fi8zg.cloudfront.net
ssum-sec.casalemedia.com
ads.pubmatic.com
7 www.googletagservices.com 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
7 themorningtribune.com www.google.com
themorningtribune.com
6 onetag-sys.com 3 redirects themorningtribune.com
7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
6 c1.adform.net 5 redirects ads.pubmatic.com
6 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
df80k0z3fi8zg.cloudfront.net
ex.ingage.tech
6 player.aniview.com player.avplayer.com
player.aniview.com
6 www.gstatic.com www.google.com
www.gstatic.com
5 match.prod.bidr.io 5 redirects
5 protected-by.clarium.io 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
5 s.amazon-adsystem.com 3 redirects themorningtribune.com
ssum-sec.casalemedia.com
5 token.rubiconproject.com 5 redirects
5 prebid-server.rubiconproject.com player.aniview.com
5 ap.lijit.com 2 redirects df80k0z3fi8zg.cloudfront.net
player.aniview.com
5 ssc.33across.com df80k0z3fi8zg.cloudfront.net
5 track1.aniview.com themorningtribune.com
player.aniview.com
4 sync.1rx.io 4 redirects
4 sync.mathtag.com 4 redirects
4 dt.adsafeprotected.com 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
themorningtribune.com
4 image6.pubmatic.com 2 redirects ads.pubmatic.com
4 pixel.rubiconproject.com 2 redirects themorningtribune.com
4 pr-bh.ybp.yahoo.com 3 redirects
4 ads.pubmatic.com player.aniview.com
df80k0z3fi8zg.cloudfront.net
4 event.insticator.com d2f0uviei09pxb.cloudfront.net
4 fonts.gstatic.com fonts.googleapis.com
www.google.com
3 x.bidswitch.net 3 redirects
3 d5p.de17a.com 3 redirects
3 pixel-sync.sitescout.com 3 redirects
3 sync.aralego.com 2 redirects cdn.aralego.net
3 eb2.3lift.com 3 redirects
3 a.tribalfusion.com 1 redirects 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
ads.pubmatic.com
3 sync.aniview.com player.aniview.com
3 ups.analytics.yahoo.com 2 redirects player.aniview.com
3 c.aaxads.com d2f0uviei09pxb.cloudfront.net
themorningtribune.com
c.aaxads.com
3 www.googletagmanager.com themorningtribune.com
www.googletagmanager.com
3 fonts.googleapis.com themorningtribune.com
7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
2 a.sportradarserving.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 pixel.onaudience.com 2 redirects
2 image4.pubmatic.com
2 loada.exelator.com 2 redirects
2 pixel-eu.onaudience.com 2 redirects
2 pm.w55c.net 2 redirects
2 secure.adnxs.com 1 redirects ssum-sec.casalemedia.com
2 ads.betweendigital.com 2 redirects
2 ad.turn.com 2 redirects
2 id5-sync.com ads.pubmatic.com
df80k0z3fi8zg.cloudfront.net
2 mug.criteo.com themorningtribune.com
2 gum.criteo.com 1 redirects
2 cs.media.net 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 um.simpli.fi 1 redirects
2 acdn.adnxs.com player.aniview.com
df80k0z3fi8zg.cloudfront.net
2 u.openx.net player.aniview.com
df80k0z3fi8zg.cloudfront.net
2 static.adsafeprotected.com 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
2 rtb.openx.net 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
2 gcm.ctnsnet.com 2 redirects
2 fw.adsafeprotected.com 1 redirects themorningtribune.com
2 r3---sn-4g5e6nsk.c.2mdn.net themorningtribune.com
2 csi.gstatic.com imasdk.googleapis.com
2 prg.smartadserver.com player.aniview.com
2 imasdk.googleapis.com 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
2 video-ads.rubiconproject.com player.aniview.com
2 bh.contextweb.com 2 redirects
2 ad.360yield.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 ssc-cms.33across.com player.aniview.com
df80k0z3fi8zg.cloudfront.net
2 prebid.a-mo.net 1 redirects df80k0z3fi8zg.cloudfront.net
2 insticator-d.openx.net df80k0z3fi8zg.cloudfront.net
player.aniview.com
2 eua.instiengage.com auth.instiengage.com
2 auth.instiengage.com d2f0uviei09pxb.cloudfront.net
auth.instiengage.com
2 confiant-integrations.global.ssl.fastly.net d2f0uviei09pxb.cloudfront.net
confiant-integrations.global.ssl.fastly.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 d2nr2jos5slco1.cloudfront.net themorningtribune.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com
1 pixel.quantserve.com 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 p.rfihub.com 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 ssum-sec.casalemedia.com df80k0z3fi8zg.cloudfront.net
1 c21lg-d.media.net c.aaxads.com
1 ssbsync.smartadserver.com 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
1 r.turn.com
1 s.ad.smaato.net 1 redirects
1 id.crwdcntrl.net ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 servedby.flashtalking.com themorningtribune.com
1 ads.travelaudience.com 1 redirects
1 dclk-match.dotomi.com 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
1 cdn.aralego.net player.aniview.com
1 match.360yield.com 1 redirects
1 s.tribalfusion.com 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
1 gcdn.2mdn.net 1 redirects
1 ads.yahoo.com themorningtribune.com
1 px.ads.linkedin.com themorningtribune.com
1 bid.g.doubleclick.net imasdk.googleapis.com
1 hb.yellowblue.io player.aniview.com
1 hb.aralego.com player.aniview.com
1 s2s.aniview.com player.aniview.com
1 sync.technoratimedia.com player.aniview.com
1 l3.aaxads.com themorningtribune.com
1 embedproduction.s3.amazonaws.com themorningtribune.com
1 fastlane.rubiconproject.com df80k0z3fi8zg.cloudfront.net
1 www.aaxdetect.com themorningtribune.com
1 go1.aniview.com player.aniview.com
1 geoip.insticator.com d2f0uviei09pxb.cloudfront.net
1 player.avplayer.com d2nr2jos5slco1.cloudfront.net
1 region1.google-analytics.com www.googletagmanager.com
1 s.w.org themorningtribune.com
1 d2f0uviei09pxb.cloudfront.net themorningtribune.com
1 df80k0z3fi8zg.cloudfront.net themorningtribune.com
1 techymozo.com 1 redirects
1 xpshort.com 1 redirects
0 api.rlcdn.com Failed ads.pubmatic.com
0 google2waycm.netmng.com Failed 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
525 147

This site contains links to these domains. Also see Links.

Domain
r3adyt0download.com
rebrand.ly
wordpress.org
www.idtheme.com
Subject Issuer Validity Valid
*.themorningtribune.com
E1		 2022-08-18 -
2022-11-16		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.w.org
Sectigo RSA Domain Validation Secure Server CA		 2021-11-24 -
2022-12-25		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
outstreamedia.com
R3		 2022-07-17 -
2022-10-15		 3 months crt.sh
*.aniview.com
Amazon		 2022-01-05 -
2023-02-03		 a year crt.sh
*.aaxads.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2022-07-27 -
2023-08-26		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-04 -
2023-06-05		 a year crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2022-05-24 -
2023-05-24		 a year crt.sh
*.aaxdetect.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2022-07-13 -
2023-08-11		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.a-mo.net
R3		 2022-07-04 -
2022-10-02		 3 months crt.sh
ssc.33across.com
GTS CA 1D4		 2022-07-17 -
2022-10-15		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2021-12-15 -
2022-12-03		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-24 -
2023-02-15		 6 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.yellowblue.io
Amazon		 2022-04-23 -
2023-05-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-08-23 -
2022-11-01		 2 months crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2022-04-10 -
2023-04-26		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-18 -
2023-05-18		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-02-24		 a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-20 -
2023-05-20		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
truffle.bid
R3		 2022-07-21 -
2022-10-19		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.iprom.net
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh

This page contains 88 frames:

Primary Page: https://themorningtribune.com/
Frame ID: 1FF4A86112572DF2EDED09CFA3A15A17
Requests: 104 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfrFKQUAAAAAMzFobDZ7ZWy982lDxeps8cd1I2i&co=aHR0cHM6Ly90aGVtb3JuaW5ndHJpYnVuZS5jb206NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=normal&cb=na2ibycyqdzh
Frame ID: FC32C8AEB715CECE056BF5AFB7F1C333
Requests: 8 HTTP requests in this frame

Frame: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D1556A5EE57C3DD78818A3CABD67E2F4
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Frame ID: F72AEF46BBCF98DCCD65FA96710F0BA4
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&k=6LfrFKQUAAAAAMzFobDZ7ZWy982lDxeps8cd1I2i
Frame ID: 9EFBCE7F49D4EAD46E393F044BE454D2
Requests: 3 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 1A95419A6140722B3B782E33C4BEBCB5
Requests: 3 HTTP requests in this frame

Frame: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1D4F6C264621307236E89A97E4D539B2
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIyE0QIQivniAhiyxs7IATAB&v=APEucNWRIRh0b_KArwEpZOfiL4tdEjb6SddIludi9r4HcWk3MkgvWGeIBMKhJs38fI6qpzQgvYRUQIIABW4_DramCS4A0_G_1w
Frame ID: 449020DC3915875BCA287B35C09EBECA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 281316B2F647EBE1C33221A416BFE183
Requests: 3 HTTP requests in this frame

Frame: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1D5CC41E373DE8BC8B203C1A386060DD
Requests: 18 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: E18B521DB5C0BD961E30E1DE2E8E7DE5
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1662294371581-968203717226-007167-003-004163&biddername=105&pid=5d8ccec528a0617cae5a0755&key=10b6f084-27b4-4cd3-a573-b218ef3a216e&gdpr=1&gdpr_consent=&us_privacy=
Frame ID: 2847EE558FFF8D985657DB575A7844C8
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662294371581-968203717226-007167-003-004163%26biddername%3D18%26key%3D%24UID
Frame ID: E8F83EB9801FFAC766D9072005D14BF3
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00001rrPUnAAM&us_privacy=1---&ru=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662294371581-968203717226-007167-003-004163%26biddername%3D104%26pid%3D5d8ccec528a0617cae5a0755%26key%3D33XUSERID33X
Frame ID: DD8736AAF57BC3C01B979086D15CAABB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
Frame ID: EED5188A62E8F4BDD1C3D6DC22426CEA
Requests: 10 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1662294371581-968203717226-007167-003-004163&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662294371581-968203717226-007167-003-004163%26biddername%3D3%26key%3D%5BUSER_ID%5D
Frame ID: 8AB073F2825B87F198E093451B4957F0
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1662294371581-968203717226-007167-003-004163&biddername=22&key=f3c331e2-7642-4baa-ace4-b3e656ff74ad
Frame ID: 8907E64DAB184EDC8544280263281240
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662294371581-968203717226-007167-003-004163%26biddername%3D1%26key%3D
Frame ID: 4BE497A874E22F4519638A862F2B9856
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1662294371581-968203717226-007167-003-004163&biddername=10&pid=59c9148628a0612da3689288&key=gBBWA5FNuFSZ&ev=1&us_privacy=${us_privacy}&pid=562704
Frame ID: 97B4FE5685E2E43878ECEF576DD1E474
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 50CE7C49ADA06243AD1D0FE8E94BC72F
Requests: 3 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-31047.js
Frame ID: 786E34F865DC64CF761684FF67AEDA1D
Requests: 1 HTTP requests in this frame

Frame: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 39B62C8603423D6CE4FA843B989D7320
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8NiZyAEwAQ&v=APEucNWZc953pFZJM2uj3S8NtsxcT6-RcpqUWnq70Asv_oZWNseRT7GCZb67SHDKi6EywLz527XDg9iEEUuq-_0DApNJFbvvkwHXMb7AzIC-HO5JvVC5pqny2pZqdtcezV3gOmbuvfKSoZadi1cRKwtBnIX_XZlswL69qvkKth0i7j16DQiDpbk
Frame ID: 89E5D44EEAD5A74CAF67C25026751C6E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 666E5CE14EEB7D8B3A161DF9C7449737
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
Frame ID: ABAA240AD387C6CA104556923C9A8D26
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 63784D490467F2704125C4C6DE0D2D74
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 2F20C2359D33F04BE2BEF6F156090E62
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: DCE869AF70706A7EF3C163953E0A7C2C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4C085C2E0DEE3C0FF15837E7CD01FC32
Requests: 3 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: DA0921237D31B997E9EEB8A3ECF36416
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Frame ID: F3FAF6D80A19FF47D58C6ED84D875E06
Requests: 1 HTTP requests in this frame

Frame: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 985AC4B4E203378AE4576786BAC00727
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO67DRDDrPv5AhjRzZrPATAB&v=APEucNU5sIyATYTCZWFtoNsGVsxrvvH6R4XUBorS9l1jh87S1h4nLtExDAbapf96q3g9egbunVd94GN1S4mavZsHz7eXfGjQBvtNSgqKBWfhwfwdEyHK6Mec3GDzQ6rwdcjrH0xzRz3iIK09pX26FiGhEFqiWOZoz-iNMfJXnkzWIfd3BCWkRv0
Frame ID: D034394B0BC2BCF20B5783DAA2119B35
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E03A3D88CE4F005DE52E58E02069EAE7
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15847332698834868346/index.html
Frame ID: E14808483200B6B56F98C6731EAEE6FB
Requests: 9 HTTP requests in this frame

Frame: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 10A675B85E59633BF19B62A3E94E4EEE
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 314941FEAE559C7A9BC0F267F06286B8
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNWSVBCl7LQCGNCP_L4BMAE&v=APEucNVp4VaoHKFLThEfJbFdt5fp7QkywMqVl3Omx_ExOaOCilHPg93oUUlkeqBhAiueW-K5e-RWI0rBfH5QvfZ4OMvnBteFcBDWUnHDaxbXpDWoVxJa4deLaznG1aK2FRyxNa1oVXZEFZk6qxJ8cDJ8JtdQRTp0_zr8B_4-FeVHQDhBhiH-ykY
Frame ID: F84618BD1012351A91032DB629A545F9
Requests: 5 HTTP requests in this frame

Frame: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 85773AD672F33BC4471522EFB1BB89A9
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNVMB_6GFKdIBrRMgCcN4wYTe6pysg08dtZ4JxPHoEZi4pKBqOcVRMEjUqNjP-URdZOevoPojIJuncG6ST587a92BMoUiUzEfZR6WGvJF_yfIxqD-sRtS4ViSrR-XFvBNjthGHIOpC27bCa5EBVtD_tE98FzxFm8Htsrn0L3LZEkesOa--k
Frame ID: 9FA349681F0FF12C1E5E76AE979DC930
Requests: 5 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/155564/3772697/index.html
Frame ID: 7F6555C74C9A8ADB2C4C2C04C29760AE
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7552F29E664C345D11BABE17ABC8A781
Requests: 9 HTTP requests in this frame

Frame: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 442EF0414C1B00CAFBD2AA0F07468B32
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
Frame ID: 7644ED7E380951561D656D52035A93C2
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 95AFE3ADA6C14F83D48FFAFA839B4C19
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhiHgu68ATAB&v=APEucNVllW2Eosx2Vd3FCLKZr2Q-0PGGuk7Hv6ZXNbbWGrn06RHJjvbtQGUO3SjQwR_l9yPos-UDpRlipMfGP4ENfbGSeSD80BMcEuEINPfp6PgNNxo01WZcNX7rnPE5NepBTMvLSwtw10ZdDjtUTPDszqY2oFXEg11LUGb_JEbaKafJonVkPy8
Frame ID: F84BD03078EADFF20D1E79BEF509D277
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 896F57570F99F415DB81F8DD08CA538C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B8935E42E8A7D4D7557AC12169D0004C
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=cXx3ErWWLy&t=1&renderingType=2&ev=01_247
Frame ID: 6A8D73AAFACB17BF0DC50D55FA9BFA92
Requests: 12 HTTP requests in this frame

Frame: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EE288507BA39C9B87FC2463BF6FDDCCA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D9E12D4DC183F3D75DD6437A22E12A8F
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYurfwwgEwAQ&v=APEucNW_lLmh5bj863KqqSqN7_Wn8gSXw2dFQx-c0npQuJkup6WfMzo1sZP5ayUPmg2NXf4IArzRP1M1gFs8skApUrhpAT-fL2_ACKGotcSUt3mcubqaub0T0L7QA2GksrIHk_BbGR4o9aLTJrn6SIxQggHLmCgGYX2uHido5aA7W_ung-c3AS0
Frame ID: FF404B0EBE7793164F222CBF2FF1B656
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AnINs8DCke5BRtNmQS9rKqW5cSTPpsgu2mLFMqP8eGJcrU9I0jggGKqz0Uni4sp5sLOcZXchISHRXf-Z-as_a-3zMuqw&cry=1&dbm_d=AKAmf-BBi3QV8fpCl7qBhS0dhsGWy25qDEQxHLkz0QsSqUw3Y6HG_v7fkfyvt-vcT7g_7Ebsv0ceo_sxCqDSyMe7NsWIxe0mR0kEWnFnRN7KL0XqO2rnWUI5aS2czwUGGo5E4cjo8XgRj38x3XancVEMQmB0G-thyZ_abya-wylZXVY6XY28-Y_XtyHleRMqFpDgwFd_iZPGxafoKcRV-4LUm8wvv06UmJybEv3qD7LJRT0saVtrIuccKxiLX-zrTBBo86FkdcvBA7vi-u4NWP0OgbmPxQBzZarlYu9K8boCBQEl24WUSa_q474FzIZgQy9eeOp7VmnkhpWZbDb_hwThptEjFxKb43wOANa6cL3zSdtE5cbTRsl2mCeHmnFAKtOsHmJDfzvOU0Mkqw0NYbIlvDoiew6DgpP1yNZiH6UYIoNyGF4o1JVffTxjbMJ8an9t8aStHa5__rR7HSpX5PpZLHOBwEe0FumPK42GMCFiwJPcaLMPksa14cSXblU96C--SUkkZrDK-cDv1or9lKpa97ILc9PCvJohB_VoZFJlbajmYkHgGMZ7yPBAdFlSyZUJaHaufuRCIZbPf9qV45Kgnrc1jHxOnubADW-42QBwwhaJHuiqNFj-C5o47IolJ0G1UARRbgvIPE4bzq_NtjUEFledpQhvnd6fCOp6ST0zKmwM2AO5KI5vC0tdyEqkvgZngYvja0jgHFQGYCEB-PCMpIxHKsXeMXiorEj_6tkMouFC28IVUhBX1kbcspXNuMpXI7jwPxcKSYbX_DzHFOgPmhdAwHMeSEhlzNx-czkMrN2X3EHR1GhBNA0-7qWzO0iBz25qXZNoL5JE4gfQPXvUlkvGE87SdBbSMCDNImkLsgEHkoyvvp9d4WgXRU92Jj8vCkadYf9D-oAaRO3p88AbZIqacuG2F95K70boTrcIRHIvceShu2Ov5XFwtMBgUpbdAkBP23-LFOy3ORLvMbFE4deTWdcC-AZZ-_1lVi-Y1r1ZEjNvmLbRQ75-sfw1j0-Al0VfCxcCVwzZgXeX9WGo_bnI2avTGgZ2GoekqvTDXQ2t2Nfmjfeyb_30mXMD3kskzmwW4zq_EumRnqoJMD9d9ii5RApcFAmvT26YBR0x-Qcf-wgmvn7hb74GzQN_jkAckyQmtBz7O7k4l87qzqz5cDJkQs9hpLotW-LvVkX7wnIfE-2uFEv_gl_z6XAcugrSU-D1o0o46h7VWfa1bZyV-bRvyvF1-iNyeY9UiJwiZ0DjB0sRDJncz34B7shkIaTMwTUkBTpT46HC7jnlIHjYSxj2lsGa2_XjoxB2EwYSG5FkRDEneLOZjEc0E_ZSeXBTtggdPldK-kE-KsiPCqhceyRGqY0oWcj6sBE2ewwLw7I_68RStQzACwcfy1rVSkqWKBAowqJEifWpOAPIzwDi2N9VxbejEkjUU0WLVd58raoUhzpXUPrUTxk3I9IcTLtKYznPZBaANtsKQfKN3pCH24XHmvlzoaU8hyc2XGCelg2Xb-K7UaJotJYffR5Ysz0gi3cCcPmu5SuxcZoNSn8ZrkNEQc77TwN0SfY3L2hXs9Udzho9jwG53o9ectn7M-IWgM9KkDvz-zDW-sKpKLojwdB9SNbeT0jCBZ5Xkd3CFgzGyvGYTIydnNbbojxxHl_6kFF7iRlrEu1pVBQpc7wHto4Tu_6FrYtWRRVyAtBqrwm8p9KZGWt_x-4oWG64Io6ClrLd-r1BhA99gfSDzffsw4Z3pl2DK4HfnamvKhN7ojo8zjFIKU36MlFQcxMJ4kf0wMPU6bAJft-KZ4QacIdsVU_TcyC3MT5aTPzMfxf77PLCHNJIr4KEc9l5qrq2p7kpY27nUi0aO7p6dbZnWcrTA0LCHRhl7B07HCl6knPs79efiN4LNFFQ-Q89JuF35NVH1nazaF5Gs5d0YOT-AoKSI-6DKJDf8_CCuvEZ3QR_ReBgZTaiq9VhiT48A2PGYzEqsDQRHntWjbMajWpAPnyhH3mM6ConrQBr2_6VAESWCH46lqUTIyBER_u-i9e3CmOvm7io7A8NQ1Nuy8pdSJbyu8oZsuVLPfa4WBLGnV0ZTtEd0nz_y6SOSE-vTfYuoBkifI1rtDcWsvS01oJxUxIZ5HEm_Me3rM0YaGaTPpoKxW8mo_SEdD2klFQGMdvOogHs0y9ERsy07hD64OVSgQ9zGQQWd0LBw0_DIbtESYSJGdkQ7Yr9KfVyJHVpyBgxHn97-EsxDdoar0ZVYtp_x4KWPay18YDEEgS8gTLhulJ7y6Bqd8bkvyOSFr69VZmO2j8AUpc-38yWmFU2ba8tou3LzEnpU2bjcnm2mEr49WDKNx2Ce5pSIZemBdqlZ8pT7f3N7QqbH9EL0IXUmznrgKgc6tPZt67yeSe5beMWrH5g-Iua5OOjy_Y1ci_Y7eI8W24IueLcXUcXzKEC1NNNKc013uxVFY6qTHqqnHmdfAG6jltmF3JAvD-YpICJ377DZ_vjYgoEPZDcoqSDPoZe70bQzSZBUUNk-5_gdL5_FJqNeovHDiPpAVQ0Fk_UIfOSKTNOAexWEXRJQvbN9wh-4xQVv9pRTvDEXw7f3Df4XGsDRvMYNMcm1mrdrHPOB6KptQGspucuazk21-KtgCIdT1yKkU9zoiZmrXhHd9Q7sYjPD9fU3HxHftVuVAnSty3J5aYD9XwzvxhsRN3hZwklhJfpqamjj2aZZKx-Y3rz2rljvqAqaZ77yA2lSat_1v10yJCmCK-403RjXLOO0YQH6E--DZ8my2sJj2FCqVPK5ZtkqXuAPO0K_P7QW8I0JeD7YW72Ay0kuFcZNrURlCtf56UTjtJmLdfIpZvfjIl-GMOasJjOmp5Dmi2-DGLmCzTR6_q3tF8WJIoF6UHAafVht2EOgoqmA8TPkCxtpNNJL8oXHKiqzX0l5PoVWhcGbSRuKRdRT1IsDn3ReU-1SEs8OWqOT8bJZ5fQu-RVXk4m9E0wasddtcc712iiBBWSW_r4up2xmXtF3dSY_0bSIWJ2WgW7BuMqYAiE-XezFxB7J1m6aRndre83QQV0EkeLilq8WL2kWp6uysssyElAxuoDpdvDZ3aLrtprR7ojerr8hdoJczNtXcerAQxeUJBOjYd28z3LJ-gOFmJ2zqwri5zFLaiMzvN6C00UGpsacnHHfy-l3DFIz37hm-Xxdp-aIRPzBTlyL_wZ9ylxQ2i8tQJnfr8juPSrbMob056-yvU9ydfhvmUEKknQsGGZRXdK8oafpQPEN2Hjj2JUWUsmzy5Oo2Yqdb9-PEYmsf9NXMi7kIK5m17x7jmzvG0c_AMLjR2b5I7VkHJxhrZ9U18tgIBRV4W2tDUYLs4eE_d09tQo0WEcgHrot_7vkqgBnRL78aOvk1NaAaWFQ9IaYKjiT_UteegzhijrF5d7kFxjKOqldai9a0bzEaB0JWebW7epYDUaYAKnmzQ05DXmwcX6ORErvhPjNT9iVsXToQ&cid=CAQSTgCsnQUx7HsbPuog8cheoApVshDIe4kbg6qiZgoUVIG3QMB_RaPemxs-EelbnMkjT2Z10oW2zT_yoDRClD-67fFZ84imrvI3W5DnMtf-IA&rfl=2%2Chttps%253A%252F%252Fthemorningtribune.com%252F%240
Frame ID: 3F12A3C67D9E552D1AFC660EB57B54BD
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17624324709191354189/DE_Consideration_OmnichannelGuide_DIS_HTML5_300x250.html
Frame ID: BDE7CF5C73159F759E965CBBEF9DF584
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 06D6DA3715AF062F90DEE537754757E6
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0978B963C0BC6A3786CF9C21A03B046C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Frame ID: 5CB3E1FADD0751D94E91AF8CF0CE9D1E
Requests: 1 HTTP requests in this frame

Frame: https://c.aaxads.com/aacxs.php?flg=AAXJ0S45T&fv=1&fy=37&ke=1&suylg=292%2C159%2C97%2C366%2C325%2C272%2C229%2C209%2C274%2C306%2C263%2C175%2C213%2C264%2C291%2C241%2C265%2C267%2C89%2C251%2C178%2C310%2C356%2C203&yvVbqf=1&uhiXuo=https%3A%2F%2Fwww.google.com%2F&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: 55CB82E231D90F1A406244CE1A5752B8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6A7F82CA7CE28313EFEF0F4AD30AC1C3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BE9F979BFAB0996B4BC876A29592C879
Requests: 2 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/betweenx/13b57556-cc9c-49b2-b25e-8a581b41af61?uid=489f821d-4769-52f7-8f7b-3e0aec6fa76d
Frame ID: E493B4BEA4A117CD3A3520CD7FE9F86A
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5137576012
Frame ID: F19E48092C932C05D8EFC7C21A049E99
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DFFF198F4F25E790F7E30B79417DE0F0
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DPM_UID
Frame ID: 27C373FAFBBB58CA7E738A8875CEE2BE
Requests: 20 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406715
Frame ID: 143CAE86ABA4BF3F9E1C9A459E4622AC
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: BC491F8B5E875BC6AC79CE5D024AFFEE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Frame ID: 3A60ADB375B5ABBD22448EA110C01DE9
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A4CF2B8258B0DBA0F082B5F016188A76
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 21487EFFB2A0F970059FE3BF06C90129
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 5C12878EC58263FFF32A3BB8EF8C6CC6
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3D
Frame ID: 3265C92993F8EC3990740A8933A4A157
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=980BF6E1-35D9-43AF-9055-82975AFA1B0D
Frame ID: 0FE1077C72B3C804B101D8FEB6985964
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2568382642028142239
Frame ID: 8E97B0CE47DE8327472AD2D4DB5FEA19
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cf506314-9966-4000-924b-7c61a18c43d0&gdpr=0&gdpr_consent=
Frame ID: B064A4AEF840A831BC3D06B00F331F24
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 80A800C2B13E4CB57C15A79C7B0FEA75
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7139499989835511955
Frame ID: 7744F6D78A12BA1D6B99733DCE2D2B12
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YxSZZQALafPligBC&gdpr=0&gdpr_consent=
Frame ID: E858B275AB30DF901BA153EC03218B71
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACFl07GKTMAAA7Mxp7-QQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: B426250F5A9B0D405C53A92540C51614
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=2tUeh4OaRS1R_USFIX-Ux4rHJoQ
Frame ID: D11943DB813D3B72C332C603F98DAA9F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: EF73AACFCD3711B0A7769DC51B1371BB
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: A25C044E623C948C3068D1A2A6D79CCD
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 359392095961D69D3642BB39198A66F0
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2189658939
Frame ID: F2E2D64A3AD40412095A4B9A51E2F638
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: D027AAFD9C9603827B3EE6D8B2AC5B96
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 4FB94DE97BEF01C6D4D0B923EE6E385F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbhMTbVaMQbXRhXbU
Frame ID: 3B41B77A531F730712C564CAEE17EEBD
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1356955d-1060-4915-a47d-febefac6130b-tucta0e1eea&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: B05AC7065C3CCC784671053C21CB4860
Requests: 1 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/sync/pubmatic/13b57556-cc9c-49b2-b25e-8a581b41af61?uid=980BF6E1-35D9-43AF-9055-82975AFA1B0D
Frame ID: 2ECD8BF67BD298EB858E0B60168631E5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Insurance : Importance, Types And Benefits

Page URL History Show full URLs

  1. https://xpshort.com/AnjaliAroraMMSVideo HTTP 302
    https://techymozo.com//AnjaliAroraMMSVideo HTTP 302
    https://themorningtribune.com/verify/?AnjaliAroraMMSVideo Page URL
  2. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwjY9PiRsrf4AhUP8XMBHUIECS0... Page URL
  3. https://themorningtribune.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

525
Requests

85 %
HTTPS

33 %
IPv6

89
Domains

147
Subdomains

101
IPs

13
Countries

6926 kB
Transfer

17796 kB
Size

117
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://xpshort.com/AnjaliAroraMMSVideo HTTP 302
    https://techymozo.com//AnjaliAroraMMSVideo HTTP 302
    https://themorningtribune.com/verify/?AnjaliAroraMMSVideo Page URL
  2. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwjY9PiRsrf4AhUP8XMBHUIECS0QFnoECAUQAQ&url=https://themorningtribune.com/&usg=AOvVaw0xky7o0NJ5Iud-8QEcze-a Page URL
  3. https://themorningtribune.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://xpshort.com/AnjaliAroraMMSVideo HTTP 302
  • https://techymozo.com//AnjaliAroraMMSVideo HTTP 302
  • https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Request Chain 103
  • https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662294371581-968203717226-007167-003-004163%26biddername%3D105%26pid%3D5d8ccec528a0617cae5a0755%26key%3D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662294371581-968203717226-007167-003-004163&biddername=105&pid=5d8ccec528a0617cae5a0755&key=10b6f084-27b4-4cd3-a573-b218ef3a216e&gdpr=1&gdpr_consent=&us_privacy=
Request Chain 106
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
Request Chain 108
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662294371581-968203717226-007167-003-004163%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662294371581-968203717226-007167-003-004163%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662294371581-968203717226-007167-003-004163&biddername=22&key=f3c331e2-7642-4baa-ace4-b3e656ff74ad
Request Chain 110
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662294371581-968203717226-007167-003-004163%26biddername%3D10%26pid%3D59c9148628a0612da3689288%26key%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662294371581-968203717226-007167-003-004163&biddername=10&pid=59c9148628a0612da3689288&key=gBBWA5FNuFSZ&ev=1&us_privacy=${us_privacy}&pid=562704
Request Chain 157
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7NB5DYM-1T-KWRZ
Request Chain 158
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/iPkt6BcFre2tzHy78wWNaMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3336009855547214092
Request Chain 160
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECz02pADk5saciSNFKoc-zw&google_cver=1
Request Chain 161
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2EzYzUyNGFlNWNmMTMzZmYwM2FkODkxZGU0MTI4OGU3ZjcxNTJlMg
Request Chain 162
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdOQjVEWU0tMVQtS1dSWg==
Request Chain 163
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7NB5DYM-1T-KWRZ&sigv=1&esig=2~967531b34a694afe01e437c836d912ceaca5dc60
Request Chain 164
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=z5hLNqC1R7-bHIudl-8Nxg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=z5hLNqC1R7-bHIudl-8Nxg
Request Chain 167
  • https://gcdn.2mdn.net/videoplayback/id/20dcfe5f46302250/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693830372/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/112AF0F475F9124BC1D06962EC1FC933F9405664.7EF0F952C5C33ABB6EC5901F5EC0D017772D54C7/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/20dcfe5f46302250/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693830372/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6416937FCFE35EA2C85C529600DA6A4E52731B54.3E4FFFE8AD295A77A28E155C1C2FBB9D9A04C071/key/cms1/cms_redirect/yes/mh/O6/mip/2a02:6ea0:c71b:0:1012:9df0:ced8:2229/mm/42/mn/sn-4g5e6nsk/ms/onc/mt/1662292963/mv/u/mvi/3/pl/48/file/file.mp4
Request Chain 183
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAYjBGzG7-ieXtZoyC5K9s&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAYjBGzG7-ieXtZoyC5K9s&google_cver=1&C=1
Request Chain 184
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxSZZAiE3u4nycGt74TO.wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAYjBGzG7-ieXtZoyC5K9s&google_cver=1&google_hm=2
Request Chain 185
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENn5JelxuFDU261xhW1FsOk&google_cver=1
Request Chain 186
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyMTA3NDYxMzg1MTI3MjY3
Request Chain 197
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEMMO6DAG8CPORFdrBpbgevU&google_cver=1&google_push=AehlK4AzSJb1mow4NZNqsWadUvohZtUSFPtYNzsp11tGgq3rBEKxw85rSOrlHWOmSyk0sTgoT0_mEmuwcV8LVKOWnxHL1ypMpB4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4AzSJb1mow4NZNqsWadUvohZtUSFPtYNzsp11tGgq3rBEKxw85rSOrlHWOmSyk0sTgoT0_mEmuwcV8LVKOWnxHL1ypMpB4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMMO6DAG8CPORFdrBpbgevU&google_cver=1&google_push=AehlK4AzSJb1mow4NZNqsWadUvohZtUSFPtYNzsp11tGgq3rBEKxw85rSOrlHWOmSyk0sTgoT0_mEmuwcV8LVKOWnxHL1ypMpB4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4AzSJb1mow4NZNqsWadUvohZtUSFPtYNzsp11tGgq3rBEKxw85rSOrlHWOmSyk0sTgoT0_mEmuwcV8LVKOWnxHL1ypMpB4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 198
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEE59SkskPYLFBe1bSrp7wCQ&google_cver=1&google_push=AehlK4AMH8T4JAYNthHr-It90heI1eyjnu4D28nVjRH8O4u0l4zDaq8GmRQNrKeh12HdgzDoj9SFPFxyCTVnBz4ok_jsFYZjUmLz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4AMH8T4JAYNthHr-It90heI1eyjnu4D28nVjRH8O4u0l4zDaq8GmRQNrKeh12HdgzDoj9SFPFxyCTVnBz4ok_jsFYZjUmLz&google_hm=nhsaX_bJSeyr9BNZ8xSwqoQ
Request Chain 200
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHonjw-Uu-any0XwPwG_o1w&google_cver=1&google_push=AehlK4Au4QhupAZ2RRAK072_nhWT4iFI3Z2Unh5LePZJ5bbSVPTTlCgh3N8cNtCgAW5aCMTyHUhlh8V8BZVLTFlpvldQ-WsO8LSx HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHonjw-Uu-any0XwPwG_o1w&google_cver=1&google_push=AehlK4Au4QhupAZ2RRAK072_nhWT4iFI3Z2Unh5LePZJ5bbSVPTTlCgh3N8cNtCgAW5aCMTyHUhlh8V8BZVLTFlpvldQ-WsO8LSx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDk0MzQ1NDMxNDQwNDAyOA&google_push=AehlK4Au4QhupAZ2RRAK072_nhWT4iFI3Z2Unh5LePZJ5bbSVPTTlCgh3N8cNtCgAW5aCMTyHUhlh8V8BZVLTFlpvldQ-WsO8LSx
Request Chain 202
  • https://match.360yield.com/match/ebda?google_gid=CAESEIFnXxB2RUGYRIuwUVyFkKU&google_cver=1&google_push=AehlK4BGAo2Vo3ouaKNECLNHdLWQiiF0vSDyoeVJY1V9Re3dlXX87DdynqxlnzjcYzLDqWVlnkgUNrvBhKPLjHoq4JHzX-sQiag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=88Mx4nZCS6qs5LPmVv90rQ&google_push=AehlK4BGAo2Vo3ouaKNECLNHdLWQiiF0vSDyoeVJY1V9Re3dlXX87DdynqxlnzjcYzLDqWVlnkgUNrvBhKPLjHoq4JHzX-sQiag
Request Chain 203
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKSntnvxvQWca9fmfiQcxtE&google_cver=1&google_push=AehlK4B2LcE6dLAOQALB1_M9i4vp5GYj-ffLux9DvWdLSsij5_SADX0wVY7leSIHpbSUg71xOb-0n3WZTvjjmTnzQryeSJ2sfw76 HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4B2LcE6dLAOQALB1_M9i4vp5GYj-ffLux9DvWdLSsij5_SADX0wVY7leSIHpbSUg71xOb-0n3WZTvjjmTnzQryeSJ2sfw76&google_gid=CAESEKSntnvxvQWca9fmfiQcxtE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODYyNzA4ODg0ODYzMDc2ODQzNzg4&google_push=AehlK4B2LcE6dLAOQALB1_M9i4vp5GYj-ffLux9DvWdLSsij5_SADX0wVY7leSIHpbSUg71xOb-0n3WZTvjjmTnzQryeSJ2sfw76
Request Chain 216
  • https://fw.adsafeprotected.com/rfw/st/886862/62195780/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_ZJkUY4jsGb2W9u8PtM2UuAo&cbFunctionName=goog_wrapCb_ZJkUY4jsGb2W9u8PtM2UuAo&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fthemorningtribune.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:5f7c79d3-e09a-ddc3-35bc-3bfb8042fdef,c:nfr9OV,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b5678d7-jd6zb,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tgt3MAK+111%7C12%7C13%7C141%7C142%7C143%7C144%7C145%7C146%7C147%7C148%7C149%7C15%7C16%7C171%7C172%7C181%7C19%7C1a%7C1b*.886862-62195780%7C1b1%7C1b2%7C1b3%7C1b41,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:19,oid:c3738d97-2c4c-11ed-b4ce-46b603067ac5,v:19.8.346,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js
Request Chain 239
  • https://sync.aralego.com/idsync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f192b9d2-4404-381a-9804-43b3213d40e0?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-FlSL80JE2oWqJmiLOyh1VSLueNz0nenNtPbr3rY-~A&redirect=
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAYjBGzG7-ieXtZoyC5K9s&google_cver=1
Request Chain 255
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxSZZAiE3u4nycGt74TO.wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAYjBGzG7-ieXtZoyC5K9s&google_cver=1&google_hm=2
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENn5JelxuFDU261xhW1FsOk&google_cver=1
Request Chain 257
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyMTA3NDYxMzg1MTI3MjY3
Request Chain 268
  • https://um.simpli.fi/gp_match?google_gid=CAESEB-EzJJJrSUui6wCgogr7U4&google_cver=1&google_push=AehlK4CcUcvCR7bXckJ-MM1VMtU0YFDTaSXzjyYgGV7xqylIFpPpEas6SgPFezEIrFmVACIHyKXP7H3KI_LLyqrkqsLMim9PZUyR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=684E4E10DCF44ABBBDAD423F15344769&google_push=AehlK4CcUcvCR7bXckJ-MM1VMtU0YFDTaSXzjyYgGV7xqylIFpPpEas6SgPFezEIrFmVACIHyKXP7H3KI_LLyqrkqsLMim9PZUyR
Request Chain 269
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJfSJuPtriM8im-69zMv7Xs&google_cver=1&google_push=AehlK4AyFclnzAIjFKbVdMyO9fhzgeeq7rcek0ocflVQjOXgDs0RYp97GtRhWlHBALbxw9qOsSQS28fXwO2rYeoOhqMlVlVwInQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=abluBUnHQzmgu2rwvKdjCA2&google_push=AehlK4AyFclnzAIjFKbVdMyO9fhzgeeq7rcek0ocflVQjOXgDs0RYp97GtRhWlHBALbxw9qOsSQS28fXwO2rYeoOhqMlVlVwInQ
Request Chain 270
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHkHWuM7K92IxrQDHs8piu0&google_cver=1&google_push=AehlK4DucrENjWo_62Pa94Nn9BEX2I5T_3MwPgH5Z4_dNSXdWIEoFOdC9lyXm2s4dNEMgkHSWyEdZRPrRrZWuWXJ3WgjHBO34zs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4DucrENjWo_62Pa94Nn9BEX2I5T_3MwPgH5Z4_dNSXdWIEoFOdC9lyXm2s4dNEMgkHSWyEdZRPrRrZWuWXJ3WgjHBO34zs&google_hm=MzMzNjAwOTg1NTU0NzIxNDA5Mg%3D%3D
Request Chain 271
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHonjw-Uu-any0XwPwG_o1w&google_cver=1&google_push=AehlK4BWtZl66-UQEbvXFdsSeDpyeU5K9kN8zatHtcG7ealm7d4zPp0OELu2D5ysffxD-j57FKJ7WUovxHWbG8-ThQjf6FoFGnsa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDk0MzQ1NDMxNDQwNDAyOA&google_push=AehlK4BWtZl66-UQEbvXFdsSeDpyeU5K9kN8zatHtcG7ealm7d4zPp0OELu2D5ysffxD-j57FKJ7WUovxHWbG8-ThQjf6FoFGnsa
Request Chain 273
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDbF14GWhOYLtOCqBl8jtp4&google_cver=1&google_push=AehlK4Bzuj5dE3ZQlyFqa3mTVH0LGJUVvYUaohhNMt8z65nyXbJvEaAElCnQ6ssGowVt8bDvd47Wg0Uf3eNzHMAxz7KDmbDqyvO8Uw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4Bzuj5dE3ZQlyFqa3mTVH0LGJUVvYUaohhNMt8z65nyXbJvEaAElCnQ6ssGowVt8bDvd47Wg0Uf3eNzHMAxz7KDmbDqyvO8Uw HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKbxu7052dmv2VeWzPKSeo&google_cver=1
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESECial8zTFsYmI4D3EvuKqHA&google_cver=1
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKbxu7052dmv2VeWzPKSeo&google_cver=1
Request Chain 320
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESECial8zTFsYmI4D3EvuKqHA&google_cver=1
Request Chain 325
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEp49UwqnwfrbxoI5ckVhq0&google_cver=1&google_push=AehlK4AaOOclt6VoDKETuTG_jY4S4lFx_kDDvtvyHkHvlmKz0ZAfvkIxfernZCJPUtbIQ5Ap0S0LXH1kilE_d2JXpW38mOOP0Xzk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AaOOclt6VoDKETuTG_jY4S4lFx_kDDvtvyHkHvlmKz0ZAfvkIxfernZCJPUtbIQ5Ap0S0LXH1kilE_d2JXpW38mOOP0Xzk
Request Chain 326
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENsLry9V78CBx2kJ4_SezhE&google_cver=1&google_push=AehlK4BZhR_a1SvWW21UPUV2ANBozO6CenrW7kkwORtMgF005pVXzMTqpItbDWQ66-U_KopQXEIdUFnygfJi6g9sELE97lIAWJMP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENsLry9V78CBx2kJ4_SezhE&google_push=AehlK4BZhR_a1SvWW21UPUV2ANBozO6CenrW7kkwORtMgF005pVXzMTqpItbDWQ66-U_KopQXEIdUFnygfJi6g9sELE97lIAWJMP
Request Chain 328
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE--TvSr7f4dywmhXRDZrI0&google_cver=1&google_push=AehlK4AgGaB81QgSsNjivpjniUZ93dwkKW6croA-5o2uiPXyn3Ryep5ga3pyetIwoSXG1v2f2n4wJk8nzosSs5ecqX5upNr9l84 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE--TvSr7f4dywmhXRDZrI0&google_cver=1&google_push=AehlK4AgGaB81QgSsNjivpjniUZ93dwkKW6croA-5o2uiPXyn3Ryep5ga3pyetIwoSXG1v2f2n4wJk8nzosSs5ecqX5upNr9l84&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mAv24TXZQ6-QVYKXWvobDQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4AgGaB81QgSsNjivpjniUZ93dwkKW6croA-5o2uiPXyn3Ryep5ga3pyetIwoSXG1v2f2n4wJk8nzosSs5ecqX5upNr9l84
Request Chain 329
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP41BYjoGgfpuVsQ4Q1u_HU&google_cver=1&google_push=AehlK4BvgUazyrZ5tX5eClbhWxIMV3e9byl9sCPrWcDQ_xsIn2o3Ks97mG9mXQbfchP8XxH7RUrA4_9Ny_zRHHGEOzAhKUkagqSe HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4BvgUazyrZ5tX5eClbhWxIMV3e9byl9sCPrWcDQ_xsIn2o3Ks97mG9mXQbfchP8XxH7RUrA4_9Ny_zRHHGEOzAhKUkagqSe&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1662294373842 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cce006bb-9f5d-4719-8193-34f2dab4951d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4BvgUazyrZ5tX5eClbhWxIMV3e9byl9sCPrWcDQ_xsIn2o3Ks97mG9mXQbfchP8XxH7RUrA4_9Ny_zRHHGEOzAhKUkagqSe%26google_hm%3DA8zgBrufXUcZgZM08tq0lR0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BvgUazyrZ5tX5eClbhWxIMV3e9byl9sCPrWcDQ_xsIn2o3Ks97mG9mXQbfchP8XxH7RUrA4_9Ny_zRHHGEOzAhKUkagqSe&google_hm=A8zgBrufXUcZgZM08tq0lR0
Request Chain 330
  • https://cs.media.net/cksync?type=g&google_gid=CAESEOdPSRNCw3XzuHaDeYx_W6U&google_cver=1&google_push=AehlK4CRroJhHoF_w5B4pfwoy3NmnppKBUBkoLWlr63n3G5-BAOdpd1LwAq9_VKaIJXjToDKvZDhVjWXZUUESxu9hKzTpT4SeQPb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA1Mjk1OTczMDczMzIzMTAwMFYxMA%3d%3d&mn_hm=MzA1Mjk1OTczMDczMzIzMTAwMFYxMA%3d%3d&google_sc=1&google_push=AehlK4CRroJhHoF_w5B4pfwoy3NmnppKBUBkoLWlr63n3G5-BAOdpd1LwAq9_VKaIJXjToDKvZDhVjWXZUUESxu9hKzTpT4SeQPb&gdpr=&gdpr_consent=
Request Chain 331
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKOUyaS4FECBkqx71_WZ66A&google_cver=1&google_push=AehlK4CsdOnv4Dt2nRcOBP4F-US-UHD-Q0UscQwOzpurMU_uzUA1tacfiBbb4B2CC2voVJbGV3uIVc391K7EVd5uZJoifAUpVTwzhA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1nY05hb1JsRTJ1RzZtTy5BYUVwdHFEUm1KSmlwRTNQSH5B&google_push=AehlK4CsdOnv4Dt2nRcOBP4F-US-UHD-Q0UscQwOzpurMU_uzUA1tacfiBbb4B2CC2voVJbGV3uIVc391K7EVd5uZJoifAUpVTwzhA
Request Chain 358
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEP0CukN9qEFkqeLDq1jyZTE&google_cver=1&google_push=AehlK4DyKrCEUAhJh46O3-EMsEQdyvAPF8noJ5N5rHYKLOEtNX_gqFYWgqz_LVKTqg6gv-kck6OAehWVTXsg-5tk8U9KGWWZURMU HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEP0CukN9qEFkqeLDq1jyZTE&google_cver=1&google_push=AehlK4DyKrCEUAhJh46O3-EMsEQdyvAPF8noJ5N5rHYKLOEtNX_gqFYWgqz_LVKTqg6gv-kck6OAehWVTXsg-5tk8U9KGWWZURMU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=jGDCFsmaSly5Poz7Jrd7J2MUmWY
Request Chain 359
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEE59SkskPYLFBe1bSrp7wCQ&google_cver=1&google_push=AehlK4BC8WnvDK3tm67bR34iBX-zD8ljfSC8-tXBu1j1hijAi9Vd1rVRZZfTKBuintQsqkKu4jDQlyosvodQGXiV0C_V8ZU_zg1M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4BC8WnvDK3tm67bR34iBX-zD8ljfSC8-tXBu1j1hijAi9Vd1rVRZZfTKBuintQsqkKu4jDQlyosvodQGXiV0C_V8ZU_zg1M&google_hm=nhsaX_bJSeyr9BNZ8xSwqoQ
Request Chain 361
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKSntnvxvQWca9fmfiQcxtE&google_cver=1&google_push=AehlK4AXLMGiEI23FGKsJP83c6tEgpAffTiIYNfCkZLXPlU5YcP3JWVCslBCJvvR9n7qVTVhWtA2pJOkHZLF3HALNhMIJJkcT43u HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODYyNzA4ODg0ODYzMDc2ODQzNzg4&google_push=AehlK4AXLMGiEI23FGKsJP83c6tEgpAffTiIYNfCkZLXPlU5YcP3JWVCslBCJvvR9n7qVTVhWtA2pJOkHZLF3HALNhMIJJkcT43u
Request Chain 367
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKbxu7052dmv2VeWzPKSeo&google_cver=1
Request Chain 369
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESECial8zTFsYmI4D3EvuKqHA&google_cver=1
Request Chain 386
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthemorningtribune.com%2F&domain=themorningtribune.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Px0zR3x5cEhwWVhIby80YWVaM3B4U2FyRnk4WmMwbWlVbUtYaHZUYUV6M0ZLblMrOVFLczZSSjBCZmJ3aU4reHRQbHBHd2xnS1o0RERwclBSbmpkMU5yWGFwRHpZTzhOUjRubWJRRE9KN0wwYitxMHBjV1FsNHJOYncwdDcwR2Z1ajd1bzUrbjZQUEU3S24vOG5QZm5XTTg1aTBrSDZZTnV0Vi9xS3JXaU1TejFCYzVncFVmZmR3eGg3RmpkUEU1L2hDSFlnMTNucFhMYzJoQnFzOVI4N2ZnRWR2RW1TeU1BQVhUTUtmZS9ONmh3T1g0NnRzcFdWYVAwOWVxbUFSbS91ZmlHfA&cppv=2
Request Chain 397
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEAumE1W0reEv8xhAoxVvvxU&google_cver=1&google_push=AehlK4Do-Q7IMcfkTo5T5SlEKkBrhO6E0ov-Gi4jSCM56ctx5MsCs-6Ofxx-lnNqcY3Sw8rMJ6sbLDgZSjofHOvD7Jsm4KpUcpbP HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEAumE1W0reEv8xhAoxVvvxU&google_cver=1&google_push=AehlK4Do-Q7IMcfkTo5T5SlEKkBrhO6E0ov-Gi4jSCM56ctx5MsCs-6Ofxx-lnNqcY3Sw8rMJ6sbLDgZSjofHOvD7Jsm4KpUcpbP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4Do-Q7IMcfkTo5T5SlEKkBrhO6E0ov-Gi4jSCM56ctx5MsCs-6Ofxx-lnNqcY3Sw8rMJ6sbLDgZSjofHOvD7Jsm4KpUcpbP
Request Chain 398
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHonjw-Uu-any0XwPwG_o1w&google_cver=1&google_push=AehlK4B-frZ9LGHu0MlopctlMB6hpS2N2Hpt_84RHkuRTdbLewuC1QBEPkFdeBcqCsNArA9Zf-XOxzBmkEmh5hOoneDW97m7iea2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDk0MzQ1NDMxNDQwNDAyOA&google_push=AehlK4B-frZ9LGHu0MlopctlMB6hpS2N2Hpt_84RHkuRTdbLewuC1QBEPkFdeBcqCsNArA9Zf-XOxzBmkEmh5hOoneDW97m7iea2
Request Chain 399
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDafq4NYMJJbZu5QFF6WfW8&google_cver=1&google_push=AehlK4DmkSYrmBOWB39qJ5dLkgLixVdELtV3-WIBN_09vS0fkJ0TI-UCD0WbDZ4bDQMtvbEgEAa1j3SgLBNUmC09EOW5eHdFBTepnQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdOQjVEWU0tMVQtS1dSWg==&google_push=AehlK4DmkSYrmBOWB39qJ5dLkgLixVdELtV3-WIBN_09vS0fkJ0TI-UCD0WbDZ4bDQMtvbEgEAa1j3SgLBNUmC09EOW5eHdFBTepnQ
Request Chain 400
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEC9sdZRfyTckJGTVl-Zlejk&google_cver=1&google_push=AehlK4Cdjb3NL01yZTdb1hT7SlsJdntQup24mF-06ztHys4DZ4JaNGoukxiPjJm4CQwjuYHc_Ag2-10NuxuGGaSC8ljkcJSL6m9fHw HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEC9sdZRfyTckJGTVl-Zlejk&google_cver=1&google_push=AehlK4Cdjb3NL01yZTdb1hT7SlsJdntQup24mF-06ztHys4DZ4JaNGoukxiPjJm4CQwjuYHc_Ag2-10NuxuGGaSC8ljkcJSL6m9fHw&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4Cdjb3NL01yZTdb1hT7SlsJdntQup24mF-06ztHys4DZ4JaNGoukxiPjJm4CQwjuYHc_Ag2-10NuxuGGaSC8ljkcJSL6m9fHw&google_hm=FQoKqGZH0TR4l0ffSF6RYN5n
Request Chain 401
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEL3-kNmb_Ys74vp_-dRcAAw&google_cver=1&google_push=AehlK4AU8o55_YbSoG5D9pMLkD9wV8lMwhnGdULosqxP59pjg-e392dVpsuv3SMMQ7ShBbbW0qyEKk5MmaXUxfSBoHJgYk7ebeiykw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4AU8o55_YbSoG5D9pMLkD9wV8lMwhnGdULosqxP59pjg-e392dVpsuv3SMMQ7ShBbbW0qyEKk5MmaXUxfSBoHJgYk7ebeiykw
Request Chain 402
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDbF14GWhOYLtOCqBl8jtp4&google_cver=1&google_push=AehlK4B1l7S9cyvsYLUEhGMl5lFKX21_EDul_7YBfmCcE6SemSZsekEUeY3neImDvic95O3fFOa_kMZfhfjduOv9Pyuc_ZzmZHKKxEU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4B1l7S9cyvsYLUEhGMl5lFKX21_EDul_7YBfmCcE6SemSZsekEUeY3neImDvic95O3fFOa_kMZfhfjduOv9Pyuc_ZzmZHKKxEU HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 421
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKbxu7052dmv2VeWzPKSeo&google_cver=1
Request Chain 423
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESECial8zTFsYmI4D3EvuKqHA&google_cver=1
Request Chain 449
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIi9OBvNctQKCRHuIR769bw&google_cver=1&google_push=AehlK4DyUsNHqT6qLJgsuOtTJ4PLEdxRqAjTbw6D4jM-wrd07Em8_td_LQMeszIVzRVEZ22QdqD5klFQ0KvuRxCqbRje9dNkOAmW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc3MzUyNjk5NjAyNTYwNjQyNw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIi9OBvNctQKCRHuIR769bw&google_cver=1
Request Chain 450
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEp49UwqnwfrbxoI5ckVhq0&google_cver=1&google_push=AehlK4BVUEhdNq9FYUngG9iOCeblo81GToNf0mDsRJ1hdhLQXZ7WkZkAW7lRUayUPsR_owT7oDr_IQiOjnXEVvE7duqtKf3fuyR7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=z1BjFJlmQACSS3xhoYxD0A&google_push=AehlK4BVUEhdNq9FYUngG9iOCeblo81GToNf0mDsRJ1hdhLQXZ7WkZkAW7lRUayUPsR_owT7oDr_IQiOjnXEVvE7duqtKf3fuyR7
Request Chain 452
  • https://cs.media.net/cksync?type=g&google_gid=CAESEOdPSRNCw3XzuHaDeYx_W6U&google_cver=1&google_push=AehlK4BNTSFZu6CfN0GPZMAqcy6IuaoyG7aaKE8owXqQg5bXjT4S3m24B9YXkQrBultSuhlM8gfqCa-qXMex1AESCrJs25G4aOw4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA1Mjk1OTczMDczMzIzMTAwMFYxMA%3d%3d&mn_hm=MzA1Mjk1OTczMDczMzIzMTAwMFYxMA%3d%3d&google_sc=1&google_push=AehlK4BNTSFZu6CfN0GPZMAqcy6IuaoyG7aaKE8owXqQg5bXjT4S3m24B9YXkQrBultSuhlM8gfqCa-qXMex1AESCrJs25G4aOw4&gdpr=&gdpr_consent=
Request Chain 454
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDbF14GWhOYLtOCqBl8jtp4&google_cver=1&google_push=AehlK4AKOsDmVHyCeSgem54ISax6b9noh9MIK8_glqkmjApEkrUV8G3wHwRJ2c5_pl410IhBDaNEH15DWKBoDybiKds2zZd2Le-ZuA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4AKOsDmVHyCeSgem54ISax6b9noh9MIK8_glqkmjApEkrUV8G3wHwRJ2c5_pl410IhBDaNEH15DWKBoDybiKds2zZd2Le-ZuA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 478
  • https://ads.betweendigital.com/match?bidder_id=43907&gdpr=0&callback_url=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fbetweenx%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43907&gdpr=0&callback_url=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fbetweenx%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://ex.ingage.tech/v1/sync/betweenx/13b57556-cc9c-49b2-b25e-8a581b41af61?uid=489f821d-4769-52f7-8f7b-3e0aec6fa76d
Request Chain 479
  • https://ex.ingage.tech/v1/syncPage/unruly?userId=13b57556-cc9c-49b2-b25e-8a581b41af61&to=https%3A%2F%2Fsync.1rx.io%2Fusersync2%2Frmpssp%3Fsub%3Dinsticator HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=insticator HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5137576012
Request Chain 486
  • https://sync.aralego.com/idSync/?ucf_nid=par-BE7E7ADB8D34EE2BF7BBD2899BB62A77&gdpr=0&redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fucfunnel%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DUCFUID HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 492
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxSZZAiE3u4nycGt74TO-wAAFAUAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxSZZAiE3u4nycGt74TO-wAAFAUAAAAB&dcc=t
Request Chain 495
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ckaokUkO1OuOHB5&gdpr=1
Request Chain 496
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACFl07GKTMAAA7Mxp7-QQ&expiration=1663503975&gdpr=1
Request Chain 498
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455422170144337
Request Chain 500
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator HTTP 301
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Request Chain 510
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2568382642028142239
Request Chain 511
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cf506314-9966-4000-924b-7c61a18c43d0&gdpr=0&gdpr_consent=
Request Chain 513
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7139499989835511955
Request Chain 514
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YxSZZQALafPligBC&gdpr=0&gdpr_consent=
Request Chain 515
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDRmwwN0dLVE1BQUE3TXhwNy1RUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACFl07GKTMAAA7Mxp7-QQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACFl07GKTMAAA7Mxp7-QQ&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACFl07GKTMAAA7Mxp7-QQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 516
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=2tUeh4OaRS1R_USFIX-Ux4rHJoQ
Request Chain 517
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Request Chain 520
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2189658939
Request Chain 523
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNOvcHvPGbhMTbVaMQbXRhXbU HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNOvcHvPGbhMTbVaMQbXRhXbU&xl8blockcheck=1 HTTP 302
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=60378f2919936a4d6b5f161bc2720b74&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DNOvcHvPGbhMTbVaMQbXRhXbU HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbhMTbVaMQbXRhXbU
Request Chain 524
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1356955d-1060-4915-a47d-febefac6130b-tucta0e1eea&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 526
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mAv24TXZQ6-QVYKXWvobDQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 527
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cf506314-9966-4000-924b-7c61a18c43d0
Request Chain 528
  • https://pixel.onaudience.com/?partner=214&mapped=980BF6E1-35D9-43AF-9055-82975AFA1B0D HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=1bf7150fd129b216/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=1bf7150fd129b216/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 529
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTgwQkY2RTEtMzVEOS00M0FGLTkwNTUtODI5NzVBRkExQjBE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 530
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOwk6jvkbkhF75_rk0YAT70&google_cver=1
Request Chain 532
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8174943454314404028
Request Chain 534
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=852107461385127267&gdpr=0&gdpr_consent=
Request Chain 535
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OZ-sdTaVqyAinPl2OJywdTeV-Xgin650a58HEBx7
Request Chain 536
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=647d1bdf-a720-4da0-8d16-410888e82683&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=11b7601e-04fd-4b20-bd4f-81271fafc11d&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 538
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=980BF6E1-35D9-43AF-9055-82975AFA1B0D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-TEwGmPpE2uVyg1B7HVP_O3BR3Hg07Nc-~A&gdpr=0&gdpr_consent=
Request Chain 540
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:152c4ceb-3e88-440f-bb56-08a93ac50ead&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 541
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2773526996025606427&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 542
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8c60c216-c99a-4a5c-b93e-8cfb26b77b27-63149966-5858&gdpr=0&gdpr_consent=
Request Chain 543
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=852107461385127267

525 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
themorningtribune.com/verify/
Redirect Chain
  • https://xpshort.com/AnjaliAroraMMSVideo
  • https://techymozo.com//AnjaliAroraMMSVideo
  • https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7456b6439f4e92b7-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 04 Sep 2022 12:26:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2i482sEelcKp%2F6d7xR1FjmgM2M4MZDGj0aGxdR02ncdTepgNYefkMDIehT2P4KYpkmEYGU86Id0m4u1axueFAtz4li7YejVzhO1QtINigD53%2F2M1VQ1v0FmB2S0Qo4NxlX5K6p%2FdiAcQc6jC%2FEPUdU5aUfY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
683
Content-Type
text/html
Date
Sun, 04 Sep 2022 12:26:09 GMT
Location
https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Server
nginx
Vary
User-Agent,User-Agent
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN,SAMEORIGIN
X-XSS-Protection
1; mode=block
url
www.google.com/ 		932 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwjY9PiRsrf4AhUP8XMBHUIECS0QFnoECAUQAQ&url=https://themorningtribune.com/&usg=AOvVaw0xky7o0NJ5Iud-8QEcze-a
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in
unload
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
469
content-type
text/html; charset=UTF-8
date
Sun, 04 Sep 2022 12:26:10 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
server
gws
strict-transport-security
max-age=31536000
x-xss-protection
0
Primary Request /
themorningtribune.com/ 		55 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://themorningtribune.com/
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwjY9PiRsrf4AhUP8XMBHUIECS0QFnoECAUQAQ&url=https://themorningtribune.com/&usg=AOvVaw0xky7o0NJ5Iud-8QEcze-a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:3844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
446c680cd560e8e6110720159efecf879087dd126674cb3714f5b5b7b1e13f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7456b645cb3092b7-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 04 Sep 2022 12:26:10 GMT
link
<https://themorningtribune.com/wp-json/>; rel="https://api.w.org/", <https://themorningtribune.com/wp-json/wp/v2/pages/432>; rel="alternate"; type="application/json", <https://themorningtribune.com/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4GB2F4p%2FYYmmZAaLVhqfS6TPbG%2FBfHeR47NjhFJBxPErUeRF%2BTgQwqYZtYz2g7WG65TYEp7a%2BgDg8w8LztspXbP9AmfLUXXrWRZIN7Yb%2FDSpy%2BaMwPghKiIQy5Nxdd5l%2F9PbKzOwvJ3fWDYS14K5vagubY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
style.min.css
themorningtribune.com/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://themorningtribune.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:3844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
367157
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 12 Jul 2022 18:20:17 GMT
server
cloudflare
etag
W/"62cdbb61-15b64"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HuPgubWXiOWOLFB%2BQhEZ53NIzsyvrScBgL6idBv8mY%2BFXQijCKGTt0kfudKS%2BaXbar065b%2FUhF7nM%2F0zpzvMeZ6g2%2FpWta7ny0YI0hIn3Gor%2B04J9z1M6RqEEcDzfRuuk5ZuGnPo4amx%2BPOL22KWaJtXPOE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=2592000
cf-ray
7456b647f8159195-FRA
expires
Fri, 30 Sep 2022 06:20:18 GMT
idblog-core.css
themorningtribune.com/wp-content/plugins/idblog-core/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://themorningtribune.com/wp-content/plugins/idblog-core/css/idblog-core.css?ver=1.0.0
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:3844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44c5d1c14f1685bd38adfe9a418c800339ea356687ba6e1da9514be0a7df9955
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
60968
cf-polished
origSize=6775
cf-ray
7456b647f8189195-FRA
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 20 Jun 2022 15:15:36 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"62b08f18-1a77"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ybI%2Fu5Wpr9Jcq8yGuNBHLNniimVE%2Fcn0s42FnLISTE8hPozLBXZpnxjBMx1gdVGxT9x40RGSJNRVwZv8frxQX2%2F%2Bpg%2Byxc0BNMKPfsFFrV0vODgPue9Z31laDLWRjFG40ilBagj065lOmUVZJkdhzgob4q4%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type
native
cache-control
max-age=2592000
content-type
text/css
expires
Sun, 18 Sep 2022 15:17:24 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C600%2C300%26subset%3Dlatin%2C&ver=2.0.9
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6d6b4e3715b628457d40f2bf6e62b661d2bb36d85296d08a0bca4858dd617f7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 04 Sep 2022 12:24:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 04 Sep 2022 12:26:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Sep 2022 12:26:10 GMT
style.css
themorningtribune.com/wp-content/themes/superfast/ 		34 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://themorningtribune.com/wp-content/themes/superfast/style.css?ver=6.0.2
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:3844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75accb62acfb84c7df1e0e2f1b9909e4ed8f15c6756cb9efa675cecae85da09e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
367157
cf-polished
origSize=45483
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 20 Jun 2022 15:14:07 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"62b08ebf-b1ab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAY9HFpVyfLCLVO1GQ24EaitEUWpq5EN5JWJtNInhbszqSDtXSl6lk8b9h8YXDLOCGfkQsAQm7i1zjh838SMQKgqY9l4sYTr0x8evYHbSCTK7xK%2BJAjZ0o8rSI7PVBAx%2BEjDOO843kf5eBTfRM29H9n7HmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7456b647f81b9195-FRA
expires
Fri, 30 Sep 2022 06:20:18 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9384b83d0217ed2aa98aaa86e39ffc0d7a682907f4113601eeec99ac48579b1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28504
x-xss-protection
0
server
sffe
etag
"1323 / 581 of 1000 / last-modified: 1662156516"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 04 Sep 2022 12:26:10 GMT
f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ 		269 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2366:ea00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5486bd604ac6d924dd969a196ef9b9439b6d0e274befcf8dd4f1375fca99541

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
r3rbdVbOpDkd3wTFtWOGXON.vMV.q3lA
content-encoding
gzip
last-modified
Thu, 01 Sep 2022 16:54:57 GMT
server
AmazonS3
age
78421
etag
W/"690c0a6b7faac366e8b89f09b0ddd9d1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 51cdb8754c56a8c64f42e75b07b52ae6.cloudfront.net (CloudFront)
date
Sat, 03 Sep 2022 14:45:02 GMT
x-amz-cf-pop
LAX50-P1
x-amz-cf-id
iDV2XamIR82dzlhAidx0jD5i_aZRm0H3udpvSTCC8JiInWc0eqbDTg==
js
www.googletagmanager.com/gtag/ 		105 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-135892861-1
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
661f646e3fb2ed704f9d98bdc5a964e0d82ebd4ad621d1a3adf31b24fadcb23f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41910
x-xss-protection
0
last-modified
Sun, 04 Sep 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Sep 2022 12:26:10 GMT
js
www.googletagmanager.com/gtag/ 		206 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1WV9GB5460
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12e12f9ff19083a49ba3edd7ee045b0642c9497ffd1d0b731d0bca3f5965dc31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:10 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74511
x-xss-protection
0
expires
Sun, 04 Sep 2022 12:26:10 GMT
themorningtribune.com_instream_floating.js
d2nr2jos5slco1.cloudfront.net/aniview-script/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2nr2jos5slco1.cloudfront.net/aniview-script/themorningtribune.com_instream_floating.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:c600:1:4a30:d840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36a65f58c51aeb98905d2508e11b2a5c6b5ce8f8eb5c3aca23d4f2f95b52c34a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
nRen66l3imZhG6Zn5ScEE0ib41VNkqlS
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 13:53:19 GMT
server
AmazonS3
age
37596
etag
W/"9611f58feacb43c18f98ce2bc9d0dfd8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
date
Sun, 04 Sep 2022 02:58:00 GMT
x-amz-cf-pop
VIE50-C2
x-amz-cf-id
4yq8UhvlHYzWDDqaS_nLk-FzqvGk0fHl-WxIStpQUQjvdSlwD9olnA==
api.js
www.google.com/recaptcha/ 		850 B
577 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7bbc0a1a176faba3ab4ef9aebd61fbc1fd8afc56ce0ed7f7183d8256a57bb024
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
556
x-xss-protection
1; mode=block
expires
Sun, 04 Sep 2022 12:26:10 GMT
customscript.js
themorningtribune.com/wp-content/themes/superfast/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themorningtribune.com/wp-content/themes/superfast/js/customscript.js?ver=2.0.9
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:3844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7b2df62536f84a85e2812da8b375b62724a66472b91144ddbacbeee52a6722f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
60968
cf-polished
origSize=13929
cf-ray
7456b647f81d9195-FRA
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 20 Jun 2022 15:14:07 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"62b08ebf-3669"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJlRYYRChCoZ7ZCmUiaRxXTog4FKZoXmC%2FhpQsY47t2oLHdDMaZsWSTEJmT%2Fk0Gh0T45Atl9KELHoM0NyYWCeZm9vqLWcdVcqKscdLlbBvZXJN%2F1kFOrNqb8C5Q6ZILDi1bannloGQyGQA2fDFJI9A3RCmA%3D"}],"group":"cf-nel","max_age":604800}
x-runcache-type
native
cache-control
max-age=2592000
content-type
application/javascript
expires
Sun, 18 Sep 2022 15:17:25 GMT
wp-emoji-release.min.js
themorningtribune.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://themorningtribune.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:3844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
367156
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 20 Jun 2022 03:45:57 GMT
server
cloudflare
etag
W/"62afed75-48b9"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pb%2B6UsA164Ux55j51sz%2BKq317OTGOxh5xhoaIxSE3UPN%2B0E1F5Iqz3EmgFKYSYW%2BrhWlf3Tf%2FGG5X%2F3HpJFd4gslgNZB%2F%2BO7Fn4b76%2B5MhI206VI4m57MXHZwTutuSHgPQTLuN0hTigGhfSbcE5aMrcSec0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=2592000
cf-ray
7456b648388d9195-FRA
expires
Fri, 30 Sep 2022 06:20:19 GMT
f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
d2f0uviei09pxb.cloudfront.net/ads-code/ 		183 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2f0uviei09pxb.cloudfront.net/ads-code/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:2e00:3:f434:dfc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56438c19f21a6f2e4fe98a34200e13ceff72502706c6549ef2c903c5b18d34d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
ocacE9sHZ3yIrpS73JmPXnVwG_01hVl5
content-encoding
br
last-modified
Thu, 01 Sep 2022 16:55:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
etag
W/"6f56f260123d60faf12c3547691f1d83"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Sun, 04 Sep 2022 12:26:11 GMT
x-amz-cf-id
7tGC_xoIexEIwZalCfXh1cgzMitjfoOwwKt8eIP4R03kY0ElKEqLyQ==
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C600%2C300%26subset%3Dlatin%2C&ver=2.0.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://themorningtribune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 21:06:30 GMT
x-content-type-options
nosniff
age
487180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35904
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:34:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 21:06:30 GMT
2b07.svg
s.w.org/images/core/emoji/14.0.0/svg/ 		240 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/2b07.svg
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
f534b7b1961a07619a8e1466ee3ac41144e416a276b521ba453ed7b5416ca53e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Sun, 04 Sep 2022 12:26:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:47:26 GMT
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
240
expires
Thu, 31 Dec 2037 23:55:55 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/ 		392 KB
157 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbea10abc6a4fb6c6db32f7ff91d4e53f496579268f4f28e4e15f14c76cdd088
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://themorningtribune.com/
Origin
https://themorningtribune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159560
x-xss-protection
0
last-modified
Fri, 02 Sep 2022 18:40:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Sep 2023 12:22:08 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-135892861-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5050
date
Sun, 04 Sep 2022 11:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 04 Sep 2022 13:02:00 GMT
js
www.googletagmanager.com/gtag/ 		206 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1WV9GB5460&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-135892861-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
986a0b3e763c03e19e57834096d93462efb28177ad702b2ec5fe84889936004b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:10 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74519
x-xss-protection
0
expires
Sun, 04 Sep 2022 12:26:10 GMT
pubads_impl_2022083101.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069285
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f5d18b1769507b97d8718a598fcecd3bc9e270bc11a520d769b2d06452418f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 17:51:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66901
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131962
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 08:36:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 03 Sep 2023 17:51:09 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		155 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=themorningtribune.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d4adc0d7fbfc331663f6ad035e13aae0af63b6eaab1cc7d14ced20a3ff16fb44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Sep 2022 12:26:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
expires
Sun, 04 Sep 2022 12:26:10 GMT
collect
region1.google-analytics.com/g/ 		0
351 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1WV9GB5460&gtm=2oe8v0&_p=2099035388&cid=1762745442.1662294371&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662294370&sct=1&seg=0&dl=https%3A%2F%2Fthemorningtribune.com%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=Insurance%20%3A%20Importance%2C%20Types%20And%20Benefits&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1WV9GB5460
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame FC32 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfrFKQUAAAAAMzFobDZ7ZWy982lDxeps8cd1I2i&co=aHR0cHM6Ly90aGVtb3JuaW5ndHJpYnVuZS5jb206NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=normal&cb=na2ibycyqdzh
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5d92cfa4b9d994bd8c3ea734df43518c328641ae88f570608081f9dd0b398e27
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-z9EwJDbrIlX3yTR-F-73xA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23046
content-security-policy
script-src 'report-sample' 'nonce-z9EwJDbrIlX3yTR-F-73xA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:10 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2099035388&t=pageview&_s=1&dl=https%3A%2F%2Fthemorningtribune.com%2F&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=Insurance%20%3A%20Importance%2C%20Types%20And%20Benefits&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1214245066&gjid=1994213920&cid=1762745442.1662294371&tid=UA-135892861-1&_gid=777972241.1662294371&_r=1&gtm=2ou8v0&z=1929763335
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=themorningtribune.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069285
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Sep 2022 12:26:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=themorningtribune.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069285
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Sep 2022 12:26:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		75 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1236502681305917&correlator=1315560070176248&eid=31068457%2C31069285%2C44761477%2C31065644%2C31068897%2C31067826&output=ldjh&gdfp_req=1&vrg=2022083101&ptt=17&impl=fif&iu_parts=22387492205%3A22741543808%2Cthemorningtribune.com.Banner0.1659520629&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C300x250%7C336x280%7C320x280%7C360x300&ifi=1&adks=3122680410&sfv=1-0-38&fsapi=false&eri=4&sc=1&cookie_enabled=1&cdm=themorningtribune.com&abxe=1&dt=1662294370789&dlt=1662294370549&idt=215&adxs=320&adys=1309&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=themorningtribune.com&loc=https%3A%2F%2Fthemorningtribune.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&psz=630x0&msz=630x0&fws=0&ohw=0&ga_vid=1762745442.1662294371&ga_sid=1662294371&ga_hid=2099035388&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e4abde89ddd1ad61c34e94a03b74f4af472e32d35b1489771ea5aa6c14de2e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35675
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		501 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1236502681305917&correlator=1315560070176248&eid=31068457%2C31069285%2C44761477%2C31065644%2C31068897%2C31067826&output=ldjh&gdfp_req=1&vrg=2022083101&ptt=17&impl=fif&iu_parts=22387492205%3A22741543808%2Cthemorningtribune.com.Banner0.1659520691&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C300x250%7C320x280%7C336x280%7C360x300&ifi=2&adks=1444370278&sfv=1-0-38&fsapi=false&eri=4&sc=1&cookie_enabled=1&cdm=themorningtribune.com&abxe=1&dt=1662294370793&dlt=1662294370549&idt=215&adxs=320&adys=1791&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=themorningtribune.com&loc=https%3A%2F%2Fthemorningtribune.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&psz=630x0&msz=630x0&fws=0&ohw=0&ga_vid=1762745442.1662294371&ga_sid=1662294371&ga_hid=2099035388&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9944a3d660078ebf819612ee6b0c35040a5321075253f57704653641586482af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
262
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		71 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1236502681305917&correlator=1315560070176248&eid=31068457%2C31069285%2C44761477%2C31065644%2C31068897%2C31067826&output=ldjh&gdfp_req=1&vrg=2022083101&ptt=17&impl=fif&iu_parts=22387492205%3A22741543808%2Cthemorningtribune.com.Banner0.1659520661&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C300x250%7C320x280%7C336x280%7C360x300&ifi=3&adks=3460338177&sfv=1-0-38&fsapi=false&eri=4&sc=1&cookie_enabled=1&cdm=themorningtribune.com&abxe=1&dt=1662294370795&dlt=1662294370549&idt=215&adxs=320&adys=2293&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=themorningtribune.com&loc=https%3A%2F%2Fthemorningtribune.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&psz=630x0&msz=630x0&fws=0&ohw=0&ga_vid=1762745442.1662294371&ga_sid=1662294371&ga_hid=2099035388&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f66986ed99ca7b82ec8446a38595ef4ec79ce47da50e59ea9b12c5248a8aebb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22458
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D155 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069285
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:10 GMT
expires
Mon, 04 Sep 2023 12:26:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
avcplayer.js
player.avplayer.com/script/2/v/ 		251 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/v/avcplayer.js
Requested by
Host: d2nr2jos5slco1.cloudfront.net
URL: https://d2nr2jos5slco1.cloudfront.net/aniview-script/themorningtribune.com_instream_floating.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:6837 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:10 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduGB2AlLYWO9z1o9MZw3py8-TiNXy0xSw8Y-H7jVVYgkTfXYOmbJIkYFFscMkPtM6TY0pxalGwhD7xlrfFFZLZYF7lWag
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
61326
last-modified
Thu, 03 Mar 2022 17:18:44 GMT
server
UploadServer
etag
"9dff0335699f04080269947f40c366ae"
vary
Accept-Encoding
x-goog-hash
crc32c=DITkQg==
content-language
en
x-goog-generation
1646327924579580
cache-control
public, max-age=300
x-goog-stored-content-length
61326
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Sep 2022 12:31:10 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5d8ccec528a0617cae5a0755&cid=62e9f831047b15547d6d6c55&cb=1662294370808&r=themorningtribune.com&stagid=62ea643a05e77f1a0c00c9b4&stplid=62ea5e3167828879e326ddc8&d35=&e=playerLoaded
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.189.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-189-122.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/ Frame FC32 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfrFKQUAAAAAMzFobDZ7ZWy982lDxeps8cd1I2i&co=aHR0cHM6Ly90aGVtb3JuaW5ndHJpYnVuZS5jb206NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=normal&cb=na2ibycyqdzh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 10:34:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24251
x-xss-protection
0
last-modified
Fri, 02 Sep 2022 18:40:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Sep 2023 10:34:28 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/ Frame FC32 		392 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfrFKQUAAAAAMzFobDZ7ZWy982lDxeps8cd1I2i&co=aHR0cHM6Ly90aGVtb3JuaW5ndHJpYnVuZS5jb206NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=normal&cb=na2ibycyqdzh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbea10abc6a4fb6c6db32f7ff91d4e53f496579268f4f28e4e15f14c76cdd088
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159560
x-xss-protection
0
last-modified
Fri, 02 Sep 2022 18:40:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Sep 2023 12:22:08 GMT
truncated
/ Frame FC32 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame FC32 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame FC32 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 19:40:09 GMT
x-content-type-options
nosniff
age
233161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 08 Sep 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FC32 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfrFKQUAAAAAMzFobDZ7ZWy982lDxeps8cd1I2i&co=aHR0cHM6Ly90aGVtb3JuaW5ndHJpYnVuZS5jb206NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=normal&cb=na2ibycyqdzh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 11:18:05 GMT
x-content-type-options
nosniff
age
436085
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Aug 2023 11:18:05 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame FC32 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=duyHVVR9Brf6N2GewjkPRfsA
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfrFKQUAAAAAMzFobDZ7ZWy982lDxeps8cd1I2i&co=aHR0cHM6Ly90aGVtb3JuaW5ndHJpYnVuZS5jb206NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=normal&cb=na2ibycyqdzh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3444cd05f786fc062fcb5c164604566935c9c5b25706eeab6189b3a0f37d058d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfrFKQUAAAAAMzFobDZ7ZWy982lDxeps8cd1I2i&co=aHR0cHM6Ly90aGVtb3JuaW5ndHJpYnVuZS5jb206NDQz&hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&size=normal&cb=na2ibycyqdzh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 04 Sep 2022 12:26:10 GMT
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		256 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		251 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		273 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		237 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		238 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame F72A 		388 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:ea:4a5::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5968deed67db36c17098f115d0fd4318e4ef3616b6c3541da921599e64689040

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdt7OYWRfR1OmK35dtsLrhCKntuJb0F-w810adzJhrt1vPNby-JIpPwItZ8LGWAN2DeEote1v4mkWYoEulZSYjj4gQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
111996
last-modified
Tue, 30 Aug 2022 07:41:05 GMT
server
UploadServer
etag
"39abf610a1c41bfb1963220128a9136d"
vary
Accept-Encoding
x-goog-hash
crc32c=ixGcvg==, md5=Oav2EKHEG/sZYyIBKKkTbQ==
x-goog-generation
1661845265455307
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
111996
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Sep 2022 12:31:11 GMT
bframe
www.google.com/recaptcha/api2/ Frame 9EFB 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&k=6LfrFKQUAAAAAMzFobDZ7ZWy982lDxeps8cd1I2i
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ef3c26d7b80540c3c6e5b9fa581f3b501ba1805675074a6861fccf4afe040903
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Y-N1Xvm1qNl38ElHy0CHHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1113
content-security-policy
script-src 'report-sample' 'nonce-Y-N1Xvm1qNl38ElHy0CHHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:11 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
video_themorningtribune.com_1.mp4
d2nr2jos5slco1.cloudfront.net/Aniview-Content/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://d2nr2jos5slco1.cloudfront.net/Aniview-Content/video_themorningtribune.com_1.mp4
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:c600:1:4a30:d840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://themorningtribune.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 04 Sep 2022 01:01:32 GMT
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
last-modified
Thu, 04 Aug 2022 10:14:46 GMT
server
AmazonS3
age
41080
etag
"adcbb7b04b219e91567ce4c42128d202"
x-cache
Hit from cloudfront
x-amz-version-id
7aJcgh0hF4fRbuz6.ymCgtWOBbd77uGj
Content-Range
bytes 0-5891463/5891464
x-amz-cf-pop
VIE50-C2
accept-ranges
bytes
content-type
video/mp4
Content-Length
5891464
x-amz-cf-id
DMTFERTTq2lw3dSin4vv62vNHSOXgHz7OAZgyxcqwc3VvYA2AiaQeQ==
aax.js
c.aaxads.com/ 		451 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.aaxads.com/aax.js?pub=AAXJ0S45T&hst=themorningtribune.com&ver=1.2
Requested by
Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/ads-code/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.103.89.41 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-89-41.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a1c6322df9c8ca3d8fcc320d90e5740d14eac6f5c2a82005a665b7b798df4dd7
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Sun, 04 Sep 2022 12:26:11 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
expires
Sun, 04 Sep 2022 12:56:11 GMT
/
geoip.insticator.com/json/ 		242 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/ads-code/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.84.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-84-50.compute-1.amazonaws.com
Software
/
Resource Hash
7a5a84e98d7dd2e4090fb5f006854d1df497956cc9ffb5419011c9b16d1b8cc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin
https://themorningtribune.com
date
Sun, 04 Sep 2022 12:26:11 GMT
access-control-allow-credentials
true
x-database-date
Sat, 03 Sep 2022 23:29:13 GMT
content-length
242
vary
Origin
content-type
application/json
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 		88 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/ads-code/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b3df30dee710242201af86fc792f61b8acf0ed86b60a8391d00514f5837ba32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:11 GMT
Content-Encoding
gzip
Age
801
X-Cache
HIT
Connection
keep-alive
Content-Length
21036
x-amz-id-2
bZcFRchaJYQEJmGifhbHcequvLbXq7YgqRlG7pbcjDzlU3YE+UVeTPdcsxPLtE+NwUgcXYkMmSs=
X-Served-By
cache-hhn4082-HHN
Last-Modified
Sun, 04 Sep 2022 08:19:26 GMT
Server
AmazonS3
X-Timer
S1662294371.098721,VS0,VE0
ETag
"70f3b6d04a4be930a18cc02ef1410eb5"
x-amz-request-id
C0K2J8STP61PCSGB
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
33
index.html
auth.instiengage.com/auth/ Frame 1A95 		75 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/ads-code/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2a00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32dcb7b5d0e79583353a56225e4d8097e004103102d584e245d1b96547f9948d

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
166
cache-control
max-age=300
content-length
75
content-type
text/html
date
Sun, 04 Sep 2022 12:23:30 GMT
etag
"2e3d17ce9023be2c1313c02113f5c568"
last-modified
Tue, 16 Aug 2022 12:46:45 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-cf-id
8WwTnlkTH8-uyNkdjh5TtzQv6BJw0QnRw8APBdFgaBNigDbPj_Dx-Q==
x-amz-cf-pop
FRA56-P3
x-amz-version-id
wwuA1teHfpxnNE1op.J6Ishi5Ug48nVr
x-cache
Hit from cloudfront
event
event.insticator.com/v1/ 		0
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/ads-code/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.163.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-163-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://themorningtribune.com
date
Sun, 04 Sep 2022 12:26:11 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.163.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-163-91.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type
Access-Control-Request-Method
POST
Origin
https://themorningtribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-origin
https://themorningtribune.com
access-control-max-age
3600
content-length
0
date
Sun, 04 Sep 2022 12:26:11 GMT
vary
Origin
styles__ltr.css
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/ Frame 9EFB 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&k=6LfrFKQUAAAAAMzFobDZ7ZWy982lDxeps8cd1I2i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 10:34:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6703
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24251
x-xss-protection
0
last-modified
Fri, 02 Sep 2022 18:40:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Sep 2023 10:34:28 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/ Frame 9EFB 		392 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=duyHVVR9Brf6N2GewjkPRfsA&k=6LfrFKQUAAAAAMzFobDZ7ZWy982lDxeps8cd1I2i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbea10abc6a4fb6c6db32f7ff91d4e53f496579268f4f28e4e15f14c76cdd088
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:22:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159560
x-xss-protection
0
last-modified
Fri, 02 Sep 2022 18:40:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Sep 2023 12:22:08 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202208101343/ 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202208101343/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f83dccda0f23005e073046554fcb6f70e6cc5c6d5a31482d8cbf00c3cae72a69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:11 GMT
Content-Encoding
gzip
Age
820892
X-Cache
HIT
Connection
keep-alive
Content-Length
66315
x-amz-id-2
tn9m/RJ+1Nqpr3MtD2Y1tL/tOZmzJYxGk6sdCOaSEQX8FdjVodEnZg+U+fqqgJTyKkRkriyrqrA=
X-Served-By
cache-hhn4082-HHN
Last-Modified
Thu, 11 Aug 2022 23:13:41 GMT
Server
AmazonS3
X-Timer
S1662294371.124892,VS0,VE0
ETag
"6dc02234ec68d77d35e4d6a9fe8b646f"
x-amz-request-id
VQD62AH5JPVQA99D
Via
1.1 varnish
Cache-Control
public, max-age=864000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
1027321
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/svg+xml
authIframe.js
auth.instiengage.com/auth/ Frame 1A95 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/authIframe.js?v=1
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2a00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
bjKlbjl1idrb07_BYuQLp8gSlZzXUS_r
content-encoding
br
last-modified
Tue, 16 Aug 2022 12:46:41 GMT
server
AmazonS3
age
39
etag
W/"e0bffec4a3929b23d4347f914449f5cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
cache-control
max-age=300
date
Sun, 04 Sep 2022 12:25:33 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
A-BxWXkvyTBTALnesfhFbolLAY9wRviSWGHVp2baKnn6BGP_pPG2qA==
token
eua.instiengage.com/v1/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.144.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-144-123.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://auth.instiengage.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://auth.instiengage.com
access-control-max-age
3600
content-length
0
date
Sun, 04 Sep 2022 12:26:11 GMT
vary
Origin
token
eua.instiengage.com/v1/auth/ Frame 1A95 		864 B
1016 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/authIframe.js?v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.144.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-144-123.compute-1.amazonaws.com
Software
/
Resource Hash
7cc5e5e369e6d7bc2c00aa361cab436bcb50b65f112e6552066af702837a3e47

Request headers

Referer
https://auth.instiengage.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://auth.instiengage.com
date
Sun, 04 Sep 2022 12:26:11 GMT
access-control-allow-credentials
true
content-length
864
vary
Origin
content-type
application/json
container.html
7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1D4F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202208101343/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:10 GMT
expires
Mon, 04 Sep 2023 12:26:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=themorningtribune.com&sn=&ic=0&tgt=0&app=&wi=640&he=361&test=&d36=6.2.52&apppkg=&fv=1&proto=https&clsid=d00197d8-08e3-4c75-b41e-74606b53da6c&rando=50&pid=5d8ccec528a0617cae5a0755&cid=62e9f831047b15547d6d6c55&stagid=62ea643a05e77f1a0c00c9b4&stplid=62ea5e3167828879e326ddc8&e=inventory&vi=100&cb=1662294371299
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.189.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-189-122.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/ 		35 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_VIDEOURL=https%3A%2F%2Fd2nr2jos5slco1.cloudfront.net%2FAniview-Content%2Fvideo_themorningtribune.com_1.mp4&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fthemorningtribune.com%2F&AV_PUBLISHERID=5d8ccec528a0617cae5a0755&AV_CHANNELID=62e9f831047b15547d6d6c55&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=themorningtribune.com&AV_DADPOS=1&AV_TAG=62ea643a05e77f1a0c00c9b4&AV_TEMPLATE=62ea5e3167828879e326ddc8&d36=6.2.52&responsive=1&sver=2&avtoken=371298&omv=1.0.1&clsid=d00197d8-08e3-4c75-b41e-74606b53da6c&rando=50&AV_WIDTH=640&AV_HEIGHT=361&AV_DNT=0&cb=1662294371312&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.192.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-192-96.compute-1.amazonaws.com
Software
/
Resource Hash
f2f577dd30717fb56374c9bcca678502cb87aaf55e5e48168f89839d67c4ce51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 23 Aug 2022 22:39:31 GMT
pxusr.gif
c.aaxads.com/ 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.aaxads.com/pxusr.gif
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.103.89.41 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-89-41.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

unused62
8096267
date
Sun, 04 Sep 2022 12:26:11 GMT
last-modified
Mon, 26 Feb 2018 13:29:58 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/gif
cache-control
max-age=369993
accept-ranges
bytes
content-length
43
expires
Thu, 08 Sep 2022 19:12:44 GMT
pxext.gif
www.aaxdetect.com/ 		43 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaxdetect.com/pxext.gif
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.239.15 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-239-15.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Unused62
8096267
Date
Sun, 04 Sep 2022 12:26:11 GMT
Last-Modified
Mon, 26 Feb 2018 13:29:58 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=251919
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Wed, 07 Sep 2022 10:24:50 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4490 		0
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIyE0QIQivniAhiyxs7IATAB&v=APEucNWRIRh0b_KArwEpZOfiL4tdEjb6SddIludi9r4HcWk3MkgvWGeIBMKhJs38fI6qpzQgvYRUQIIABW4_DramCS4A0_G_1w
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:11 GMT
expires
Sun, 04 Sep 2022 12:26:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 1D4F 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:18:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
2755732409155645664
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:18:48 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 1D4F 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 06:01:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23059
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2640
x-xss-protection
0
server
cafe
etag
2603454828624189567
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 06:01:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1D4F 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0_-oxfXrR8ZPW5OFn2R4Y4Q5jJfnRaS3i7RoNxr5zraLZ-ssd6Rh5iC2-wr-vEWPpvWrR0YCozgg9nxmPqJqaa56kWI3PIVcfWyM7rOSt0sHKD5alb2yqnORgXTQtjKzt_vbURvxF5n-AZgVJL_hnzeSmjvs1JuqsiHqo51UpvIt0lxcZI6p-tcYefenfkcjtdEGi0xcwg5MoW4a0XBskXDG3GEvyG8Nmv1hAIcNRKlC9eZof88r1kIDuFdPD7A53sF3W9IFWF7FrYVaL61D_gFHWLrRplEn_jndjSuVyVgk5m90yvBsAMjqF2a6RI-WLXXZjCNPJrM-FruGpYmwNXCdRAGPf7vRoV0phZW9866epRJwedT8vcXlUQaCLuMgr9LhgToQ2NjBl1mnf3cmoHjcryuBcdhnXgxBcbEFoiV14d09zZwnXTI5M6B-YnGWZ39jFYHMvz-ZI-KOyWbGg9jaqLEMsqd5x9apIs4IVhDGZUzgc28cjYnsRmH3h6Y51XXakVtSDeIHZzRpxqc1jfk4CFvNWOcW7BO6Llkl7YfOpEimY090ncIusbW_61WActS9mKw77wjZu9RjymfuZyLCER0ueMFhlv0_2zL1UAUlraTMKD6luNpUVTJclAna6cuF-UVz24NYIowNZzc1vnbtFMfiQWdvoQh-3BtfKxMcchwLk8YngWMM6guiLVf-ibhS4cKAdRjPDq0IDc9rAhsPkdE9XSsrgwAAP_q2K90XQ9nY2Sf12rm5KAJj67YdvvhWLlilaH-Rv2pNUrihT1k7aV13ZGfAyie4elTtP0Ckr8eLnAUdvpPL377__x13I7PcwUXZixEDPc9ABIs1ZZJ4Tjfq-qNOpcmcml9YOn2NXziGuzUniYQRrEPsjyT5nZOgMuhjIUC2li4LYuwGTmAw-wZMw21Bobgqaig659Yw7ybtm3HMpkc11R1XuJ3M7oPNlQS8ZwKDzUl1R4sTBzKhWGvqi14tWqUfy84J0TgNsT4JPhzOQksLyAEuCTikICB-KohkrsicYfBvSdLiiR2EXfwG4q2ZYsxhCd_ay-r-p-JEMvvpWhmUPlP7WLu6LkgKJdIl_QlNAkPc615dz91-R1ZvNJTj8zUAl0u4OwioSCCVCvU8LJmJiHLXWicMQAfivlD9EhXY4wfV58QpGgoB58tvIif8BIBKGJxHl0-xv7c7bH1wnzjVI1i2KHvFigov2vSa5w81dpGc_8Pd-WR7ktlxhsR5JTPVhamDhByNmABeQVUvGpl7iABONLhQLF_M&sai=AMfl-YTGdPMgBo0isTOx6XWOYdyuuXq5C5ciLg2UKSnSD6iyFCWLDoxyezKnDHpc02v3nKc-jK0twr3ygyKABHdTNXpFl_CB8Is3y1EOz5Uz7vMLC1_WWmGPGvBkXqx79O2jugkqteJlav43JuSRt4UlvkjfACM257esl3bzpmLHZTzaz0G66GB2QzJxJTAE0ScKng5FjmoKecTYu4nqMNr2rGX_FFzBKvkbrsxQ-gXGUwbwOkZIn_izVxhHT25d4PV28mqo4Vg_K-pLmTDVlHZisZbWZWV2M64_d5DAwdg65UTxEDkKtBXeoXhE6m8e3xzYaRQm7E4PqVcVdpn4jSz7d4Mhr2BfWcwt-2NU4zvMChKYEjWJ1DUW7vzmTwWOZN-fR1xJbZd2S1Ss61Y&sig=Cg0ArKJSzBzsbH-OgolcEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220831.84016&adurl=
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 04 Sep 2022 12:26:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1D4F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 16:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243411
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 16:49:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D4F 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BGGXwQ0rBwwaV1CXeUSEH_kwdleIQPYj4Tixa-aaEeOIwfi-IjZ_Wx--FJBJoFfRQDvXHi8afOGsGak1iVdK85VLihXlj5JvKAynuw38WHKiX-tyg
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 1D4F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
553
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:16:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1D4F 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Sep 2022 12:26:11 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 1D4F 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:02:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1400
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:02:51 GMT
l
www.google.com/ads/measurement/ Frame 1D4F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnfvATUC0zP7UCY5lIrQ5Niml-_CGc46lQniNkNg6V6sO06iRnlydiUmibY_rzEwMBIwRj
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
4108146554620563261
s0.2mdn.net/simgad/ Frame 1D4F 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4108146554620563261
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f2a8ca1705a3d8e66979c8df98e647b51d96906c013b6a047fa55eca49e813c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 09:18:09 GMT
x-content-type-options
nosniff
age
270482
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102288
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 06:07:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Sep 2023 09:18:09 GMT
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://themorningtribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://themorningtribune.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7456b64e1dc7bb59-FRA
content-length
0
date
Sun, 04 Sep 2022 12:26:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNUmoNTcOu8NK8iLGqzKiNDIn%2Bmyuw%2B7oHKQE70m6Cu5dVDtCARCAUgHoyDidwt4VtZ9Vq%2F2EsbXgG9isChlUUiuuHtUMQfVRV0iInlFlvrlX20MGizmT%2FypSSmZoJtParn2cK68ySbYMkR2fA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Access-Control-Request-Headers
arj
insticator-d.openx.net/w/1.0/ 		73 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fthemorningtribune.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9c0eceaa-a272-444c-8159-126f8bb3e484%2C65556de6-d497-4b52-9857-42edd2b5fde6%2Ca6e8c6d7-a767-4f7d-8b95-cd2656eb46e0%2C8e079339-f9f0-4420-b1c4-96ad4760ca7a%2C942388ea-76f6-42e2-b158-aba05361d9ee&nocache=1662294371477&pubcid=845634b6-9f56-4ff2-be82-6c2b6b937159&schain=1.0%2C1!insticator.com%2C4e60cb86-2850-46fb-bfca-bc9b7ff86475%2C1%2C%2C%2C&aus=320x50%2C336x280%2C300x250%7C320x50%2C336x280%2C300x250%7C320x50%2C336x280%2C300x250%7C320x50%2C336x280%2C300x250%7C728x90&divids=div-insticator-ad-3%2Cdiv-insticator-ad-1%2Cdiv-insticator-ad-4%2Cdiv-insticator-ad-5%2Cdiv-insticator-ad-anchor&aucs=themorningtribune.com-div-insticator-ad-3%2Cthemorningtribune.com-div-insticator-ad-1%2Cthemorningtribune.com-div-insticator-ad-4%2Cthemorningtribune.com-div-insticator-ad-5%2Cthemorningtribune.com-anchor-div-insticator-ad-anchor&auid=557552916%2C557552916%2C557552916%2C557552916%2C557552916
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
bdb836038c8f75a258010a01f6afbea1ca01b9eb3addfb7f0605475e68c3ab02

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://themorningtribune.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		749 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=153530&zone_id=771356%3B771360%3B771358%3B771360%3B771356&size_id=15%3B15%3B15%3B15%3B2&alt_size_ids=16%2C43%3B16%2C43%3B16%2C43%3B16%2C43%3B1&rp_schain=1.0,1!insticator.com,4e60cb86-2850-46fb-bfca-bc9b7ff86475,1,,,&rf=https%3A%2F%2Fthemorningtribune.com%2F&tg_i.pbadslot=themorningtribune.com-div-insticator-ad-3%3Bthemorningtribune.com-div-insticator-ad-1%3Bthemorningtribune.com-div-insticator-ad-4%3Bthemorningtribune.com-div-insticator-ad-5%3Bthemorningtribune.com-anchor-div-insticator-ad-anchor&tk_flint=pbjs_lite_v6.15.0&x_source.tid=72c71d05-d8dc-4ad7-9d3d-bc630f334943%3Bf44b6f6d-9cc6-4eff-9363-7d4c632eb848%3B0fe32af1-4b17-4ed0-b2ed-efe2dcf23945%3B2ecacc23-46cc-446c-857b-20ae78354c6e%3B9e1bcf31-ec6a-4fad-94b8-43e282f22b52&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=themorningtribune.com-div-insticator-ad-3%3Bthemorningtribune.com-div-insticator-ad-1%3Bthemorningtribune.com-div-insticator-ad-4%3Bthemorningtribune.com-div-insticator-ad-5%3Bthemorningtribune.com-anchor-div-insticator-ad-anchor&slots=5&rand=0.4111345300592364
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bd56a7cf8387fb93e395fcf3fc4cc743d9dd0097b612a931e13f7aebc4cb5b1c

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:11 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://themorningtribune.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
749
Expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
ex.ingage.tech/v1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5528cede3254230bed79bb66408ffb76f9c474a0f747518a2d6a13a4f5f064a0

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqagPIw5B4fYqD5FyZVl%2Bf2mTcof%2F15VQH4C89EgfA4lSV2Y2i98eE48a64sYPW%2FH5cpTvmx0vnP5Kuk083PEzLNY0wxeNfEu%2FSGhr2Okojze42Lcx%2F6aaOKayXYesKO7YEF%2F3uKX9v6BN2DIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://themorningtribune.com
access-control-allow-credentials
true
cf-ray
7456b64ee87892b3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
c
prebid.a-mo.net/a/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://themorningtribune.com
date
Sun, 04 Sep 2022 12:26:10 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
2
vary
origin, Accept-Encoding
hb
ssc.33across.com/api/v1/ 		87 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atx4xsU7Or6R0PaKlId8sQ
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
cfea3cc65b2e1e3800e7e4d0ab98ef2b9295ee989eeeba105e2d15d2ea71e632

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://themorningtribune.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atx4xsU7Or6R0PaKlId8sQ
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
cfea3cc65b2e1e3800e7e4d0ab98ef2b9295ee989eeeba105e2d15d2ea71e632

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://themorningtribune.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atx4xsU7Or6R0PaKlId8sQ
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
cfea3cc65b2e1e3800e7e4d0ab98ef2b9295ee989eeeba105e2d15d2ea71e632

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://themorningtribune.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atx4xsU7Or6R0PaKlId8sQ
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
cfea3cc65b2e1e3800e7e4d0ab98ef2b9295ee989eeeba105e2d15d2ea71e632

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://themorningtribune.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atx4xsU7Or6R0PaKlId8sQ
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
cfea3cc65b2e1e3800e7e4d0ab98ef2b9295ee989eeeba105e2d15d2ea71e632

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://themorningtribune.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
prebid
ib.adnxs.com/ut/v3/ 		608 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f43aac1d05f628013e1dfbe944e0b66a2af6677e8dc16019dba33d7e7c801220
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 04 Sep 2022 12:26:11 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1cda1211-f959-4331-ac8e-1ed8a0444762
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://themorningtribune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		94 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
0cd49f5f5bf39969438ba8096f45fcecc554cad9bfc854eefb31c491c0f6c26b

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 04 Sep 2022 12:26:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://themorningtribune.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
close-btn.png
embedproduction.s3.amazonaws.com/files/images/ 		592 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embedproduction.s3.amazonaws.com/files/images/close-btn.png
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.201.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:12 GMT
Last-Modified
Tue, 26 Nov 2019 16:29:04 GMT
Server
AmazonS3
x-amz-request-id
21CBGCD4E85W6V8S
ETag
"2298668a0d4b08e7d3e9726cf42696e9"
Content-Type
image/png
x-amz-version-id
.AkIXgBEyCWDe8DX4oIvcL6LAIAooFgY
Accept-Ranges
bytes
Content-Length
592
x-amz-id-2
ida1nJuBqILnna662V+R1dK/7QulDE+bZE4eRQGDZrZf4xY1P2QQ2UBU18Sl7crHBF4TEUEcJVs=
log
l3.aaxads.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&wHos=187&dgw=desktop&flg=AAXJ0S45T&fw=FRANKFURT&ff=DE&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=themorningtribune.com&vhuyqdph=ssp-serving-757987f55f-mhtnp&vyu=083012_436_090111_389_ssp&vf=HE&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001662294371337023283072005599&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=1&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_control&deg=2&fdeg=0&gdeg=2&ghqg=186&fhqg=18&hqg=20&gvwduw=18&fvwduw=18&vwduw=18&uhtxuo=https%3A%2F%2Fthemorningtribune.com%2F&nzui=https%3A%2F%2Fwww.google.com%2F%3F%26
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.103.89.41 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-89-41.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:11 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 04 Sep 2022 12:26:11 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1D4F 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0_-oxfXrR8ZPW5OFn2R4Y4Q5jJfnRaS3i7RoNxr5zraLZ-ssd6Rh5iC2-wr-vEWPpvWrR0YCozgg9nxmPqJqaa56kWI3PIVcfWyM7rOSt0sHKD5alb2yqnORgXTQtjKzt_vbURvxF5n-AZgVJL_hnzeSmjvs1JuqsiHqo51UpvIt0lxcZI6p-tcYefenfkcjtdEGi0xcwg5MoW4a0XBskXDG3GEvyG8Nmv1hAIcNRKlC9eZof88r1kIDuFdPD7A53sF3W9IFWF7FrYVaL61D_gFHWLrRplEn_jndjSuVyVgk5m90yvBsAMjqF2a6RI-WLXXZjCNPJrM-FruGpYmwNXCdRAGPf7vRoV0phZW9866epRJwedT8vcXlUQaCLuMgr9LhgToQ2NjBl1mnf3cmoHjcryuBcdhnXgxBcbEFoiV14d09zZwnXTI5M6B-YnGWZ39jFYHMvz-ZI-KOyWbGg9jaqLEMsqd5x9apIs4IVhDGZUzgc28cjYnsRmH3h6Y51XXakVtSDeIHZzRpxqc1jfk4CFvNWOcW7BO6Llkl7YfOpEimY090ncIusbW_61WActS9mKw77wjZu9RjymfuZyLCER0ueMFhlv0_2zL1UAUlraTMKD6luNpUVTJclAna6cuF-UVz24NYIowNZzc1vnbtFMfiQWdvoQh-3BtfKxMcchwLk8YngWMM6guiLVf-ibhS4cKAdRjPDq0IDc9rAhsPkdE9XSsrgwAAP_q2K90XQ9nY2Sf12rm5KAJj67YdvvhWLlilaH-Rv2pNUrihT1k7aV13ZGfAyie4elTtP0Ckr8eLnAUdvpPL377__x13I7PcwUXZixEDPc9ABIs1ZZJ4Tjfq-qNOpcmcml9YOn2NXziGuzUniYQRrEPsjyT5nZOgMuhjIUC2li4LYuwGTmAw-wZMw21Bobgqaig659Yw7ybtm3HMpkc11R1XuJ3M7oPNlQS8ZwKDzUl1R4sTBzKhWGvqi14tWqUfy84J0TgNsT4JPhzOQksLyAEuCTikICB-KohkrsicYfBvSdLiiR2EXfwG4q2ZYsxhCd_ay-r-p-JEMvvpWhmUPlP7WLu6LkgKJdIl_QlNAkPc615dz91-R1ZvNJTj8zUAl0u4OwioSCCVCvU8LJmJiHLXWicMQAfivlD9EhXY4wfV58QpGgoB58tvIif8BIBKGJxHl0-xv7c7bH1wnzjVI1i2KHvFigov2vSa5w81dpGc_8Pd-WR7ktlxhsR5JTPVhamDhByNmABeQVUvGpl7iABONLhQLF_M&sai=AMfl-YTGdPMgBo0isTOx6XWOYdyuuXq5C5ciLg2UKSnSD6iyFCWLDoxyezKnDHpc02v3nKc-jK0twr3ygyKABHdTNXpFl_CB8Is3y1EOz5Uz7vMLC1_WWmGPGvBkXqx79O2jugkqteJlav43JuSRt4UlvkjfACM257esl3bzpmLHZTzaz0G66GB2QzJxJTAE0ScKng5FjmoKecTYu4nqMNr2rGX_FFzBKvkbrsxQ-gXGUwbwOkZIn_izVxhHT25d4PV28mqo4Vg_K-pLmTDVlHZisZbWZWV2M64_d5DAwdg65UTxEDkKtBXeoXhE6m8e3xzYaRQm7E4PqVcVdpn4jSz7d4Mhr2BfWcwt-2NU4zvMChKYEjWJ1DUW7vzmTwWOZN-fR1xJbZd2S1Ss61Y&sig=Cg0ArKJSzBzsbH-OgolcEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=85&vt=11&dtpt=84&dett=2&cstd=0&cisv=r20220831.84016&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Sep 2022 12:26:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2813 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
243411
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Sep 2022 16:49:20 GMT
expires
Fri, 01 Sep 2023 16:49:20 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1D4F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac94be5d386b8ebdbfc6c8a34573850e9041482111f9b5c95da88af3c9152755

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 2813 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 16:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Sep 2023 16:16:51 GMT
container.html
7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1D5C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202208101343/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:10 GMT
expires
Mon, 04 Sep 2023 12:26:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/6114/ Frame F72A 		212 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/6114/pwt.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-184-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
19224a7a57346c84e045ffa4d33ace67e09b9369b22f26c5521b3fe1f9623800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:12 GMT
content-encoding
gzip
last-modified
Fri, 05 Aug 2022 22:22:21 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=33346
accept-ranges
bytes
content-type
application/javascript
content-length
66266
expires
Sun, 04 Sep 2022 21:41:58 GMT
occ
ups.analytics.yahoo.com/ups/58543/ Frame E18B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Sun, 04 Sep 2022 12:26:11 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
cookiesyncendpoint
sync.aniview.com/ Frame 2847
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662294371581-968203717226-007167-003-004163%26biddername%3D105%26pid%3D5d8ccec...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662294371581-968203717226-007167-003-004163&biddername=105&pid=5d8ccec528a0617cae5a0755&key=10b6f084-27b4-4cd3-a573-b218ef3a216e&gdpr=1&gdpr_consen...
0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1662294371581-968203717226-007167-003-004163&biddername=105&pid=5d8ccec528a0617cae5a0755&key=10b6f084-27b4-4cd3-a573-b218ef3a216e&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.87.80.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-80-187.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sun, 04 Sep 2022 12:26:12 GMT

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
0
date
Sun, 04 Sep 2022 12:26:11 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1662294371581-968203717226-007167-003-004163&biddername=105&pid=5d8ccec528a0617cae5a0755&key=10b6f084-27b4-4cd3-a573-b218ef3a216e&gdpr=1&gdpr_consent=&us_privacy=
server
envoy
x-envoy-upstream-service-time
1
pixel
ap.lijit.com/ Frame E8F8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662294371581-968203717226-007167-003-004163%26biddername%3D18%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Sun, 04 Sep 2022 12:26:11 GMT
X-Sovrn-Pod
ad_ap2ams1
/
ssc-cms.33across.com/ps/ Frame DD87 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00001rrPUnAAM&us_privacy=1---&ru=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662294371581-968203717226-007167-003-004163%26biddername%3D104%26pid%3D5d8ccec528a0617cae5a0755%26key%3D33XUSERID33X
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
server
33XP001
x-33x-status
2000208
usync.html
eus.rubiconproject.com/ Frame EED5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 04 Sep 2022 12:26:11 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 04 Sep 2022 12:26:11 GMT
location
https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
server
AkamaiGHost
services
sync.technoratimedia.com/ Frame 8AB0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1662294371581-968203717226-007167-003-004163&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662294371581-968203717226-007167-003-004163%26biddername%3D3%26key%3D%5BUSER_ID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.226.63.138 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://themorningtribune.com/
age
0
date
Sun, 04 Sep 2022 12:26:11 GMT
server
nginx
via
1.1 varnish
x-varnish
186613544
cookiesyncendpoint
sync.aniview.com/ Frame 8907
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662294371581-968203717226-007167-003-004163%26biddername%3D22%26key%3D%7BPUB_USE...
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662294371581-968203717226-007167-003-004163%26biddername%3D22%26key%3D%7BP...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662294371581-968203717226-007167-003-004163&biddername=22&key=f3c331e2-7642-4baa-ace4-b3e656ff74ad
0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1662294371581-968203717226-007167-003-004163&biddername=22&key=f3c331e2-7642-4baa-ace4-b3e656ff74ad
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.87.80.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-80-187.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sun, 04 Sep 2022 12:26:12 GMT

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Sun, 04 Sep 2022 12:26:11 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1662294371581-968203717226-007167-003-004163&biddername=22&key=f3c331e2-7642-4baa-ace4-b3e656ff74ad
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4BE4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662294371581-968203717226-007167-003-004163%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-184-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=42508
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 04 Sep 2022 12:26:12 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 05 Sep 2022 00:14:40 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame 97B4
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662294371581-968203717226-007167-003-004163%26bidderna...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1662294371581-968203717226-007167-003-004163&biddername=10&pid=59c9148628a0612da3689288&key=gBBWA5FNuFSZ&ev=1&us_privacy=${us_privacy}&pid=562704
0
207 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1662294371581-968203717226-007167-003-004163&biddername=10&pid=59c9148628a0612da3689288&key=gBBWA5FNuFSZ&ev=1&us_privacy=${us_privacy}&pid=562704
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.87.80.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-87-80-187.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sun, 04 Sep 2022 12:26:12 GMT

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
content-language
de-DE
cw-server
bh-deployment-dd6bdcf45-dh5qv
expires
-1
location
https://sync.aniview.com/cookiesyncendpoint?auid=1662294371581-968203717226-007167-003-004163&biddername=10&pid=59c9148628a0612da3689288&key=gBBWA5FNuFSZ&ev=1&us_privacy=${us_privacy}&pid=562704
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
avpb6.27.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame F72A 		178 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:ea:4a5::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdt80KwvuvcB4FxqhgeqGYPsyN6EECdgJ1I4qKIXJChYznG0WK40ZoPhRVqeO3tQ5eksPFkCT6fRk46lIRSOTar8KvBYkq9l
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
54791
last-modified
Tue, 30 Aug 2022 07:41:06 GMT
server
UploadServer
etag
"f119bcda7895dcafdf1afb9e057db96a"
vary
Accept-Encoding
x-goog-hash
crc32c=g/uFjQ==, md5=8Rm82niV3K/fGvueBX25ag==
x-goog-generation
1661845265993220
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
54791
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Sep 2022 12:31:11 GMT
avpb6.27.0a3.js
player.aniview.com/script/6.1/libs/prebid/ Frame F72A 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:ea:4a5::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
737ecccfd5058eeb7a46e5ea9616822be78a60668342b22f2fcfae3130f7d8c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvlDiX5TwQZAmQAH-GCAQ0vExgJugoCYSsy71-JTxAvq6zafl8v87Yr_DKjo25_zX4XDksvlj2WDOLY2xkSx5r1EK0y3kDx
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20155
last-modified
Tue, 30 Aug 2022 07:41:06 GMT
server
UploadServer
etag
"395e7c9c54f101472de0d326d39eee5e"
vary
Accept-Encoding
x-goog-hash
crc32c=MDfEzg==, md5=OV58nFTxAUct4NMm057uXg==
x-goog-generation
1661845266183553
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20155
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Sep 2022 12:31:11 GMT
avpb6.27.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame F72A 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:ea:4a5::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdurohrl6uDs0_vddVf0UC67b2ByCU3sLBDWKIQzXDaZzT3JRf128I5yVA0gf9FSYAxo08WoIKuacg_hqwq_mL5Mjg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
22126
last-modified
Tue, 30 Aug 2022 07:41:06 GMT
server
UploadServer
etag
"5c353f7870f0b95d052916a0d375be59"
vary
Accept-Encoding
x-goog-hash
crc32c=xmKZqQ==, md5=XDU/eHDwuV0FKRag03W+WQ==
x-goog-generation
1661845266168810
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
22126
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Sep 2022 12:31:11 GMT
avpb6.27.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame F72A 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:ea:4a5::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
57a18b6c18cc1cb382fc80abd6302ee9c092d472b15d257fd911d942e6def986

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvnYJzUr3IqGYRcke2HVqOTiTWd1RngcfkENq-tKWcMqbqnA1kCEdBfzgxu5sSeCMPVuR-M6zyIZVfI5LD03BalwA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
24663
last-modified
Tue, 30 Aug 2022 07:41:06 GMT
server
UploadServer
etag
"d58c8aa0ae95a47cd8d2b96d1378a627"
vary
Accept-Encoding
x-goog-hash
crc32c=zBdP+A==, md5=1YyKoK6VpHzY0rltE3imJw==
x-goog-generation
1661845266160999
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
24663
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Sep 2022 12:31:11 GMT
avpb6.27.0a2.js
player.aniview.com/script/6.1/libs/prebid/ Frame F72A 		68 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a2.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:ea:4a5::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3d339d8964a7cbfedf6d7bede292d224a5fe885ee37ffc9ee1a9220851a1ee4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdt4XG7KZg4cMGIUzR-lip7FmTOPSBPRAlIsE7lKvcmzblCxeJgjad9PY7BzMBqIllCeJf_fQiwTl4uh9a0SAim5pTkEth0K
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20618
last-modified
Tue, 30 Aug 2022 07:41:06 GMT
server
UploadServer
etag
"24bb351cb8f18365caa0e3a69b1f7fc6"
vary
Accept-Encoding
x-goog-hash
crc32c=kbG7rQ==, md5=JLs1HLjxg2XKoOOmmx9/xg==
x-goog-generation
1661845266155242
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20618
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 04 Sep 2022 12:31:11 GMT
s2s
s2s.aniview.com/api/adserver/ 		1 B
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=cb50abed38a86a8f30b86f091ab7fe7e_172315380&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1662294371581-968203717226-007167-003-004163&AV_VIDEOURL=https%3A%2F%2Fd2nr2jos5slco1.cloudfront.net%2FAniview-Content%2Fvideo_themorningtribune.com_1.mp4&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fthemorningtribune.com%2F&AV_PUBLISHERID=5d8ccec528a0617cae5a0755&AV_CHANNELID=62e9f831047b15547d6d6c55&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=themorningtribune.com&AV_DADPOS=1&AV_TAG=62ea643a05e77f1a0c00c9b4&AV_TEMPLATE=62ea5e3167828879e326ddc8&d36=6.2.52&responsive=1&sver=2&avtoken=371298&omv=1.0.1&clsid=d00197d8-08e3-4c75-b41e-74606b53da6c&rando=50&AV_WIDTH=640&AV_HEIGHT=361&AV_DNT=0&cb=2294371680&wfc=1&tgt=0&tiv=W251bGwsbnVsbCxbeyJzZXJ2ZXJJZCI6Ijg0MzRkZmQ0LTViMGYtNDU2Yi05ZWFiLTY0ZDA0YzdhMzlhMCIsImxvb2t1cElkIjoiMWQxZTRiOTgtMTYyYy00YjIyLWE3ZDktZjNkM2RiY2JjZTM3IiwiaXZ0Ijp0cnVlLCJpdnRUYXhvbm9teSI6WyJVQy1JVlRfTUwiXX1dXQ==&AV_VI=100&AV_VID=0&d4=1&d5=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.249.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-249-45.compute-1.amazonaws.com
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Sep 2022 12:26:12 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 23 Aug 2022 22:39:32 GMT
vast.xml
video-ads.rubiconproject.com/video/17062/153310/1184988/201/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/17062/153310/1184988/201/vast.xml?tg_i.site=https%3A%2F%2Fthemorningtribune.com%2F
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash
265688c7497ecaf5df0160573afd162e8644792b02b8ed3aa78338111f4e70a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:11 GMT
Content-Encoding
gzip
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://themorningtribune.com
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
905
Expires
Sun, 04 Sep 2022 12:26:11 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=themorningtribune.com&rs=themorningtribune.com&sid=58605&t=1662294371&cip=138.199.38.132&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=640&he=361&app=&AV_PUBLISHERID=5d8ccec528a0617cae5a0755&test=&aafaid=&proto=https&uid=1662294371581-968203717226-007167-003-004163&cha=0.7&stagid=62ea643a05e77f1a0c00c9b4&stplid=62ea5e3167828879e326ddc8&d35=&d36=6.2.52&cb=32400943911&d39=&d65=&apppkg=&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=640&AV_HEIGHT=361&nid=5d8ccec528a0617cae5a0755&ncid=62e9f831047b15547d6d6c55&e=request&cb=1662294371683&asid=6155e016102aed613d5a078a%2C5dfd219928a0611cc67aa480%2C62ea12f3571e5e3ad6404c84%2C5e1c4da728a0617f290fdd80%2C5e20b7d528a06138860d91d1%2C6304f48af8eb8561aa529e06%2C5e1c4dd728a061275b5ac94a%2C60414ba6ade1b701b92fca87%2C5defa4e328a0611122433595%2C5dfd226628a061298153b3b0%2C5e20b88f28a0611a7d37f3d6%2C62ea138c9daccc1c2350329c%2C60ae9fb1302c8b408a6b0367%2C602ed2dd55e2fb369f165814&ofpr=1.15%2C1.15%2C1.15%2C0.99%2C1%2C%2C0.95%2C1.15%2C%2C1.15%2C2.4%2C1.15%2C0.99%2C1.15&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.189.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-189-122.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 1D5C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:16:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
603
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9632
x-xss-protection
0
server
cafe
etag
2755732409155645664
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:16:08 GMT
css
fonts.googleapis.com/ Frame 1D5C 		8 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 04 Sep 2022 11:34:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 04 Sep 2022 12:26:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Sep 2022 12:26:11 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/ Frame 1D5C 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.css
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 13:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515527
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:45:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 13:14:04 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/ Frame 1D5C 		357 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
253d9f8f590d4a7587f9ea63e6a1ec9a58800359dfb311dbf9d793bcfd46b128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 13:14:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515527
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126309
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:45:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Aug 2023 13:14:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 1D5C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:17:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
522
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:17:29 GMT
l
www.google.com/ads/measurement/ Frame 1D5C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaStoHKM_KblNdIkwW4_Cu5fCkXPSI4VwAxweMMcdStn-zR6OrOBFtkXf3EyTpZ9pPD4T-4T
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
prebid
ib.adnxs.com/ut/v3/ 		137 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f3788564f7a924d1a979c8a304966e21bf746f0ccbf57657122704f9402b905a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:11 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
35f968e1-298e-479f-8286-2221fb369124
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://themorningtribune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
137
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.44.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-44-243.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8f286cc197ff13c59948bd43178964c3da6df9d38522b0a888e2c940cf513d9c

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.44.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-44-243.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
074442d7bd5fd3a2dad1f2e00d70b730c82cd875a9b443216ff837070706ee32

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
avjp
insticator-d.openx.net/v/1.0/ 		106 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthemorningtribune.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5ee0de7f-1c44-49d4-9898-6d854a35fb99&nocache=1662294371792&schain=1.0%2C1!insticator.com%2C4e60cb86-2850-46fb-bfca-bc9b7ff86475%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A640%2C%22h%22%3A361%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=557890320&vwd=640&vht=361&aumfs=1150
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:11 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://themorningtribune.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:11 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
header
hb.aralego.com/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2664AD8DA9946EF4A4747E967E47ED&tdid=&schain=1.0%2C1!insticator.com%2C4e60cb86-2850-46fb-bfca-bc9b7ff86475%2C1%2C%2C%2C&fp=1.15&eids=&host=themorningtribune.com&u=themorningtribune.com&xr=0&ao=https%3A%2F%2Fthemorningtribune.com&ucfUid=53a91582-f0be-42a1-87d7-0295c9eda3ba&w=640&h=361&atype=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://themorningtribune.com
date
Sun, 04 Sep 2022 12:26:11 GMT
access-control-allow-credentials
true
connection
close
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.44.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-44-243.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
7401e53b32c0a5833974745e89e440d10c16b36c198052a2df147952104d01b1

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
v1
prg.smartadserver.com/prebid/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:11 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4a9f99689e64455b029e6dbe9dc4395e3ea0ec04d8c20d0034d5ab3f4c145a01
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:11 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
67206e4c-c521-4457-9806-74abfccdc5a5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://themorningtribune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
hb.yellowblue.io/ 		129 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.yellowblue.io/hb?auction_start=1662294371796&ad_unit_code=6155e016102aed613d5a078a&tmax=8000&width=640&height=361&publisher_id=6124caed9c7adb0001c028d8&floor_price=1.15&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.52%20Safari%2F537.36&bid_id=20eace59aceb756&bidder_request_id=19db9e00c8c2fb4&transaction_id=4fc5991b-7805-44a1-98bc-0ce7c682d165&session_id=3674bfa9-7df3-4331-9535-4cc51a197426&is_wrapper=false&publisher_name=themorningtribune.com&site_domain=themorningtribune.com&bidder_version=4.0.0&cs_method=iframe&schain=1.0%2C1!insticator.com%2C4e60cb86-2850-46fb-bfca-bc9b7ff86475%2C%2C%2C%2C&referrer=https%3A%2F%2Fthemorningtribune.com%2F&page_url=https%3A%2F%2Fthemorningtribune.com%2F
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.81.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-81-87.compute-1.amazonaws.com
Software
/
Resource Hash
72b91e5f107c26ffaeb13d05378bc60f27f2579848aac263163abb8c6d3ef6d2

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Sep 2022 12:26:12 GMT
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://themorningtribune.com
x-reason
maxmind hosting provider
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
129
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.44.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-44-243.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
22c5f0e93057e0fcad61db8352f169febdf92dbeea3561ece9dd03de1e1bf247

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		187 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.44.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-44-243.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3c2285e57a84e6536aabd3b30f96955a5ef0add57c594ff37961dab95395a2fa

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
gzip
x-prebid
pbs-java/1.97.0
content-type
application/json
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
177
expires
0
usync.js
eus.rubiconproject.com/ Frame EED5 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19393
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Sun, 04 Sep 2022 17:49:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2813 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgjfdYpkUY_6fNKG39u8P6uuJ-AYAAAAAOAHgBAI&bg=!m5ilmNzNAAZTikH4c4o7ACkAdvg8Wl1fpFs1J0P52DRiDtDZzkv5M-GMH9ZUtjmPoVjbbTfYoHb08AIAAADCUgAAAAFoAQeZAvNwPRBOaEP98gZodyH6_6woNvp9wfMKqeXnpuXULom8MUsfT7l9HH16exn5Ar0NlPHrcysbeU3LNdwc7m4lvpx4sWnut9gcWLepknSTlJrxNCTLmuUnq4VzlCjGRzrsdRdegPGg1Si8y1ogjK5iivROmXvVb9gYSj3NE-G7oUT0EWqrkwfO0Ph7VSVmzOIINuZuo39K1QK7rYuGuT1Hg5rieBO0i5jD-6Wv5j8KQgOBfKARacnegZQaZHie-2M7tC_GMKfuzwuRN9Odjr5nXYeTSsL0CysVKLNEezohtX8Wv5_cRf3-nn-AAzHTe4c4OedVA4nsqulDWFy-FFSGf1UaImXrmtWESlc8ZPC63wDC6nCcSa4yUJ9fq_4IHycTmGLPuSHtQ7aHW-GkmzsUk3KRIYyVnufwWTWkXcQplXllzNZklFWJLhZhvFRWbau0LimHcrOPR36kf3FFy4Dg70JigGmyTMRcnEFwL6xS_akAonuNAmGddROSnR052laXf9_niw5wSsZagq_vLtvh979J94UcmQTTWV06N5g2aVd-M7oEBsDT9-uWmhKTY30bJbZHWaccbvb_Y46MjclEACsuR5-SSK7B9Q8SCu--MwLVs_n68RAobdEHyLI5D-ahtYHh1c5kaOVqBUHFvSw_WOv0qIY6COOTRIDPgspqyQug8bwhOspJ9Ep1GEGWNX89kWIl_bzq1BU30tSXn5zQcICbZDPeOr2o7fOc6ljxFwkITH8YFJrG-1Dz0115d7rybDZSYtk3DQ_T8QFvVsjLZ622kOc9-MecemtYb-TRupJPLMNumqnXFOoehumDKg2b78ijoRCyge3rx7yohsS0CfpB8NyRVpQdHuBoOCUvHYjRl5w8wimfJMdXpQK6GSQa384dn0cJQshZ4izsbL-Wrg4-6QH2LKvdtbu0CrLtN_lKaagLGIpPF8MkimkTYt8RMKeNo1BwFttVSMU1J-TrfOleGCAxWNQygyOQ8Iug7puDfom0Lg
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.163.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-163-91.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://themorningtribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://themorningtribune.com
access-control-max-age
3600
content-length
0
date
Sun, 04 Sep 2022 12:26:11 GMT
vary
Origin
event
event.insticator.com/v1/ 		0
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Requested by
Host: d2f0uviei09pxb.cloudfront.net
URL: https://d2f0uviei09pxb.cloudfront.net/ads-code/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.163.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-163-91.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://themorningtribune.com
date
Sun, 04 Sep 2022 12:26:12 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=themorningtribune.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=themorningtribune.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Sep 2022 12:26:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1236502681305917&correlator=1315560070176248&eid=31068457%2C31069285%2C44761477%2C31065644%2C31068897%2C31067826&output=ldjh&gdfp_req=1&vrg=2022083101&ptt=17&impl=fif&iu_parts=2507246%3A22741543808%2Cthemorningtribune.com_Web_300x250_5&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C320x50%7C250x250%7C320x100%7C300x250&ifi=4&adks=1153366966&sfv=1-0-38&fsapi=false&prev_scp=h%3D12%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dthemorningtribune.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=4&cust_params=ip%3D0%26he%3D0&ppid=845634b6-9f56-4ff2-be82-6c2b6b937159&sc=1&cookie=ID%3Dfbd37a599277c704-2278fd8312ce0061%3AT%3D1662294370%3AS%3DALNI_MYZeLW9rMobmwLcJMD-4w51_mUXYw&cdm=themorningtribune.com&abxe=1&dt=1662294371920&dlt=1662294370549&idt=215&adxs=550&adys=423&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=themorningtribune.com&loc=https%3A%2F%2Fthemorningtribune.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&psz=730x280&msz=336x-1&fws=0&ohw=0&ga_vid=1762745442.1662294371&ga_sid=1662294371&ga_hid=2099035388&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f93b59e460574ea6f93317f0f3b49aa69354a696022673a2b1a4ec6b35221fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9633
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1236502681305917&correlator=1315560070176248&eid=31068457%2C31069285%2C44761477%2C31065644%2C31068897%2C31067826&output=ldjh&gdfp_req=1&vrg=2022083101&ptt=17&impl=fif&iu_parts=2507246%3A22741543808%2Cthemorningtribune.com_Web_300x250_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C320x50%7C250x250%7C320x100%7C300x250&ifi=5&adks=3237052062&sfv=1-0-38&fsapi=false&prev_scp=h%3D12%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dthemorningtribune.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=4&cust_params=ip%3D0%26he%3D0&ppid=845634b6-9f56-4ff2-be82-6c2b6b937159&sc=1&cookie=ID%3Dfbd37a599277c704-2278fd8312ce0061%3AT%3D1662294370%3AS%3DALNI_MYZeLW9rMobmwLcJMD-4w51_mUXYw&cdm=themorningtribune.com&abxe=1&dt=1662294371923&dlt=1662294370549&idt=215&adxs=320&adys=793&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=themorningtribune.com&loc=https%3A%2F%2Fthemorningtribune.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&psz=960x280&msz=336x-1&fws=0&ohw=0&ga_vid=1762745442.1662294371&ga_sid=1662294371&ga_hid=2099035388&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2818e59b774d92a3693a31dc0432ecfeb2d003c423d48e89902b289202690067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9748
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1236502681305917&correlator=1315560070176248&eid=31068457%2C31069285%2C44761477%2C31065644%2C31068897%2C31067826&output=ldjh&gdfp_req=1&vrg=2022083101&ptt=17&impl=fif&iu_parts=2507246%3A22741543808%2Cthemorningtribune.com_Web_300x250_6&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C320x50%7C250x250%7C320x100%7C300x250&ifi=6&adks=1535076792&sfv=1-0-38&fsapi=false&prev_scp=h%3D12%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dthemorningtribune.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=4&cust_params=ip%3D0%26he%3D0&ppid=845634b6-9f56-4ff2-be82-6c2b6b937159&sc=1&cookie=ID%3Dfbd37a599277c704-2278fd8312ce0061%3AT%3D1662294370%3AS%3DALNI_MYZeLW9rMobmwLcJMD-4w51_mUXYw&cdm=themorningtribune.com&abxe=1&dt=1662294371927&dlt=1662294370549&idt=215&adxs=320&adys=3435&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=themorningtribune.com&loc=https%3A%2F%2Fthemorningtribune.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&psz=630x280&msz=336x-1&fws=0&ohw=0&ga_vid=1762745442.1662294371&ga_sid=1662294371&ga_hid=2099035388&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21763a2b6c1fb1dc7fbb01a616585697b96f9245f83534c97cefa30eefbf5ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9781
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1236502681305917&correlator=1315560070176248&eid=31068457%2C31069285%2C44761477%2C31065644%2C31068897%2C31067826&output=ldjh&gdfp_req=1&vrg=2022083101&ptt=17&impl=fif&iu_parts=2507246%3A22741543808%2Cthemorningtribune.com_Web_300x250_7&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C320x50%7C250x250%7C320x100%7C300x250&ifi=7&adks=1559771144&sfv=1-0-38&fsapi=false&prev_scp=h%3D12%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dthemorningtribune.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=4&cust_params=ip%3D0%26he%3D0&ppid=845634b6-9f56-4ff2-be82-6c2b6b937159&sc=1&cookie=ID%3Dfbd37a599277c704-2278fd8312ce0061%3AT%3D1662294370%3AS%3DALNI_MYZeLW9rMobmwLcJMD-4w51_mUXYw&cdm=themorningtribune.com&abxe=1&dt=1662294371931&dlt=1662294370549&idt=215&adxs=320&adys=3777&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=themorningtribune.com&loc=https%3A%2F%2Fthemorningtribune.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&psz=960x280&msz=336x-1&fws=0&ohw=0&ga_vid=1762745442.1662294371&ga_sid=1662294371&ga_hid=2099035388&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
310b1292105c91fd94ec1f3f8985ee3f806fbd6094f3a56328f222231d4e844d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9699
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1236502681305917&correlator=1315560070176248&eid=31068457%2C31069285%2C44761477%2C31065644%2C31068897%2C31067826&output=ldjh&gdfp_req=1&vrg=2022083101&ptt=17&impl=fif&iu_parts=2507246%3A22741543808%2Cthemorningtribune.com-anchor&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=8&adks=1176239122&sfv=1-0-38&fsapi=false&prev_scp=h%3D12%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dthemorningtribune.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=4&cust_params=ip%3D0%26he%3D0&ppid=845634b6-9f56-4ff2-be82-6c2b6b937159&sc=1&cookie=ID%3Dfbd37a599277c704-2278fd8312ce0061%3AT%3D1662294370%3AS%3DALNI_MYZeLW9rMobmwLcJMD-4w51_mUXYw&cdm=themorningtribune.com&abxe=1&dt=1662294371935&dlt=1662294370549&idt=215&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=themorningtribune.com&loc=https%3A%2F%2Fthemorningtribune.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=640&ohw=0&ga_vid=1762745442.1662294371&ga_sid=1662294371&ga_hid=2099035388&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bdb2688dc9058242e29544463f658e20782201dea252fe7e7b8ab2d2642f410
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10711
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		38 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1236502681305917&correlator=1315560070176248&eid=31068457%2C31069285%2C44761477%2C31065644%2C31068897%2C31067826&output=ldjh&gdfp_req=1&vrg=2022083101&ptt=17&impl=fif&iu_parts=2507246%3A22741543808%2Cthemorningtribune.com-interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=9&adks=2839294087&sfv=1-0-38&ists=1&fas=8&fsapi=false&eri=4&cust_params=ip%3D0%26he%3D0&ppid=845634b6-9f56-4ff2-be82-6c2b6b937159&sc=1&cookie=ID%3Dfbd37a599277c704-2278fd8312ce0061%3AT%3D1662294370%3AS%3DALNI_MYZeLW9rMobmwLcJMD-4w51_mUXYw&cdm=themorningtribune.com&abxe=1&dt=1662294371938&dlt=1662294370549&idt=215&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=themorningtribune.com&loc=https%3A%2F%2Fthemorningtribune.com%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1762745442.1662294371&ga_sid=1662294371&ga_hid=2099035388&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1a93d02455c4b35fa2fc63b4cdb4034988248e0df443e248beb1e01b9557ff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15078
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads_2022083101.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022083101.js?cb=31069285
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c961539bdea05629dbcd160e681e5b4490386aeb13c22bd36d905dbf3c545bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 10:56:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
350967
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13594
x-xss-protection
0
last-modified
Wed, 31 Aug 2022 08:36:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 31 Aug 2023 10:56:44 GMT
csi
csi.gstatic.com/ Frame 1D5C 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l7nb5e9o&c=7449787042808&slotId=3724893521404&qqid=CNyuhoyR-_kCFU2L_QcdYQoIeA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4003:c13::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1D5C 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 05:29:41 GMT
x-content-type-options
nosniff
age
24990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 05:29:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1D5C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 08:01:51 GMT
x-content-type-options
nosniff
age
275060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 08:01:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D5C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CnRpZY5kUY5zxCs2W9u8P4ZSgwAe82qKabIrjvazlD_AuEAEgxfDOhAFglYKAgJQHoAGg8ufyKMgBBakC1oYXkBazsD6oAwHIA5sEqgSZAk_QodXoTznpv6MhE-ZhZeM7zFaYoy8L2G4bdIY53aN3LXMvWtAjsyoXnLf3B7euKD0xV1eu2Qdkqx5Rv3DnuyDNDz50H5paJ6KkX9YpLb3cPT22T9wTcNuoCo_mxFF7k6wB5tiKXoOeZL_RHq_xiloHFsLGDLb3-Qt2j5Ste5PGzXijkZ25lw2arNaDt03DOGWuUOQm-ySMwNNAqOnp8AzkrVdA4l03koHM7qfcDXqivBruCO9bJswWViIUx3ywzn7gS4Hdkx55rqt-jRLYtxLJgcoDfl9hcc_2-GHZ-CD3iwQL6jPBqVD08g8ezv3cIgXRJ6qkUg0WzR7VjUckIMCA2CQfIoxHbOIm7DJ1MmS0v1nZucHp0Lg0wAT46Y7BjQTgBAOQBgGgBnaAB6CquNIDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEgiI4YBwEAEYHTID64IBOgKAQIAKA8gLAeALAYAMAbAT_sOzENATANgTA4gUAtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1662294371969&ai=CnRpZY5kUY5zxCs2W9u8P4ZSgwAe82qKabIrjvazlD_AuEAEgxfDOhAFglYKAgJQHoAGg8ufyKMgBBakC1oYXkBazsD6oAwHIA5sEqgSZAk_QodXoTznpv6MhE-ZhZeM7zFaYoy8L2G4bdIY53aN3LXMvWtAjsyoXnLf3B7euKD0xV1eu2Qdkqx5Rv3DnuyDNDz50H5paJ6KkX9YpLb3cPT22T9wTcNuoCo_mxFF7k6wB5tiKXoOeZL_RHq_xiloHFsLGDLb3-Qt2j5Ste5PGzXijkZ25lw2arNaDt03DOGWuUOQm-ySMwNNAqOnp8AzkrVdA4l03koHM7qfcDXqivBruCO9bJswWViIUx3ywzn7gS4Hdkx55rqt-jRLYtxLJgcoDfl9hcc_2-GHZ-CD3iwQL6jPBqVD08g8ezv3cIgXRJ6qkUg0WzR7VjUckIMCA2CQfIoxHbOIm7DJ1MmS0v1nZucHp0Lg0wAT46Y7BjQTgBAOQBgGgBnaAB6CquNIDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEgiI4YBwEAEYHTID64IBOgKAQIAKA8gLAeALAYAMAbAT_sOzENATANgTA4gUAtgUAdAVAfgWAYAXAQ
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 1D5C 		28 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CaUfEJEg0Ol1zSt098lJyc9_9batfR1QHKpIm2RwAZVsx6y0nUVjfQp56f2_Fo8zGdbhTxMSkdRV8dsCsxEDvjkplhDA&cry=1&dbm_d=AKAmf-AMprF1yf1XCxNzSVolIOelR7v61CnwKnEMJjvMimnyoqy_3KnvIOsmsjA82E-HUsNuhMu8y_yAwD9sggRCoEFSs69Nwn2RiemxGMijTuTrp8UTw19AW6mjhOjbbfpZRKwHYrNWmKF-z-x6A1elU9fBEW1VmOpKZKdJL-vaIrcIVKJwQSLx8hJkzr9OkcTu04K_x0U1lpH2TheMloRHFCIBFgEHt7TAL6rC09E3-mTlPn9zszB_xq-kctql8d15YLzhv-7cfk2F4T8WdZ9FecSGtSri-lgvOXNJOLTCY10gp7hDwK3ig9h_m-vv7a3arrCS_9YBSPatp940KY5BtOteM8Jvt3Y0IDuJ5QR0rJLn6unBSLw-yKahVuAZpAJutIRlpHFzITj3sswSBdcXS4UtJcjunp37ExlHcYYu85BCjnMIz8bNgoFD8SxYE8_3PKdqaAIzRQQeCrojLMDAo18DwfWhejJkDbdi2BeQJ3DNhY37qZUp5egSc_WRh7ZMv_qrpWOaWxaje29iRNFSrx8YdePxeB9c5DGTkelHCaU-IUkhmZsl4yPbWFGPLumwsG2pHAsc8ZQhZwfnxgx1RNgxUosLGZWlQTuDwgSG-hXnhRhVvrPiC99bTtmLfi_c9ed5LNO_vi2dtu3YOXR6hQrIhba4WG_yWT_8ZEyqw9WZmJFX2oPqPKbrBF2_xRtzz-_xyNZpVZF3p8OxAvBPRNsTxDaq9OaA_YlKFEQxWwgScOaexydgcgEXJi7qiLd7ResPNJ1taDoXEUvjEye_8jjjcLSziwhTouvDRMmJbNYaEmW-_Caa6hQCfoGERyH72X1xgnLMgarOi_itGuae3fBP5rDlHfzfwu12cdUSZZ8ft2dCcaRs67NVVkaPxXF4PummlQUwpIN2yjHA9Zk7GROj8_-YhbeUtScYRGlbXCsroT_MB74pDxJAQ3zI0J-xC50XlYF2TjqmD_kDhBnmfMf8aei8Ler5EA6Ain8I0TsJl22nKbAZqln7oGgRxroRuluzNIHowknbCzfSw-OIEnEP2OFchpbI23iuhX0sy305fAo0EN7Zqb2owsB9zsInrpjiJ8H6DZslE5_K0orQq8ZGO8hZk1kZd7ohY9d5FK9QLjJa2MBXv2yDfGew43nXM6KTOT6DxD1frJwZvLRXTNYy4KvIZF4A4gCTy-ziLlUYpEYgbMrvrhx2pFG5AuW5lscBOxL4DKq0vxkjT02pDiiErIu6aG_rlrCx0z2TItf_KaUbXNS3vJExbG6m2wf0oOsGk82fzaJBciQunULVPYbEZjF6V-_4d0iGvzS0-VC9bLjgwhRqqO7xkATPv4IofFxlPzQlMjBDFbF9Ak8ZYftYoH6shfmu8HnHVvQP_nUthQvOpn1lTzfQyvXupTkVRMIGVWh7Umnucqs6hW282znJjOEwoIDC-lW5rR42PuMxYpomEcTD4_atXCcXzacVEZCNdnJNQQnklxGV_Z0OUAkXBgfiFnG_3E9GOPK-W_tfbhRHYd1VQwYHr-rjnM1HckYGXW9KTDLW9mSk_e07iFvi09ZPNjdR2j6xxwgJ_qLnCN_rEcamT4i1Fcn035BNFgS8WOZLc0eAdNyjPrpnYk12q0suGXvv8BAdxkQiplFQgHDPr6v6lmaJle5HPyrjz2dkYElAET7mW2sDp68SUYlO3TGjUqZfxiiJnDOVZadSwwkXc2tRZ6vETvQ6sMk5IUmdakPsUyKi8lRMllvz8tioUZN0TX6wOij6AhiA09zrosWAtkZzRqBjcFzstvt5mPOSoVuYxK3U27ZPhY5rZWFlxLngvycaIKCadzg7oGugPtbiqJB4Hv3TI-hqf3XWOnZNX6d2KKrswbrz2NtZdiNVaUdXCiCQhsLJilERQXsRUX2QaLgqU59vAHK9JeT0K6peWJcECmFwUs7izWx6nk26fK5SJTztR3HwU3bpoZkkSLZ3K1VLpcbyh2pMoQI0TUFJCuWOKXlOFAq6osccmMGykEZfN-RDj-eJfLFkv_-Ts2ImIDRAZuAKF8yHwFV4-fbBAuaJDm5wxGyJUWjbrEjaz06Sw08Tag19Q-rFMWVsafWS5qyai1REoKlwkQJDMgR4M1DH2XfFPa-mt45w5YT-oyS1lcc67VAlyj7p8MY7SA4sxakPtLoOpzu3LAf6wDfGKwYgYn2OTwujOIxvvO2nOpbPBH92ASUU-icUFeNgNMQmspt0m0Tv2JfqYIOvcYiJXREW21lJzAtI9bA0mo53I7pcEmunJWGm2PeQ290JVsLrH9fD51PnWP5AXCYMSmtcutvvybpAWrgyD6TT3FjbYeI2Q9kJyzGNrzdt9x5ZYAJydiYO7N6qT-z_L5A2d9avnDybwPAAePEFwulcTmtuohSqiu6yBDHagB_TQ7p9fiXPe3ABUj0lsbOvWiJ4wAT-dUbCDDcC8M6FJhI1tvYcttyrkeYDjednOh34VPKi8vAFAf-KOjocXSbT_OpbPFaPdskv-4gXlRF0s8GfJ0zKqnCw8Xk1OirQKJ-_x1djacIhVAeU332pB3L_RxHs2UKDDKFJ5to9nVDUhhSgKnr-GrOtPLbHLk5ZqiuhYiG8V4owzs_OpPy_3CkiQ_Leny7Ajd4e69xGJBXTNS-n8W7_6bdzzOR3LbsNTUwBcTR2wyaS_tN0okjheixH5CDsAEt4vvQeRw3x1BxNRDHE6p6THncctlQrENyKt_zWOHde8DrVAukTdLyzc-_w3GAKDy_rJQKV9ME4wFyZQ8UUMTZIzbFkRK4DjI3vGJzWtrPIHmqARynhVhMlFPo_6QlGVaxcieAQDM8HKP5O5x77fhpvwO8_igKuMeXzxXhW_08lLlXgBLi0LgS8ia-uENHx8oi44TfSspMOTXPfl33HanB-2yiosRVCGTkVte8NhfmgHUkENIUJjqFnSwAH0A7AVs-d9YTXfFRJNehQFU5f45nEEdu0O9Q7t5E08h2rMEIZqJwRIhzueHP3g51Yy2mbYnWmtH4LKTpTLvOqsBpAddyDDv2eIiel7mOz9hZ0fm_AsvSZr7NtZ-78guIAcEyI7sGSzJq2vlBJqtE2eARKHQRCl7HhumbDB5ItLG2UTh25dyXSh0JeHwLe2csyEP0KD8lMXQYNsmPpAOL6XyNqIE8S1MeJM4uUGT0YeaygwkJ_jggJa0iYzJHsjHNYv2aMSRP4BrP_y1oqGGl5aSpsQKZBNHLNCLKaF__iLY9BtP3lefHSkhB1IiZCsMTQGum5i7-8emWdTyt1I8edxGg2mZ4iOyIGJbCYwZeu7bQjrlsPNJsIwpWnuMblS5DCxBVVri-XjuFzgFyUh3VhIPpTsKai-44K8NLZV6tnmQ-0xleQxartE3goOdhST1f8bA5zXMTfORxFD0hXaLqOF6h-EgXU2tQVtHLd6XMN7mSWs1gDO1DPh7EPIQiv3Tr8InRfFxJyvjb_-0NO4Bs89BvWxrBwbP63Ed-psl65fQWOfAfrIjfOLSM&cid=CAASUORo3qZSiCdBUSzuDdHCvzeoVhJXnnsTMonV-DPfzCe4JrdUDgo4cvieNmixp1xa6pF-4GCR2X2yiw19cb8kYQE35iBiRi92mAHK0knpctiT&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f155.1e100.net
Software
cafe /
Resource Hash
ddca021f6bc25038942e6af3deb4bf545c70ec6fb0e72a8990f6dd3fd1e3867e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15896
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1D5C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzSptY5kUY5zxCs2W9u8P4ZSgwAe82qKabIrjvazlD_AuEAEgxfDOhAFglYKAgJQHoAGg8ufyKMgBBakC1oYXkBazsD6oAwGqBJYCT9Ch1ehPOem_oyET5mFl4zvMVpijLwvYbht0hjndo3ctcy9a0COzKhect_cHt64oPTFXV67ZB2SrHlG_cOe7IM0PPnQfmlonoqRf1iktvdw9PbZP3BNw26gKj-bEUXuTrAHm2Ipeg55kv9Eer_GKWgcWwsYMtvf5C3aPlK17k8bNeKORnbmXDZqs1oO3TcM4Za5Q5Cb7JIzA00Co6enwDOStV0DiXTeSgczup9wNeqK8Gu4I71smzBZWIhTHfLDOfuBLgd2THnmuq36NEti3EsmBygN-X2Fxz_b4YYH5ugIYlk1401F6LXchXpYDp1TvBz7cqEuBOjTHvd-kX-qLFdpQy4sKol_6KcXu3aymTJinu3xyvGrABPjpjsGNBOAEA4gFv42Q6EOSBQYIAxABGAGSBQYIGxABGAGSBQsIIhABGAFIoMDOAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHoKq40gOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChC-qwIYs_y50gHSCBIIiOGAcBABGB0yA-uCAToCgECACgPICwGwE_7DsxDIE8rVheED0BMA2BMDiBQC2BQB0BUBgBcBshceChwIABIUcHViLTEwNjczNzQ2NzkyNTI1MzcYk6J7&sigh=pYmK10uTzA8&uach_m=[UACH]&cid=CAQSPwCsnQUxMiqbBBlfKdKiWwhqhnzUI-3pPPlAYdXL0I5FzX8NdUuBKekqbdMLdPw1QyE6auzHSTphqwBInZXqlw&vt=10
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
truncated
/ Frame 1D5C 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8b6c690aa55fd20f4b27d68ba0bc7ebfca15d0ad3bb1a78ddf40385a3671072

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
setuid
px.ads.linkedin.com/ Frame EED5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7NB5DYM-1T-KWRZ
0
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7NB5DYM-1T-KWRZ
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:11 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: BBF81193E8D943169D878A04B7E2EB65 Ref B: FRAEDGE1512 Ref C: 2022-09-04T12:26:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXn2RGRVa5d07VSsulrgA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7NB5DYM-1T-KWRZ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame EED5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/iPkt6BcFre2tzHy78wWNaMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3336009855547214092
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3336009855547214092
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

date
Sun, 04 Sep 2022 12:26:12 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3336009855547214092
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
rubicon
match.adsrvr.org/track/cmf/ Frame EED5 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame EED5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECz02pADk5saciSNFKoc-zw&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECz02pADk5saciSNFKoc-zw&google_cver=1
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECz02pADk5saciSNFKoc-zw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EED5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2EzYzUyNGFlNWNmMTMzZmYwM2FkODkxZGU0MTI4OGU3ZjcxNTJlMg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2EzYzUyNGFlNWNmMTMzZmYwM2FkODkxZGU0MTI4OGU3ZjcxNTJlMg
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2EzYzUyNGFlNWNmMTMzZmYwM2FkODkxZGU0MTI4OGU3ZjcxNTJlMg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame EED5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdOQjVEWU0tMVQtS1dSWg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdOQjVEWU0tMVQtS1dSWg==
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdOQjVEWU0tMVQtS1dSWg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame EED5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7NB5DYM-1T-KWRZ&sigv=1&esig=2~967531b34a694afe01e437c836d912ceaca5dc60
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7NB5DYM-1T-KWRZ&sigv=1&esig=2~967531b34a694afe01e437c836d912ceaca5dc60
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H2
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:12 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L7NB5DYM-1T-KWRZ&sigv=1&esig=2~967531b34a694afe01e437c836d912ceaca5dc60
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame EED5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=z5hLNqC1R7-bHIudl-8Nxg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=z5hLNqC1R7-bHIudl-8Nxg
43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=z5hLNqC1R7-bHIudl-8Nxg
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6Q49VQB443RFD1RGPYYW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=z5hLNqC1R7-bHIudl-8Nxg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame 4BE4 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=53357568&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1662294371581-968203717226-007167-003-004163%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:12 GMT
content-length
0
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 1D5C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 08:58:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
358073
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Aug 2023 08:58:19 GMT
file.mp4
r3---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/20dcfe5f46302250/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693830372/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 1D5C
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/20dcfe5f46302250/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693830372/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r3---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/20dcfe5f46302250/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693830372/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/20dcfe5f46302250/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693830372/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6416937FCFE35EA2C85C529600DA6A4E52731B54.3E4FFFE8AD295A77A28E155C1C2FBB9D9A04C071/key/cms1/cms_redirect/yes/mh/O6/mip/2a02:6ea0:c71b:0:1012:9df0:ced8:2229/mm/42/mn/sn-4g5e6nsk/ms/onc/mt/1662292963/mv/u/mvi/3/pl/48/file/file.mp4
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:62::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:12 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2170997
Last-Modified
Wed, 31 Aug 2022 11:56:44 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sun, 04 Sep 2022 12:26:12 GMT

Redirect headers

date
Sun, 04 Sep 2022 12:26:12 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
666
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r3---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/20dcfe5f46302250/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693830372/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6416937FCFE35EA2C85C529600DA6A4E52731B54.3E4FFFE8AD295A77A28E155C1C2FBB9D9A04C071/key/cms1/cms_redirect/yes/mh/O6/mip/2a02:6ea0:c71b:0:1012:9df0:ced8:2229/mm/42/mn/sn-4g5e6nsk/ms/onc/mt/1662292963/mv/u/mvi/3/pl/48/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 50CE 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
326191
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 17:49:41 GMT
expires
Thu, 31 Aug 2023 17:49:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
pagead2.googlesyndication.com/bg/ Frame 50CE 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 08:08:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15836
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 04 Sep 2023 08:08:58 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=themorningtribune.com&rs=themorningtribune.com&sid=58605&t=1662294371&cip=138.199.38.132&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=640&he=361&app=&AV_PUBLISHERID=5d8ccec528a0617cae5a0755&test=&aafaid=&proto=https&uid=1662294371581-968203717226-007167-003-004163&cha=0.7&stagid=62ea643a05e77f1a0c00c9b4&stplid=62ea5e3167828879e326ddc8&d35=&d36=6.2.52&cb=32400943911&d39=&d65=&apppkg=&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=640&AV_HEIGHT=361&nid=5d8ccec528a0617cae5a0755&ncid=62e9f831047b15547d6d6c55&e=bid&cb=1662294372272&asid=6304f48af8eb8561aa529e06%2C5defa4e328a0611122433595&ofpr=%2C&fpo=%2C
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.189.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-189-122.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:12 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bridge-31047.js
video-ads.rubiconproject.com/video/ Frame 786E 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-31047.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
f5ac6348585afe084ad84bb4b456717fd946101219e1f3c16f266745dc80b0d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:12 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Jun 2022 14:26:23 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"1021f-5e1e1e36cc1c0-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
20215
file.mp4
r3---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/20dcfe5f46302250/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693830372/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 1D5C 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/20dcfe5f46302250/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1693830372/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6416937FCFE35EA2C85C529600DA6A4E52731B54.3E4FFFE8AD295A77A28E155C1C2FBB9D9A04C071/key/cms1/cms_redirect/yes/mh/O6/mip/2a02:6ea0:c71b:0:1012:9df0:ced8:2229/mm/42/mn/sn-4g5e6nsk/ms/onc/mt/1662292963/mv/u/mvi/3/pl/48/file/file.mp4
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:62::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
3f2b8c73c0c6b771e190015dd0d67112a1d456b3b3883bac6522ce8a6edacf34
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 04 Sep 2022 12:26:12 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2170996/2170997
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2170997
expires
Sun, 04 Sep 2022 12:26:12 GMT
last-modified
Wed, 31 Aug 2022 11:56:44 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
client-protocol
quic
gen_204
pagead2.googlesyndication.com/pagead/ Frame 50CE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BF08_ZJkUY8apA8rGzQb0pLogAAAAADgB4AQC&bg=!LC-lL2vNAAZTikH4c4o7ACkAdvg8Wm7mkvM_H4ARD6YpEkytFDGVAQx5GPEZFYfYJ9Ir115oRmUMGQIAAAB9UgAAAAJoAQcKAK8G83RAXBMxL5FbOtN_WzVTZDVqsUSIB8HQBQCq7t27kpk8IYb5Oc23mFzgCF_1kL_5M7APiZBVY1Q0hpH5gS04aL4Rq1LF1qz0CyjF5RbDOvZhTLW7640ooGpmFiAOn5FCuP2e-sPorbDC4rIbVOjxzux8ouDuEyVuLoqySpNy2a24Ag2lV4EMR7haq3zMeIiHDvQ3L3UHCka6WDxLeyGrOZUtvDCqt-BrrczdeFaymQLoQ4869_Qsu8W7guhhL_tmjj6Vv_ZPuPlcdK1s-S6g7TSKPWLhrodmpJzLy4B0_CBrqrMZcw_jK1sHlmRMqcSlvRcVDEZIWCw5psNU5dZKbiaiAcxhoNLzSpEUFumtVGzdJXDTEDd4bXLjZ98uf2btp2SYhL0Z9L1yhrK4mJi7craK3ofkdjke_A0-4BVID3werUlksdWP6PRwuD-TLW3aUoJPZRWyHoS5g_eHtaRwdKeSNyWXKw_2oiQkW7pKWccpsCuROTbdN8yGADaPssGYOCz0PHzHqWDlnZyAVbqH2WsF9OKPcDghgepjXwCWELkCBn63pEtfdc-0xZ2Eb9CkwXB3EBJLluUEeBx2sFw7MFeKKz-yjxddDwPzaXjVWIeCvqz2hF-aCNL0y1rdIhYPS8kgnMkAJu15DOpgnzG-zJZKMDwgdt5q6Hf2GkVzu4GIhK7oQ7BrCjJMQh_TuEEGxfvHRN9-jx13bJNIkSD0IkGw9XGeBwAeIFH8mPOQRuml_lZcaUbtZ0IGhiNya5TlZDWglylP3tbC_4NyPOm1kWwklrA0zUAp6o8OoXIK-VgxBy08--IxNVZU9FEhlO9sdBx4GnBrdE7aznH7MFZByEavM8UAauO0nv15bU5dkzV0fX2ebayJfV4nGsRZ38yHUZyo7j-gnEPvQW2J2jV58VfZU4l3TmvUkkKQTGIL039yXUrQ_gbesvX_Kh_Xo5T-7sMiPwMqBQTZnLls4xrKDkE4VqEWZN49QzMuM020dwnjR_DTth9gQSMJbDxhzhwjfZTVT0NdMLW_CHCm_ZHzbLRTQgs3Hf-2D8jQXsT3pYY6EbmETC94Yg98R55ArFwwEKv_PO9CeP9eknIHp8ikPpmEeJC329D4rovf7pqiNfeRPjyqh6oNXtgDSz2s0jgHb2kygZK_xLGY-9dq3ZFU4Ez9GgBM9oUwhFlENmGx1nGkXb-ZbXAANnRKEi7mi44xUtAdKk51qPQn
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 39B6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202208101343/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:10 GMT
expires
Mon, 04 Sep 2023 12:26:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 89E5 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8NiZyAEwAQ&v=APEucNWZc953pFZJM2uj3S8NtsxcT6-RcpqUWnq70Asv_oZWNseRT7GCZb67SHDKi6EywLz527XDg9iEEUuq-_0DApNJFbvvkwHXMb7AzIC-HO5JvVC5pqny2pZqdtcezV3gOmbuvfKSoZadi1cRKwtBnIX_XZlswL69qvkKth0i7j16DQiDpbk
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:12 GMT
expires
Sun, 04 Sep 2022 12:26:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 39B6 		102 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DQU7sx4Oh7Qc2ycB8zj3-RpO2IGxAJItwtUwEE5sRJBp_qH6nR8J2QIPx-2CV3I_gpX9Xy_W0tCqu4MBSOGiRAmMz_yNIkHYE_2IgQ_81flsyPm2_TEwfCHdVMzwH437o1xSOOOAY50mrGSth2s4ZN3n3jEg&dbm_d=AKAmf-B5o-T2oSgLTtmsBDn5z80_Im9jd4TxaaUFBwtpl3B_GIiW2bHG46RRi0hMTahgmqO_EHOoCsok4sqveTwMJUIH8FQSAAKCaBesxWs48jd9H_zMGBC6TgP-QpGE7-iNKftQgx6TEsOo4A10F0Hn8zTinRc--0vYPBnhtmbCEacqCyYYCo0sTjH-GYeNfqD8PYaQ8hrhhV3KLjtNf-6stUjFQjSUxIpAYtRKgFtFuHs-1fXjKBEo5qSVa-AhH-8QP3OUqVU3dEfLzJvULIs4AOfvNZwHgsGaV0IDV4GyCLd7T8IWuNuM8rwk-txHLmBGwiVREllNGa36wE9gW_gHwo6fLjK8Do6gIbBGvM4610F647OFxkfrwiL6O7Dwp019yfy2nBfhGJ-WflMSJj5szwy5kuNEyOJ3rhkdWTFubr4YwTLZJ3dtOOLvK-Vxz0Uz5MiO2O8m47fI0uRqq-PRPD96iEUXTsuzaXD8cCMQrkpqQhDLmYNjOwgOWjhKjDkK5szwqEnjBaHvViaomSkC3GY1mfE7FWYOZRAAwUdjKIuivW2EGtwq4eBN4HDntrF2rEDf-AZ_GVQc5nS8VdQ_y2PIwbySucTB1RxcY5jpS0-PqzoxHW7JqdWYFv2o1r9dJEx_sHfVaGg41yBR74SeRcmb0Tw7Z6rmJ9aHsFa3mndQqaoknQLvuy8QSDNNA_uKp24f9x7rYTEIIDzRfI6s6hH2Oqm3Tws47vvzJHtCo2g98mNoEvKLW4XNvea2h3OAlshZfkkKYyB9IiKR_vpO45wnGn_7ZdDMxftFzfimiKmheSt6YE27BJlecZdkiDHOkZKTTcIlFMaXr80Ewtm6OHjIiDqAAAjYHzkHB8dq_tsuGWZz7x1qDFN6xRC7zRZF_7EjvZlTKRUKu_iuMxFoqSO7O3luEpmy0UHxpiYJxle7NL6Y5PPK9Pvr2jrtSbthyPfnqqMMhsv4dChLYgA3IFhfhS8F2g_TVJKztWqaEtO3-r0luZ6cvqHIpsmRga5IKnjoW-y9qNTwMGEbfg0M-Q8Im0OrPoRWlP-VXcRjNdDE8FCq6NFlbDXRZHwMmTIv55t_etUnN3EikqWzdXWuDm--XFXiRMMhcUPLA06dhIjNAXaESqT8fKmRF4tasITz2M11x60ioH-0BuB5t2qRjqSh5sNSNdP3G73A_jJ5L6RcLLroYV1BJnv65WMvTwufCkL0WIsuCtXZbNb7VF-Yot95xWGpHt1Vgc8sGyHZM37N5n9iqys3124Szi0LuApRtujI1IRZO9MtweThCxy3SWJe_R2qoCNktgjgPiWTqk2h5YKcabiX3jOYl1_5qgnuUWlSvdkVIBMoUzAx8-6wJnuzqM_0My5pYGfRyTxRQWKs2LLchS62lK0bWzUyL7p_hPo-jcpnwBEdBsDiSANxUaOdzl40ZocjmxQm4DhaOX1FLZ5jse2quYF79nFBFyOE6Doy7FjZU_224UlQ37hVScxAf_bZFcNPLxNb4Axgst9TSYNPedgzPn51lGRFggt7lRTFFFNgjQQxZmUoCp8SwOVoM-uMKcbbgfEBZqUwWldH0UGDwc43eR5oM4tN4LFOKtxOfLJuN_YFhC_uSEd65xgvbz4SQYHPsNY7ej8mfnhcg4o3o7muam6DY3--10MUMgZj4JUw_2u6I2rx08zXG8YoiDgqRsaBQLAOKyq_Jz11gL8isDZ_yCw5lulSZME7zKCMxCvtatpWsTrX4wwyYOkU5SF5ik6P9KTU_3VjyazHVeu6nJ2z22GgKVtDV2RHP1dSnIGGQ7ci2N6LWYNpzmSjp1mOvsOrUEgF06uOQIGZcbCZ3LMMkDkPcQE52eJga0-ltpo-ZJokGhnKlvEvkl5BDAsQBLF2g5j-s6PGhmYbd4o07erQS9JVw9phBLHUZWt7lEz76hefiU22FojwtAiVqD3zMYUYtzfe1YKlaQvvoOXQCL_sOnZaJpu2lJk0JL6eHst8j9Rc5NELBFJnnBNmCBXGiPTNLuNYKTzUdPmpW7iKCRnHzz64cBt-5KMknE6eFL7pEOd06AqYgF8ng8OsWw0fPQ1mXsy3jRW_GC2sOip8c1Z9IXiL3IiGJvzXuGjmbZMrK8FRmecitUlWdmTjJc6vQNV4N5zzYcjGdUh4jqUfHxSCqA7ou3s8R2lII3ys0WvHdhKNVhjsTfi9LgNyM8_0u8CrcGoOU84j2qXGXs6L09XoT74o3ptiCQEQl9bY0jUP3y8a1RsZXfKOHAynqXDPLrzqjBNnnk5RHLW5mh1JeNHdOGcpQPq7AFCNgQgUT09x-edKPu2bmtqRd7On20V6U1g3z94ePJwwa8YovIC1jwolJbN2AEaJ8GpeJyKgWJkfC8WlThCH6igiFavP_ASoEtqJZ6Pzp9HgjS81jFXDYdA3goJ3ECMzOrReMUWnPUgvR8NZ0DW8uX7qEo_ycjvRkmveBWeO6jWILCzthmtURT9gdkl5QhsJ81abkYYMAip7Jeqyy008nAh-G7jUAd_DqAKemgsXS2mQsVM68YENID5Xxo53gbK7xMa1awsPbeD0JEeR2yiMtMQ6WClBTK-H-ySEWveX87hlXtzHrB_CUAu2aY1TxZTiOajwkzrMh8iKAxNX3SK6Nv4AcHz9dMmlTBdpxMQ3jRlPYZCQowwUdrshqbVY_tsPa5nXM5UFvWrebFCNfl6vrUty4oJ718VcPMQs3DODbCuCcwzWiB-e9P4cmW42H2XGRlDDc_6eIVVyd9v5I0vFDgG_7ybBNld7ZWR0LBlGajRp32FVC7L5Hz8or682jQzUAcasVBLpmGA0rz0XcacXNlwGnBHHKSelDgD1dXJagI3axOBtrTom8CAhbiWQ0W0DBr6FcQnwjwDLeWy9JESQrW2MWGbkljs-gA6ydN33KyBTH7cVcDbuJD6e9eLM-yQ1-DK_FOxjGv4hwS_-SESWoq_-rXCn-6zNw_c6rRtVkpU-h1bD-M-NLkQhG94zEZ-_b3mO7gsxGoXWAtOpGIJTHqtlpqcAWKdzMYwB_0XanY-ahP5tE8GD2sMPwCr9bj9osNZddFpsIN3ukT7ekNL5B_r2MzlVQiAhY0KYjmyoqfEei22o9zIypYtPQPLzi4dDcBlFZsvCS2Euc6OibX7UsyPLolGY83EycK3r5SzwITdB47TzQdrBsytzZMz8dET-6T5bfOjB5Z36q1S3z0cKWJdEXU42_6cEKOnDGh-9nV-IGdICm45-72eQh6-6lXSSF76ckJNQiyEqQAtAv9LcP6BZ3lcU06wXy2Sf6dOPPxLAdr3QIqABxCQy7QT6I4LIY9Lgm_9eI8IsSmkhOhEEMwjJ4cVb1m7P9nz1ZahGoUOKzvqIxa8q-i9eEUbQsLud2sMyfue_5qTLinOdSeACHknraPLsrCQmwIvHLF9ug02xub0SQV4I16J8YOJyRTWKm6isLXek7ScBLbK0aPNzuCW7V9A1MEAY8q9Vg_fX4Jga-vFuR01SV846X845k8_wT3rGJI-7C0kD&cid=CAQSTgCsnQUxCFT04jWQrQuGjTLovqALRZyMlzx-kts7RjION6MlLpv-tzC5w83LZi9YOavtlUmdssJaWjEpjWtv8zs9gy8i-6KYQ_dCqZCw3w&rfl=1%2Chttps%253A%252F%252Fthemorningtribune.com%252F%240
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb2bbef60f172e5315cad8c254f0f55a8e3599b8eba951963bb85c31088f7c9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38393
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 39B6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BgTEBRokwEZof1XpUAKobvJPqFz4JdB04pwBGB42KxGjKJE5kfnpdPFV5Z-cWDlhf0nMf2dJMXwtF0gQK5sG0C6u2iuksDOsKJ3sM6Ma7gdBJQhNs
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 39B6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:10:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
940
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:10:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 39B6 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Sep 2022 12:26:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 39B6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:17:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
523
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:17:29 GMT
l
www.google.com/ads/measurement/ Frame 39B6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRV8VnI_LJGhJK9MneSuD6L4tzDfuHJvqN4wMoMpebSE1IJEVO5p7QA61ElZu60tiDxpxmZJFKvBZxBCwuHiUwIOvLP2Q
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame 39B6 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzI4OTYyMTcyNDA6MzAweDI1MA==&v=5&s=v31gc47ec11&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsMjI3NDE1NDM4MDgvdGhlbW9ybmluZ3RyaWJ1bmUuY29tX1dlYl8zMDB4MjUwXzYiLCJ5IjozMzA3MjIsImNvIjowLCJzIjoiZGl2LWluc3RpY2F0b3ItYWQtNCJ9fQ%3D%3D&sb=undefined&cb=6338445&h=themorningtribune.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6STRPVFl5TVRjeU5EQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODk2MjE3MjQwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.15.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-15-154.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:12 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 89E5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAYjBGzG7-ieXtZoyC5K9s&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAYjBGzG7-ieXtZoyC5K9s&google_cver=1&C=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAYjBGzG7-ieXtZoyC5K9s&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8NiZyAEwAQ&v=APEucNWZc953pFZJM2uj3S8NtsxcT6-RcpqUWnq70Asv_oZWNseRT7GCZb67SHDKi6EywLz527XDg9iEEUuq-_0DApNJFbvvkwHXMb7AzIC-HO5JvVC5pqny2pZqdtcezV3gOmbuvfKSoZadi1cRKwtBnIX_XZlswL69qvkKth0i7j16DQiDpbk
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
7456b654694abba1-FRA
pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdQCrRYU75vdEQDBXP5fGLfeE8s4%2BxuWTXd7p6k6FmfLRH1qTJbZnLA6DV68EOX3UHLTzVDwqtScOyk6JuGqBHEWbuOv7H56u3BeexjgcaMxt3X4piWx5DVhHsh65XfxdgS2RZlrmdw94Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KsCNMaBK9HCUtfoubpi%2BDRC1AzewPF0RoAfbN2pwiGChGE%2F38JYt2soj6IqhmzHCx%2F4110iSUh99iuuPnkqjEjXoN139SdrUJ7BdAFUuhq2RT00IvqRoxUkr8M2El7m%2FIsPf1j4g8QABTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESENAYjBGzG7-ieXtZoyC5K9s&google_cver=1&C=1
cache-control
no-cache
cf-ray
7456b6540d6c9b1c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 89E5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxSZZAiE3u4nycGt74TO.wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAYjBGzG7-ieXtZoyC5K9s&google_cver=1&google_hm=2
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAYjBGzG7-ieXtZoyC5K9s&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8NiZyAEwAQ&v=APEucNWZc953pFZJM2uj3S8NtsxcT6-RcpqUWnq70Asv_oZWNseRT7GCZb67SHDKi6EywLz527XDg9iEEUuq-_0DApNJFbvvkwHXMb7AzIC-HO5JvVC5pqny2pZqdtcezV3gOmbuvfKSoZadi1cRKwtBnIX_XZlswL69qvkKth0i7j16DQiDpbk
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
7456b654f9f0bba1-FRA
pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqhJ3f3mm4%2FGeza5f%2BPg16pvtVkMwTZ%2BbnwlJl6%2BOwPHnS0BMVvS9K4bz6rQMx3qGbocylx9Rgd5R3dd79DlkBJ5hOL86d2TfuM0pM1asEryCMMt%2BW2pPveIqgnklTETohyv3P45BD%2FvAw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAYjBGzG7-ieXtZoyC5K9s&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 89E5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENn5JelxuFDU261xhW1FsOk&google_cver=1
43 B
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENn5JelxuFDU261xhW1FsOk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8NiZyAEwAQ&v=APEucNWZc953pFZJM2uj3S8NtsxcT6-RcpqUWnq70Asv_oZWNseRT7GCZb67SHDKi6EywLz527XDg9iEEUuq-_0DApNJFbvvkwHXMb7AzIC-HO5JvVC5pqny2pZqdtcezV3gOmbuvfKSoZadi1cRKwtBnIX_XZlswL69qvkKth0i7j16DQiDpbk
Protocol
HTTP/1.1
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:12 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
b2c11f47-8546-4019-8d7b-013b30b4d6f7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENn5JelxuFDU261xhW1FsOk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 89E5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyMTA3NDYxMzg1MTI3MjY3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyMTA3NDYxMzg1MTI3MjY3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8NiZyAEwAQ&v=APEucNWZc953pFZJM2uj3S8NtsxcT6-RcpqUWnq70Asv_oZWNseRT7GCZb67SHDKi6EywLz527XDg9iEEUuq-_0DApNJFbvvkwHXMb7AzIC-HO5JvVC5pqny2pZqdtcezV3gOmbuvfKSoZadi1cRKwtBnIX_XZlswL69qvkKth0i7j16DQiDpbk
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:12 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
75e01697-2ea7-44c9-82f6-5b69621cc5d8
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyMTA3NDYxMzg1MTI3MjY3
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/886862/62195780/ Frame 39B6 		236 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/886862/62195780/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.77.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-77-239.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f9170bffba7bbd872604d24ae99a02270b64c1abece5134aa5b704efa919769e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 39B6 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Origin
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 16:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70480
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 04 Sep 2022 16:51:32 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 39B6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:03:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1354
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:03:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 39B6 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:24:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
99
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11778
x-xss-protection
0
server
cafe
etag
15541287485089275602
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:24:33 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 39B6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 16:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 16:49:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 666E 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
83457
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:15:15 GMT
etag
48472445140208031
expires
Sun, 04 Sep 2022 13:15:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 39B6 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d93cf4fc76991056b5028a886b79facc695d726e8c139936d4ad8a153fb97540

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame ABAA 		21 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
054c480b41dbb8bb1a0db0dd51f85a18dafa9679cd1988d4824f9da3f8aa1215
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:12 GMT
expires
Mon, 04 Sep 2023 12:26:12 GMT
last-modified
Tue, 10 May 2022 13:01:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 39B6 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv7xJGspty4zEyke3_g_8XKrqXd0qav5QXFOnrbLqfhjDGZgRlJ4mpN35zRcDErnLEJ6oStWg3xHDOyCJuRPKAhtM3NQFoA6w6D-GurwwpV_04E_P5MGQdWH6ksb588RXvIx0xxpRNpLjw1x7e1tfkJl1xZv96oH3tuV9i2VOSDyUn5JgW0qu0B7TWLUO-KA37RH-_zZLRZFFr2ASt0u1-15i2mTBo15j1P7rlz98ricWPeHeN5RscOf8Lq1_2hwjWBWypxwY3kE_7mH__fRzH3wXuUBadqor_vSh5Xvp4yjYaEF9Ds4Lieu98GGCZGmVekl1lzrOBYFfCje12nOo1BiQRSP3GKPB3-yA-N_1U_wdZTNlgna6U-J2SaHjlJDdIi8r1Miv8onzBtU4WQ6KetoJsOC0E18vJLL4WffInwbNpFTjRfis_cPwYyg1x-DpYdRxAAbLDwwUm1VzWoFJPE82Tsb8mfeFD8G0RoELhVa1Rtu-izBL0hbb8ahi1TEGoksgeoyFupDJfuCXhBAaAi_nQvzz8XoWpyTr8kE4vh-bgVYhRII-e9GA6ujCJFNej9BxTdPBME3RxjtRW7mnz9Y8MczBIjQziTBU-yfFxsX_ky90cIg3lTqgTQrqCA5kYcJEGDyUbAQDRub-Px3MSIKXUz1U4XkajZp2tkmztyiP2zZmq8d0S3nycsX1v_f6ClPDshh66zlnmjpF-m8ByK-6Y4utE2acB8AabPx_2MwplORT6VIxUkF7NSAvzbiAYMbm6KBaAYj3u4SlescUnX4c4K70CEhkYorKQ3YIYRV3HjVcEIHnrS1ILHIidjurkT51aA4QZTtteZBd4SF3fG6r5LcNVEe7shvC-FMCQt4KTBF38VN9pxGgmxLr491GpVUMmKNNiILNkuYqmDtZCLdkn6uyiOVCv7xImokUQTGSymIqREPteZuda9BvIpNgHmYqlnHZ0_XrUc67hyZ3J0DocTab1g4aMUWgOfEmUEiuHAk0u1P0j5O6LdWShVEwK0ZNfH9j3J4ZLEgwePd_FdN5KexZRf_Wqu0NBx3YmGSshfuk28hfI4CCQqeAk0Qze3STQj2qpRmdir7Qi64oYb-kYRcAwHjghAvcPYeFFZ0ylmPVKP-jVsY26nJ3Xd3YHeaSKqBepSrOaSgGDkOMi0_tOul5HYB9wUFZ39ezmIqGi8IYwKw41EbvSAnnz0MfxPNuLJmx3h7kczwB_4RQeZRkjbb_i_AL7RuJHkoS28D5KfiXEeisUKjFNQxH-GFSdkT0jCPAZGN21XC-3pxvgnM-ik8nZq_NBelbj99-6QZVmFKDO1a6-6FpD_TQ&sai=AMfl-YSOSX6vuwfkSwBvr-DYcJlO3Chobf6QUnl6UTTKLr5kOvkNzDHKWpCYPYBtkN_EOkiv_fNpmINo7PFxRS3IyjcuOc9k0_oD0kLOKoyegwM19peVp7hWNXhfSDuIjodwWLdU1TVcoy6NF_TGV4nuB2WHs4VLd6MPGhD5XSSccgweNYZce4FEyDqz3LFwo_7hZ8V_ieA7cFWZeADZV8_7dSm1zSk0wF3hsMRDMOzmUrbwH8iT4N8hlMgnUFRRTa8sKVVLT-CNAVCSE5G7R-Bj14kOe8MYS6tDNLTGiYv-zcJdwtEGPkCFarp-zg&sig=Cg0ArKJSzKtbLgqZwSrmEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=88&cbvp=1&cstd=83&cisv=r20220831.82607&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 04 Sep 2022 12:26:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6378 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
243412
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Sep 2022 16:49:20 GMT
expires
Fri, 01 Sep 2023 16:49:20 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
i.match
s.tribalfusion.com/z/ Frame 666E
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEMMO6DAG8CPORFdrBpbgevU&google_cver=1&google_push=AehlK4AzSJb1mow4NZNqsWadUvohZtUSFPtYNzsp11tGgq3rBEKxw85rSOrlHWOmSyk0sTgoT0_mEmuwcV8LVKOWnxHL1ypMpB4&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMMO6DAG8CPORFdrBpbgevU&google_cver=1&google_push=AehlK4AzSJb1mow4NZNqsWadUvohZtUSFPtYNzsp11tGgq3rBEKxw85rSOrlHWOmSyk0sTgoT0_mEmuwcV8LVKOWnxHL1ypMpB4...
43 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMMO6DAG8CPORFdrBpbgevU&google_cver=1&google_push=AehlK4AzSJb1mow4NZNqsWadUvohZtUSFPtYNzsp11tGgq3rBEKxw85rSOrlHWOmSyk0sTgoT0_mEmuwcV8LVKOWnxHL1ypMpB4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4AzSJb1mow4NZNqsWadUvohZtUSFPtYNzsp11tGgq3rBEKxw85rSOrlHWOmSyk0sTgoT0_mEmuwcV8LVKOWnxHL1ypMpB4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
cf-ray
7456b65688779bcb-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
205
cf-ray
7456b6552e4f9bcb-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMMO6DAG8CPORFdrBpbgevU&google_cver=1&google_push=AehlK4AzSJb1mow4NZNqsWadUvohZtUSFPtYNzsp11tGgq3rBEKxw85rSOrlHWOmSyk0sTgoT0_mEmuwcV8LVKOWnxHL1ypMpB4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4AzSJb1mow4NZNqsWadUvohZtUSFPtYNzsp11tGgq3rBEKxw85rSOrlHWOmSyk0sTgoT0_mEmuwcV8LVKOWnxHL1ypMpB4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 666E
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEE59SkskPYLFBe1bSrp7wCQ&google_cver=1&google_push=AehlK4AMH8T4JAYNthHr-It90heI1eyjnu4D28nVjRH8O4u0l4zDaq8GmRQNrKeh12HdgzDoj9SFPFxyCTV...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4AMH8T4JAYNthHr-It90heI1eyjnu4D28nVjRH8O4u0l4zDaq8GmRQNrKeh12HdgzDoj9SFPFxyCTVnBz4ok_jsFYZjUmLz&google_hm=nhsaX_bJSeyr9BNZ8xSwqoQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4AMH8T4JAYNthHr-It90heI1eyjnu4D28nVjRH8O4u0l4zDaq8GmRQNrKeh12HdgzDoj9SFPFxyCTVnBz4ok_jsFYZjUmLz&google_hm=nhsaX_bJSeyr9BNZ8xSwqoQ
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4AMH8T4JAYNthHr-It90heI1eyjnu4D28nVjRH8O4u0l4zDaq8GmRQNrKeh12HdgzDoj9SFPFxyCTVnBz4ok_jsFYZjUmLz&google_hm=nhsaX_bJSeyr9BNZ8xSwqoQ
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame 666E 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEMPFpSpGxk9Bd9ocdpS2Y40&google_cver=1&google_push=AehlK4CqauUdpkxNhGceUMqK-2vonYCGdQSVdJpG7nzK7SBbg8vdv5YUmU7bmdPTQhB8VWRRl0Tbi_9s6098ZwlRcP_CmoVSWBtG
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 12:26:12 GMT
pixel
cm.g.doubleclick.net/ Frame 666E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHonjw-Uu-any0XwPwG_o1w&google_cver=1&google_push=AehlK4Au4QhupAZ2RRAK072_nhWT4iFI3Z2Unh5LePZJ5bbSVPTTlCgh3N8cNtCgAW5aCMTyHUhlh8V8...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHonjw-Uu-any0XwPwG_o1w&google_cver=1&google_push=AehlK4Au4QhupAZ2RRAK072_nhWT4iFI3Z2Unh5LePZJ5bbSVPTTlCgh3N8cNtCgAW5aCMTyHUh...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDk0MzQ1NDMxNDQwNDAyOA&google_push=AehlK4Au4QhupAZ2RRAK072_nhWT4iFI3Z2Unh5LePZJ5bbSVPTTlCgh3N8cNtCgAW5aCMTyHUhlh8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDk0MzQ1NDMxNDQwNDAyOA&google_push=AehlK4Au4QhupAZ2RRAK072_nhWT4iFI3Z2Unh5LePZJ5bbSVPTTlCgh3N8cNtCgAW5aCMTyHUhlh8V8BZVLTFlpvldQ-WsO8LSx
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDk0MzQ1NDMxNDQwNDAyOA&google_push=AehlK4Au4QhupAZ2RRAK072_nhWT4iFI3Z2Unh5LePZJ5bbSVPTTlCgh3N8cNtCgAW5aCMTyHUhlh8V8BZVLTFlpvldQ-WsO8LSx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 666E 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESECO2OXtr-3Miz0K2wEMzwZY&google_cver=1&google_push=AehlK4DmdvY6tbMhnd1XPP5gfXGXJCId8kPgwFY8jRWbZFZ2uI9PHTehiB0xvqIJ61JtvuCdz9A-4CY7nvHBtDiIIRjqoNM4KsW7
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:11 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
57974cucs9r0lup5epv7992c0qohqpi5
pixel
cm.g.doubleclick.net/ Frame 666E
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEIFnXxB2RUGYRIuwUVyFkKU&google_cver=1&google_push=AehlK4BGAo2Vo3ouaKNECLNHdLWQiiF0vSDyoeVJY1V9Re3dlXX87DdynqxlnzjcYzLDqWVlnkgUNrvBhKPLjHoq4JHzX-...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=88Mx4nZCS6qs5LPmVv90rQ&google_push=AehlK4BGAo2Vo3ouaKNECLNHdLWQiiF0vSDyoeVJY1V9Re3dlXX87DdynqxlnzjcYzLDqWVlnkgUNrvBhKPLjHo...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=88Mx4nZCS6qs5LPmVv90rQ&google_push=AehlK4BGAo2Vo3ouaKNECLNHdLWQiiF0vSDyoeVJY1V9Re3dlXX87DdynqxlnzjcYzLDqWVlnkgUNrvBhKPLjHoq4JHzX-sQiag
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=88Mx4nZCS6qs5LPmVv90rQ&google_push=AehlK4BGAo2Vo3ouaKNECLNHdLWQiiF0vSDyoeVJY1V9Re3dlXX87DdynqxlnzjcYzLDqWVlnkgUNrvBhKPLjHoq4JHzX-sQiag
date
Sun, 04 Sep 2022 12:26:12 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 666E
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKSntnvxvQWca9fmfiQcxtE&google_cver=1&google_push=AehlK4B2LcE6dLAOQALB1_M9i4vp5GYj-ffLux9DvWdLSsij5_SADX0wVY7leSIHpbSUg71xOb-0n3WZTvjjmTnzQryeSJ2sfw76
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4B2LcE6dLAOQALB1_M9i4vp5GYj-ffLux9DvWdLSsij5_SADX0wVY7leSIHpbSUg71xOb-0n3WZTvjjmTnzQryeSJ2sfw7...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODYyNzA4ODg0ODYzMDc2ODQzNzg4&google_push=AehlK4B2LcE6dLAOQALB1_M9i4vp5GYj-ffLux9DvWdLSsij5_SADX0wVY7leSIH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODYyNzA4ODg0ODYzMDc2ODQzNzg4&google_push=AehlK4B2LcE6dLAOQALB1_M9i4vp5GYj-ffLux9DvWdLSsij5_SADX0wVY7leSIHpbSUg71xOb-0n3WZTvjjmTnzQryeSJ2sfw76
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODYyNzA4ODg0ODYzMDc2ODQzNzg4&google_push=AehlK4B2LcE6dLAOQALB1_M9i4vp5GYj-ffLux9DvWdLSsij5_SADX0wVY7leSIHpbSUg71xOb-0n3WZTvjjmTnzQryeSJ2sfw76
date
Sun, 04 Sep 2022 12:26:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 666E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KukKukzu6hPd2k85huY1u4JBv17hYsQehEjJh0yVbfFZzwBIW-Ous6edf1SeB-U-97eB1X
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:12 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 6378 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 16:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Sep 2023 16:16:51 GMT
adlib.css
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame ABAA 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/adlib.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 21:07:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1870
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 21:07:50 GMT
fonts.css
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame ABAA 		1002 B
256 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/fonts.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 21:07:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
227
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 21:07:50 GMT
adStyle.css
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame ABAA 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/adStyle.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7041206683c7b5da4188ef7ed1523815102ac13af21f55c4b04b5fbbe4514ae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 21:07:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1059
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 21:07:50 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame ABAA 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 07:51:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16512
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 07:51:00 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame ABAA 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 04 Sep 2022 12:26:12 GMT
SplitText.min.js
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame ABAA 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/SplitText.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 21:07:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3818
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 21:07:50 GMT
adlibUtils-v3.js
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame ABAA 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/adlibUtils-v3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dfe8853b2397a43e20d55fd377aafeed785c7ae335ed07b4986997b9780f48a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 21:07:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10567
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 21:07:50 GMT
animation.js
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame ABAA 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/animation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f13bc08411a45add285949483ee8ab65001f6d7ebaddcfc83d5b2df50a4cde0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 21:07:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2678
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 21:07:50 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 39B6 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv7xJGspty4zEyke3_g_8XKrqXd0qav5QXFOnrbLqfhjDGZgRlJ4mpN35zRcDErnLEJ6oStWg3xHDOyCJuRPKAhtM3NQFoA6w6D-GurwwpV_04E_P5MGQdWH6ksb588RXvIx0xxpRNpLjw1x7e1tfkJl1xZv96oH3tuV9i2VOSDyUn5JgW0qu0B7TWLUO-KA37RH-_zZLRZFFr2ASt0u1-15i2mTBo15j1P7rlz98ricWPeHeN5RscOf8Lq1_2hwjWBWypxwY3kE_7mH__fRzH3wXuUBadqor_vSh5Xvp4yjYaEF9Ds4Lieu98GGCZGmVekl1lzrOBYFfCje12nOo1BiQRSP3GKPB3-yA-N_1U_wdZTNlgna6U-J2SaHjlJDdIi8r1Miv8onzBtU4WQ6KetoJsOC0E18vJLL4WffInwbNpFTjRfis_cPwYyg1x-DpYdRxAAbLDwwUm1VzWoFJPE82Tsb8mfeFD8G0RoELhVa1Rtu-izBL0hbb8ahi1TEGoksgeoyFupDJfuCXhBAaAi_nQvzz8XoWpyTr8kE4vh-bgVYhRII-e9GA6ujCJFNej9BxTdPBME3RxjtRW7mnz9Y8MczBIjQziTBU-yfFxsX_ky90cIg3lTqgTQrqCA5kYcJEGDyUbAQDRub-Px3MSIKXUz1U4XkajZp2tkmztyiP2zZmq8d0S3nycsX1v_f6ClPDshh66zlnmjpF-m8ByK-6Y4utE2acB8AabPx_2MwplORT6VIxUkF7NSAvzbiAYMbm6KBaAYj3u4SlescUnX4c4K70CEhkYorKQ3YIYRV3HjVcEIHnrS1ILHIidjurkT51aA4QZTtteZBd4SF3fG6r5LcNVEe7shvC-FMCQt4KTBF38VN9pxGgmxLr491GpVUMmKNNiILNkuYqmDtZCLdkn6uyiOVCv7xImokUQTGSymIqREPteZuda9BvIpNgHmYqlnHZ0_XrUc67hyZ3J0DocTab1g4aMUWgOfEmUEiuHAk0u1P0j5O6LdWShVEwK0ZNfH9j3J4ZLEgwePd_FdN5KexZRf_Wqu0NBx3YmGSshfuk28hfI4CCQqeAk0Qze3STQj2qpRmdir7Qi64oYb-kYRcAwHjghAvcPYeFFZ0ylmPVKP-jVsY26nJ3Xd3YHeaSKqBepSrOaSgGDkOMi0_tOul5HYB9wUFZ39ezmIqGi8IYwKw41EbvSAnnz0MfxPNuLJmx3h7kczwB_4RQeZRkjbb_i_AL7RuJHkoS28D5KfiXEeisUKjFNQxH-GFSdkT0jCPAZGN21XC-3pxvgnM-ik8nZq_NBelbj99-6QZVmFKDO1a6-6FpD_TQ&sai=AMfl-YSOSX6vuwfkSwBvr-DYcJlO3Chobf6QUnl6UTTKLr5kOvkNzDHKWpCYPYBtkN_EOkiv_fNpmINo7PFxRS3IyjcuOc9k0_oD0kLOKoyegwM19peVp7hWNXhfSDuIjodwWLdU1TVcoy6NF_TGV4nuB2WHs4VLd6MPGhD5XSSccgweNYZce4FEyDqz3LFwo_7hZ8V_ieA7cFWZeADZV8_7dSm1zSk0wF3hsMRDMOzmUrbwH8iT4N8hlMgnUFRRTa8sKVVLT-CNAVCSE5G7R-Bj14kOe8MYS6tDNLTGiYv-zcJdwtEGPkCFarp-zg&sig=Cg0ArKJSzKtbLgqZwSrmEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=174&vt=11&dtpt=86&dett=3&cstd=83&cisv=r20220831.82607&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Sep 2022 12:26:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame ABAA 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96528311a7ca94ea4f44e16eb9d6ce2be7ac047c7e49b970b050723247e18e7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Sep 2022 12:26:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5678
x-xss-protection
0
4.js
static.adsafeprotected.com/ Frame 39B6
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/886862/62195780/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_ZJkUY4...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:223f:9600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
MbIR9TkejTs72xujqyO6B7CRlRDcZpEf
content-encoding
gzip
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
age
33673
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 26 Aug 2022 15:08:00 GMT
server
AmazonS3
date
Sun, 04 Sep 2022 03:05:00 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
rl5-6PZYQlWrkkWcxb8mEEtlyHNDcWNGfKXhU3drngZd2S3Rv-UH_A==

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
x-server-name
app03.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 2F20 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:9600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
9604299
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
QQKO1v3RY-iRxgyPVDxoCEsjHNEgcZLHw9VLE_ySlVkfaR-RSSd2mg==
dt
dt.adsafeprotected.com/ Frame 39B6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=5f7c79d3-e09a-ddc3-35bc-3bfb8042fdef&tv=%7Bc:nfr9Ph,pingTime:-3,time:41,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:41,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B35~0%5D,as:%5B35~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tgt3MAK+111%7C12%7C13%7C141%7C142%7C143%7C144%7C145%7C146%7C147%7C148%7C149%7C15%7C16%7C171%7C172%7C181%7C19%7C1a%7C1b*.886862-62195780%7C1b1%7C1b2%7C1b3%7C1b41,idMap:1b*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:1513:7870:1516:401d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 39B6 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=5f7c79d3-e09a-ddc3-35bc-3bfb8042fdef&tv=%7Bc:nfr9Pi,pingTime:-6,time:42,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:42,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B36~0%5D,as:%5B36~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tgt3MAK+111%7C12%7C13%7C141%7C142%7C143%7C144%7C145%7C146%7C147%7C148%7C149%7C15%7C16%7C171%7C172%7C181%7C19%7C1a%7C1b*.886862-62195780%7C1b1%7C1b2%7C1b3%7C1b41,idMap:1b*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:themorningtribune.com*&br=c
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:1513:7870:1516:401d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ Frame ABAA 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Sep 2022 12:26:12 GMT
pd
u.openx.net/w/1.0/ Frame DCE8 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 04 Sep 2022 12:26:12 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4C08 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
27455
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 04 Sep 2022 12:26:12 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 383159
X-Served-By
cache-lga21978-LGA, cache-hhn4082-HHN
X-Timer
S1662294373.861099,VS0,VE0
sync.html
cdn.aralego.net/ucfad/cookie/ Frame DA09 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
4923
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7456b656693791ed-FRA
content-encoding
br
content-type
text/html
date
Sun, 04 Sep 2022 12:26:12 GMT
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ag7s7dvewYbmFccLbNceu5qsyy6c4OVu%2BDH7s6bgN5CWNMP3yLZ%2FqBzqerC24vgFAuz11yfKC9xI8%2F4wFS%2Bi5xwhpgMDj4TumfXh7vxPjAnFuSuPylrIhICC3y%2FPs8VjQEFayzyQ356B3bx%2FZA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
dt
dt.adsafeprotected.com/ Frame 39B6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=5f7c79d3-e09a-ddc3-35bc-3bfb8042fdef&tv=%7Bc:nfr9Pr,pingTime:-2,time:51,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:424,beZ:426,mfA:428,cmA:429,inA:429,inZ:432,prA:432,prZ:440,si:444,poA:445,poZ:461,cmZ:461,mfZ:461,loA:467,loZ:469,ltA:475,ltZ:475%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:51,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tgt3MAK+111%7C12%7C13%7C141%7C142%7C143%7C144%7C145%7C146%7C147%7C148%7C149%7C15%7C16%7C171%7C172%7C181%7C19%7C1a%7C1b*.886862-62195780%7C1b1%7C1b2%7C1b3%7C1b41,idMap:1b*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,sinceFw:30,readyFired:true%7D&br=c
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:1513:7870:1516:401d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6378 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpAitZJkUY4jsGb2W9u8PtM2UuAoAAAAAOAHgBAI&bg=!mZqlmt7NAAZTikH4c4o7ACkAdvg8Wn2a9vFUxERD5HKwSaFqPgFBvo_iRHSf5689n6BkoyECqWp8-gIAAACRUgAAAAFoAQcKAD1rTdEzJl2bzvor2s3Wy0BjrW2CZPyrLhoRFmliM_dg1vXkZqhAesO7YJWZTUt0FNjwvrNqFpK1OBb-VJy2mQLqizP-867m4TnHkz7pFi2CFDliRCR_87IOCsdgAn7tow5teoMfr8uRNGsL6WtC3Qn6xAw9bjd4gV0Qrtcz9L5N_byXvCjOEk_eCvk8wrRY4kGGmTKC9qNGb2nQgiDmXAmRTKog7Z9EH7wj2mXZuCzzHjnK97tCknF3j3VxuUOasCP1w0qijxIZiqD0rAU0DCZ_VunSH_hFNxaC_sh9My6HiGiT-wjYuyoBD-oJhJjNTyXtvVN8SPoExUC3vP-7mEmRlqlq7ZqVLXhJTH5LthLIZ2R2thPyqBh_hV5qC84lmaa4CJMq1o-ftKh2HdHo11oPXkLRoecdtfnFni49Db6lW13Pe2_1mpThxoVCyRIH7mEoFx5fV0ZFGpHBYQOqf9D-_ATLZ0i6fA6_IML9fOoF49QtsUUfe2LDarLb1Rhq-XyyGnadtWE8pjkL6vP44tpmwXZ_d_IOYTqKB-LAuR4fcTX5M4lSEQ_4N5XDl70_OOvDnCsTnIvqcUTac0gZz-JZRtO6SKTeepQjdtW9xDD-FOnVSUswvXMJxkRCC6VwgvJwKqa5PNZR-EI1cgRfc5yWDw9VE0Kth_YXpJMPKB9L5VMSZNEGt5Yd267S4EiqtB00EuP9h2mcVy8Sf8WT2ZyFdjCyL4rwY6Eo1FnsUm8q8DO02lsdT0zzMFr9EPdmA7EMDhZ7Gp0e6_1VU8IbVyi2J_cS_4WU8lrag9Lew-G966VjQwgPRkJ-bVUSqGPeDl6DnfdUze7nFbI1lWdtC6uKvqSTRS_uQ2oYJu8AIOZGyPX2gWuPWouRZvLEphiZD6MITQcsAOyeV4MY41bNcz1ZBGWPno6oS4BrTQRHGXuh-GwCE6n0unNaYA1kVy_Fzcr28XHPl_57wcjdF16Dg1VqbXFUUMwUVCzQs-1VFe_sm5-UmEP3TcNuIo9guO_wGmtL12RWuGzcE3bOE9lA-b-c0HmAmkHXnHFgXw5ObYZD-Le2xCHKns4IBPs
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skyblue.png_1650378740125_skyblue.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d4acf923678c6222aa94/original/ Frame ABAA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d4acf923678c6222aa94/original/skyblue.png_1650378740125_skyblue.png
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
802a0ac9c835c0add64067c222d71b52bff0f5cfaafe4b673b1875a68ffaabb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:05:48 GMT
x-content-type-options
nosniff
age
260424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2050
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Sep 2023 12:05:48 GMT
Pool-Boy_NoSmile_Ret_72dpi_290_37_0.78.jpeg_1652778014080_Pool-Boy_NoSmile_Ret_72dpi_290_37_0.78.jpeg
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/627516dad8cd7ef2f7d5875e/original/ Frame ABAA 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/627516dad8cd7ef2f7d5875e/original/Pool-Boy_NoSmile_Ret_72dpi_290_37_0.78.jpeg_1652778014080_Pool-Boy_NoSmile_Ret_72dpi_290_37_0.78.jpeg
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8295848601a45fc6ff78a90ac4d35396851ea4411b76a06feeb357ec99a37bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 08:00:11 GMT
x-content-type-options
nosniff
age
102361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25127
x-xss-protection
0
last-modified
Tue, 17 May 2022 09:00:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Sep 2023 08:00:11 GMT
gradient.png_1650378740125_gradient.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d3c7f923674455229a97/original/ Frame ABAA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d3c7f923674455229a97/original/gradient.png_1650378740125_gradient.png
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64ab062a2a4d62d22170dd14c4a3a566632d1ebf476ab80d27c7c81901209e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:05:49 GMT
x-content-type-options
nosniff
age
260423
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2035
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Sep 2023 12:05:49 GMT
baseGradient.png_1650378740125_baseGradient.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d498f923672aa622aa07/original/ Frame ABAA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d498f923672aa622aa07/original/baseGradient.png_1650378740125_baseGradient.png
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e16d841b1486b5bd9c69a543084e0f558463ad9bd7ffd8791301367f8a849a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 08:00:10 GMT
x-content-type-options
nosniff
age
102362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3232
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Sep 2023 08:00:10 GMT
blank.png_1650378740125_blank.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/ Frame ABAA 		91 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/blank.png_1650378740125_blank.png
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 08:00:04 GMT
x-content-type-options
nosniff
age
102368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Sep 2023 08:00:04 GMT
icon1.png_1650378740125_icon1.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame ABAA 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/icon1.png_1650378740125_icon1.png
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 08:00:10 GMT
x-content-type-options
nosniff
age
102362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7071
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Sep 2023 08:00:10 GMT
icon2.png_1650378740125_icon2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame ABAA 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/icon2.png_1650378740125_icon2.png
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 08:00:11 GMT
x-content-type-options
nosniff
age
102361
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5901
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Sep 2023 08:00:11 GMT
icon3.png_1650378740125_icon3.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame ABAA 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/icon3.png_1650378740125_icon3.png
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 20:10:29 GMT
x-content-type-options
nosniff
age
317743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6126
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Aug 2023 20:10:29 GMT
logo.png_1650378740125_logo.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame ABAA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/logo.png_1650378740125_logo.png
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 08:45:08 GMT
x-content-type-options
nosniff
age
358864
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3423
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Aug 2023 08:45:08 GMT
logo2.png_1650378740125_logo2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame ABAA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/logo2.png_1650378740125_logo2.png
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 12:05:49 GMT
x-content-type-options
nosniff
age
260423
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1701
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Sep 2023 12:05:49 GMT
blank_-149_-124_1.00.png_1650378740125_blank_-149_-124_1.00.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61813780cac5bddaebde1d40/original/ Frame ABAA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61813780cac5bddaebde1d40/original/blank_-149_-124_1.00.png_1650378740125_blank_-149_-124_1.00.png
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d38edfdaff5a3e6cfcccd26f9eed468207f91adf8833e2dd28e8660035492ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=z58vW8Cy1q&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 08:00:10 GMT
x-content-type-options
nosniff
age
102362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1923
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Sep 2023 08:00:10 GMT
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame F3FA 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 16:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Sep 2023 16:16:51 GMT
async_usersync
ib.adnxs.com/ Frame 4C08 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:12 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
10b308de-b0c6-4558-a63b-099421a08d3d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
idsync
sync.aralego.com/ Frame DA09
Redirect Chain
  • https://sync.aralego.com/idsync?
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/f192b9d2-4404-381a-9804-43b3213d40e0?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-FlSL80JE2oWqJmiLOyh1VSLueNz0nenNtPbr3rY-~A&redirect=
35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-FlSL80JE2oWqJmiLOyh1VSLueNz0nenNtPbr3rY-~A&redirect=
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
HTTP/1.1
Server
192.96.200.41 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:13 GMT
Connection
close
Content-Length
35
Content-Type
image/gif

Redirect headers

date
Sun, 04 Sep 2022 12:26:13 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-FlSL80JE2oWqJmiLOyh1VSLueNz0nenNtPbr3rY-~A&redirect=
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
gen_204
pagead2.googlesyndication.com/pagead/ Frame 39B6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=pvtw&eid=ZJkUY4jsGb2W9u8PtM2UuAo&p=ias&bl=0&twt=391&st=276
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 985A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202208101343/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:10 GMT
expires
Mon, 04 Sep 2023 12:26:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame D034 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO67DRDDrPv5AhjRzZrPATAB&v=APEucNU5sIyATYTCZWFtoNsGVsxrvvH6R4XUBorS9l1jh87S1h4nLtExDAbapf96q3g9egbunVd94GN1S4mavZsHz7eXfGjQBvtNSgqKBWfhwfwdEyHK6Mec3GDzQ6rwdcjrH0xzRz3iIK09pX26FiGhEFqiWOZoz-iNMfJXnkzWIfd3BCWkRv0
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 985A 		81 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DFHlpbLXRKHsfMPRLebhygaPqIQlv68cdLysiQc9wlbf3USbQrmIheAdrxueJWqtBzmOd2WPc-COZEKTeJjJhkMc5aEw&cry=1&dbm_d=AKAmf-B7mbw7JqyJx9_W4CINhTFcFQ5SxVeUOMdBOwv1ehXl53meqJRU5uUs0tTCJiju7900z-OkRsAcQvSD1IBYzqsvg1P-uhiQ2B-VguCYpvkD2681ypuzCgIRjOX4CCsPAA3dN4E1OdFtblrZo2l1A7scCSk65A48wqgLoYLmtXN4qqXWqBuJO_kRLFHbNr3kDZu2mknT9z_eOgWaLJSlyEabw3nDcUCfkRGUFMjyO0rzDNCCXnvQLgHs9_bTGJcyCh7Ow1WXsqiybaRYeDplLL-4xM2QppfZN5la-SPiMcbWAXTZPlMtmbP0snMMg-ESzse3_xrsM4NmdA0XRew-hM_3ZqW7TZ_D_hc0iNyyD88-Kn2Y9uo3fT55_INb7llD5TDjkfrlO0B5P7rgmeZcXaHQwGYexEkW5_JZNan3xdTlBMdsjCEBk7p9VitzLddU77SG14Z0h_Wlrz8S7KRpd_FE68bYL6W-LVehBLzvTW4Ic9sxewW7Ta25k5oF2SnWLSLD7d1MolE6xlmXG8UQZOtW3WWZYhrAjT3e1FPTB2pVrsQXc7KNS88ef-5GY-A9aOu4_KMTIQp9fbJD_68ppaAadA0IHYI8X--HbwOkiVUq9Lqy6GMN1X-Wtwl8eAhMZUF6wGv9wCWM16oGuoLhgF8PyW6346U0XSPkrYdFk6tv73j9BW2NUeuMRSziws8yoPTJWDgewBrbeJNcmLKebC3464lQ00OaKKJ0L8jSoRg-et9--LCnflf86_CbrgpDT-xXJ-VwOOHKhg6fK3pGWumYx2TJGHfFWEUaQVZJxDfLPo3cS5t4pjI_ZME5y-boJTKxZLlDdM-2ag2z540cIacXtJVV9cUtFPIzXLUd7t77pgYRn8H1pKJpEAjGm3IzDEqSkmHqTkg_GIsQjgilLypI8FZzVstqW8N0YnzxIy4qheIPqHUmJ_rv-03FXz6uDoCHA4sLpfR6VY1xQsPm5e0wv1ICzNbSHF03hZ7LIbD8RHRbydzb4EuA_bVoAv436qq7HU9rsDhJKXQZ-5XuTMAuxfOYcBXpTAb2iYGkSnE6O8xkWtfulK9bXJFV9LHt-xNKA2Ny7E42uRWHrwPkW12nuKxijaHQRqMQV0TiQmTUU8vlLjLmZZS624eDO7L-cdPGgjZ4vU4vYxTRBCDo8wwWAqrVXbsn9nbzYPlm6qMDD3JOG-0ry3nI12eZX8ZJokCQCCU6wrX5hNMD16NMmJqF5JNVNX3YyRwatbm7ezT2RLyHfktjjl7h8McgcwI5KtFJ2tyWp6vt08QTao2xPqKlVomDswAKxRBMxvPZULkID5FvU9u9pP2RDnjps3LwI_EmE_tLOdwmW79-quVVJLFrzZAx63NUg_94kLmooRYtt9EhYKfMxcgq3FP-PNKYxPMkqhbSNEKr4Sj3H4Qk0hVq3bHoDCQrOFCvC2mk3dB0TEWrWYUOd_dDeJWhRQTprEt_AwgfabjOR0oKut59fvlAtMPyJK46uxdl2mO8ZADR0ubIYZzFdWsRE_XHe_FgRCX4P4Yl3UFMwW3DzfBTg1KCLqcIOMid53o0_iB3T5Ii0PK6jRJKKAkktLp82HmqWwdpCWfWWihxbRdzcJZIW2p3cmTVx0HcusVWmSIjsjAJHMRbcPAhtoLWCjQRDtJTBq9PifxNGb7rrE1DDIG6ZDnx3WP6GfZOL3ygXjYniAH3etFkobPK1S0ZErr89AU5K6KBz1mCjTzSpDgsFuAZTxfHVqG3oNuh-dQ3B8c_rKxhsv7jraHx5FoCqdI9UithXRB_Kjtse2ATmYX2WKj4U_pg3pm3Abg8J0PJiUDP2kifYQYgn5i93Hzs2SuMjf7j-TpOk3U0-LuDTQPFl2ifn6OOkiAIqs2hmAswzlQsF1_KuR0PZb96cSDFP2TETZ6WsF0D9CPcMQ_qvZz53F3iU6jf8jmilodaDzTG5bgRU5eoDk1NaEVQiXwe6u-RhWqqnAKBCZ34fY-OCk8hpaUn7WmaFY4wOQeSWUYUR1KF9MtXCgF7DO10AGqZv9Rdfx0lHrjnycK5ORqVRDsoLeuyuZMnMreAdLwxJJNAoEY2kMjF3pudiSNhKOFq9qclr6WSbM8XFVh9hHsDcnMbigEQta1X1lwOgNC2LLkwqxBh1DDbez-XvxJqWdqGubuGmQpU7tHVM5jkOj0MhtianjwsyTXxxreaSxqw_DvkUjIKkRoiWZGuNTP2--rygAg_JxF6hvnXv2qAr2YvjD7e5fxqwFh-WNU9Af85DqFNQ_pzkvSzjOt3kc9iE_RJoqvfVpfoBwQRZXlMwO1fXaIE1mspHFfNCq-bGTtYWFXgHPG2kdWxdUg64qY2uYptV-jOmZE0yGmG1B_Em5Rn7HFkl8_0MSfoK_tfPrOdCCoRQnCZd9AV19UcWByfFMxp0VyZPO-F364i6OKjH7QIWJ88ipJmk6c6KJu0ezYB3ckFqZq7XiGaomydoakgDC3BeatUy8F5RhE9IcvkqTgSiheABajRFE2BSzHFC4qNy3YdTIlmyxVa8p4O84gR88pYNiNd0sKUduBuXR6o-mL1d8joX1ej9CdH51Gz4XOgMWugTsyNctUSY-SEpGjgZCKFFerupStU-AjyuPBB5TfTMCiHEPsO1Q9s6iEjAK82pslvLahQe24rPCTFIPHEUPwmyw6jVq6cd_kP8_Wv7Ml7I-B-aDI0xzP193H7itVJZCfIzPkSrchrxVOI9sbQxFUYaLP59-pxh44ZRlZn_Wli7E9ac62fsnyKUGdg_vuZc174MXWtXErImNOtAfs4LmiixDAT99zMRRHtlB3FxZ8q1cp4ha55Pa8DgnYe0ACKk2xZa44hrnFLCjpYKr3qKpxWCWQIJcg6-2daEqfg0dz9QxpOhhFvKm6jrVTzScqZ7V8J4UZLpKXfpB7NuQtZfOQtf-wR8lV2Zu3MdUij_viIReHMTI-_6yTEuhClLsOOUpEGD2GKBPkGQnt42gZHsR8E0QbItB5QkxZhY34AHzwxEc2RqAWHAvUODswQcEucxHHhv6M6G144Xctl6Ab-YQIvCm32DJn50m5ljH6CtJBVfAolW9HqqAE8oASDjybh7XVlwm-Gw3ukiAHmCBdDtfn0q2dXpvZJXLqaHvghFz9mduLakiklPM9AKCYhKAtVwWARRkrx9pmSj41-lKlxP56mwIRbDwwQfed_kr8r1WXHzdpuaA7zvDs1R6hPIfzKwYsd6cJNPB27ZlVMHEtIn8--LbEjZQtc9PNo2NCHDgU44Hsfkue8pvNK49SuTlSQ_V47Czg-IZNCeb_CbnofkcAiOr1T8E7bF2KpD7xEaoizeoE7j_Lyc8fjIJJ-XkeW6r1oaPojgLOAUMUI7ToZgyKREtQ0EJy9I6QpBDCa&cid=CAQSTgCsnQUxMmXWX-kR7wMV_p8fWwZXINVpwZfJQOti7B2a7Da_ps8znlAzlWg5OlGeDlWB2e2PI0Nc2vhT_hquuxkxNVRdTJJbegIeI38j0A&rfl=1%2Chttps%253A%252F%252Fthemorningtribune.com%252F%240
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8c2580defe30b3c580e86b00aa3b9e7faab8150d936b2fc773e8b3a93facd80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34797
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 985A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BO3fEHXd9T9md0eoXDtHJPbuPA8iCCyamdp0ymtb7FnO2LrSCkr4LqYIz-vza5kMwfHPlm0s2B6aI9opO6Ryi9rf2eqKQhQEgMqQFZzeVyk1tkN4g
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 985A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:10:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
941
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:10:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 985A 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Sep 2022 12:26:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 985A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:17:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
524
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:17:29 GMT
l
www.google.com/ads/measurement/ Frame 985A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxl62FS1hksxY2ni_e4TIjkrYLnBR2DVIMt4pXSiL_Hdzrkswv3AXC0HCe4rbOz-PgKqpyQfbeFJpEV9Rkb97KJg0tCQ
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame 985A 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzI4OTYyMTcyNDA6MzAweDI1MA==&v=5&s=v31gc47ecmj&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsMjI3NDE1NDM4MDgvdGhlbW9ybmluZ3RyaWJ1bmUuY29tX1dlYl8zMDB4MjUwXzUiLCJ5IjozMzA3MjIsImNvIjowLCJzIjoiZGl2LWluc3RpY2F0b3ItYWQtMyJ9fQ%3D%3D&sb=undefined&cb=8544636&h=themorningtribune.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6STRPVFl5TVRjeU5EQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODk2MjE3MjQwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.15.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-15-154.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:13 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
csi
csi.gstatic.com/ Frame 1D5C 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l7nb5e9u&c=7449787042808&slotId=3724893521404&qqid=CNyuhoyR-_kCFU2L_QcdYQoIeA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=959&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220829_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4003:c13::5e Tulsa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 985A 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Origin
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 07:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16517
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 07:50:56 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 985A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:03:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1355
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:03:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 985A 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:24:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11778
x-xss-protection
0
server
cafe
etag
15541287485089275602
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:24:33 GMT
rum
dsum-sec.casalemedia.com/ Frame D034
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAYjBGzG7-ieXtZoyC5K9s&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAYjBGzG7-ieXtZoyC5K9s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO67DRDDrPv5AhjRzZrPATAB&v=APEucNU5sIyATYTCZWFtoNsGVsxrvvH6R4XUBorS9l1jh87S1h4nLtExDAbapf96q3g9egbunVd94GN1S4mavZsHz7eXfGjQBvtNSgqKBWfhwfwdEyHK6Mec3GDzQ6rwdcjrH0xzRz3iIK09pX26FiGhEFqiWOZoz-iNMfJXnkzWIfd3BCWkRv0
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
7456b6588f6dbba1-FRA
pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5gkzRgzjPeGQ%2FWY5mKN9UlJVCoUIWyYXuaWRAozAlJsmVAM9tY2Hdlj023t02kwTsZl1jscxuXn3Vqf3hEQYQWZE42vMoM3umcgtlCOQy86bcZGMM46I39jhCwzrgsH%2B9VwnlDg5%2BH1Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAYjBGzG7-ieXtZoyC5K9s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D034
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxSZZAiE3u4nycGt74TO.wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAYjBGzG7-ieXtZoyC5K9s&google_cver=1&google_hm=2
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAYjBGzG7-ieXtZoyC5K9s&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO67DRDDrPv5AhjRzZrPATAB&v=APEucNU5sIyATYTCZWFtoNsGVsxrvvH6R4XUBorS9l1jh87S1h4nLtExDAbapf96q3g9egbunVd94GN1S4mavZsHz7eXfGjQBvtNSgqKBWfhwfwdEyHK6Mec3GDzQ6rwdcjrH0xzRz3iIK09pX26FiGhEFqiWOZoz-iNMfJXnkzWIfd3BCWkRv0
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
7456b658efdfbba1-FRA
pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlHrU1do%2Bp%2FLTVJ4H1hxFJNoESTDHowiRqRdbQUOHRm12cjVOc%2F21bdx4FHUTyVCupmw%2BUbKRJaGNaoSnJ7Bt6xvJ%2BGrTpcC9gRaaV85Br8T99GoMmYPcYcw6MwDVx0EGwa1UwARWtgoNg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENAYjBGzG7-ieXtZoyC5K9s&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D034
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENn5JelxuFDU261xhW1FsOk&google_cver=1
43 B
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENn5JelxuFDU261xhW1FsOk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO67DRDDrPv5AhjRzZrPATAB&v=APEucNU5sIyATYTCZWFtoNsGVsxrvvH6R4XUBorS9l1jh87S1h4nLtExDAbapf96q3g9egbunVd94GN1S4mavZsHz7eXfGjQBvtNSgqKBWfhwfwdEyHK6Mec3GDzQ6rwdcjrH0xzRz3iIK09pX26FiGhEFqiWOZoz-iNMfJXnkzWIfd3BCWkRv0
Protocol
HTTP/1.1
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:13 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
ccc05377-2437-4c79-a0a7-4da1322230c5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENn5JelxuFDU261xhW1FsOk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D034
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyMTA3NDYxMzg1MTI3MjY3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyMTA3NDYxMzg1MTI3MjY3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO67DRDDrPv5AhjRzZrPATAB&v=APEucNU5sIyATYTCZWFtoNsGVsxrvvH6R4XUBorS9l1jh87S1h4nLtExDAbapf96q3g9egbunVd94GN1S4mavZsHz7eXfGjQBvtNSgqKBWfhwfwdEyHK6Mec3GDzQ6rwdcjrH0xzRz3iIK09pX26FiGhEFqiWOZoz-iNMfJXnkzWIfd3BCWkRv0
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:13 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
a57ba9c0-d932-4a2f-b1e1-a7395e26e6a8
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUyMTA3NDYxMzg1MTI3MjY3
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 39B6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=5f7c79d3-e09a-ddc3-35bc-3bfb8042fdef&tv=%7Bc:nfr9VC,pingTime:-10,time:434,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuNTIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1662294373200%7C%7Ca4d8db5cda4065c3dfbad6680de847ad%7C%7Ca3eeeeb410530a2973f34b9badfd9b71%7C%7C4b52c18f0077fccd15d5fd7ac443e16c%7C%7C2192bb9f8e14ec552f43125c711fcc1a%7C%7C5c656da6e79753cdf9f672cade51f353%7C%7Cfb2fc59b94cec88c7e254e438a5f0624%7C%7Ce4f10b79330c5cc00e8203f4f0485b91%7C%7C1629390669,im:%7Bpci:%7Btdr:347%7D%7D%7D
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:1513:7870:1516:401d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 985A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 16:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243413
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 16:49:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E03A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
83458
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:15:15 GMT
etag
48472445140208031
expires
Sun, 04 Sep 2022 13:15:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/15847332698834868346/ Frame E148 		71 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15847332698834868346/index.html
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f78574d63243e74b5ab3a146a9e8af93d2deac45955097e9ebf4e4cc09b85d2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
287642
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
18680
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Sep 2022 04:32:11 GMT
expires
Fri, 01 Sep 2023 04:32:11 GMT
last-modified
Wed, 11 May 2022 14:21:19 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 985A 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsveB69fa8_KJUTS0Z69HYBR4N1cGLjl9Q4qI1YGHZBiDG7IIORuDDXUW5iWMFNdvF6wYZvzU6Nhyey9i8bQ0Hk-MFrQZD3cV3Bjma0AUg2Xic5xQ-qvzfMyQeS3SiPC9Ra1c4zYIRSJEDNTZ3pzblSeyDxbV0ne79W5UhsTyqdzIyt2UqgOPZX9YMMn3sF49weGZ6rjiveNVwxiKx6Fo67CWnazjr5--gkyO0Cx7wllUaAuRjx-RqXK4vsxbRmzBQPg3Q7UOAYeVr0wsWJtqQhOTnoI8FGx1BOaRzLst7KfGRz0_EVUPDrOGkxsBydqbo_c7yfH0OTlwLwwB-lemodBY1vZiPLYr2prU18nZAudTo1zUsOH5yqgiAiBB6njTKFnkrkaH31EsOqG_gVD_No2Z7kuFy93EGdfKxdDy5boyHI9cTxUoiK9ZhQf1x795rkHa4oy6dBrTfS_JTOvTwVTdZjfPEOFlMDgZ8-oQwWkSPlIR6NsgTQd-WJIbZtBnIJDQWpscUESUJwI55o5qoMNVMinylixTIxHc-eln56gE7X_Xm7QnHQac8-YKdq2Qtczl3MMF96RGBrQFxlsCIOTHdztrlJ4GEeyUS1ASXyICN0GMmun2Zm5aKhLPtFP_7zgAmS1m4p8XaQ1oHuXRRgVIVcaQQ55y3QWgDW62ITViOznnQvP8TCsCXzAKG7FhQUjQ1QjR_KXIAo60FeMqZHGS-YgxaVCtp8ZAyUcnlaJ2fRSutlkBDkrt6eC7Hw-9kh18zXgmDf0VsLNbFpNgpunjlz0rQAhTkxIURVjQBXqbfaV7w705BLaJ1NOplOEpd6judKJDynsKRWYKZH5MB1PSd3TlAvDCMKBAZzoS8Op7AJEXMk1TFo7Ru-Wm9mv91Mj590g3Vz_aSPdhVwlnz57KKfm57zljB1LjgpkwUcPxn2hWHrK497Dyy_tOLIh6ipD3GECriYajnuPwbIRBR5gHAUoL-CDcEZtZ-d0hKys2YGgzc47CCU766z5AlcvyZjot92fSctIspv8HM6Ic6u7ake1NUCjdRHdYtvZ1gOHma4LHUcOSOh-dKxqodB_OnzkSxFkzZGgVouH3E2ekU6dg0oKn0RLcXczurwzZpk--HkgXTc-VgYygLfWjgWDprtefQSYAXAr7vaa5yHnuMKtpv2jD4m6JX6iUpstmY_XyuODg9mO_ofWtyKcmhWgkBvYdTHeqFSH-lU6epK2GD1SGK6o2gVHvamcNdXwu_6p7OG7rglmN0ij99PbkpXgigujlCsnvF6D7Gwzrl6d2uJxZkeb&sai=AMfl-YTI5VMIL7QucJASQDoxKKfe9--Ea9Dfc-yzVsucm2w1gexyudyl94Nvysy1PDiq4rlaGryIHWndknaqOnAFlL7yJlSNMnz7SOQq3hSL6gEF_V4YKI6Nc-JM1yALt4e_KoEq2oKK3dLgPBxKVGOPKwd-5M0QlhCfCQQQ93WZUGeHGo_A0ao87fKts4pYqIP-tVub1VHAcgfJ0PAlxsyFI0FaXr2Kr21n6gvF7KJDubM6Zgjcp5b5ZgIS2A3e50H9jwFzdrAQEo0qPi9s6NR4SVS1uG4yHb3ycmJLho2R7WHBpiPz_Yp9rimFCA&sig=Cg0ArKJSzNeyDxMI5UJtEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=92&cbvp=1&cstd=90&cisv=r20220831.38782&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 04 Sep 2022 12:26:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 985A 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9ff7c4755b869306aa56116dac5780193c9838937884a09979d404aac5f613f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
container.html
7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 10A6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202208101343/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:10 GMT
expires
Mon, 04 Sep 2023 12:26:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3149 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
243413
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Sep 2022 16:49:20 GMT
expires
Fri, 01 Sep 2023 16:49:20 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame E148 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15847332698834868346/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15847332698834868346/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 05:27:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 05:27:08 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame E03A 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKZIsXYjNNeGg4iLtjo9WoA&google_cver=1&google_push=AehlK4D6qspLfm8e4uwA8reol1mUax9MdgaVkzeHPmLdZXFZQdLQQrQ3F_MxEZGwhCzpbqMzmXpud4IJR-o2M0FtqpGnpAQgJvqS
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame E03A
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEB-EzJJJrSUui6wCgogr7U4&google_cver=1&google_push=AehlK4CcUcvCR7bXckJ-MM1VMtU0YFDTaSXzjyYgGV7xqylIFpPpEas6SgPFezEIrFmVACIHyKXP7H3KI_LLyqrkqsLMim9PZUyR
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=684E4E10DCF44ABBBDAD423F15344769&google_push=AehlK4CcUcvCR7bXckJ-MM1VMtU0YFDTaSXzjyYgGV7xqylIFpPpEas6SgPFezEIrFmVACIHyKXP7H3KI_LLyqr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=684E4E10DCF44ABBBDAD423F15344769&google_push=AehlK4CcUcvCR7bXckJ-MM1VMtU0YFDTaSXzjyYgGV7xqylIFpPpEas6SgPFezEIrFmVACIHyKXP7H3KI_LLyqrkqsLMim9PZUyR
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 04 Sep 2022 12:26:13 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=684E4E10DCF44ABBBDAD423F15344769&google_push=AehlK4CcUcvCR7bXckJ-MM1VMtU0YFDTaSXzjyYgGV7xqylIFpPpEas6SgPFezEIrFmVACIHyKXP7H3KI_LLyqrkqsLMim9PZUyR
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 03 Sep 2022 12:26:13 GMT
pixel
cm.g.doubleclick.net/ Frame E03A
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJfSJuPtriM8im-69zMv7Xs&google_cver=1&google_push=AehlK4AyFclnzAIjFKbVdMyO9fhzgeeq7rcek0ocflVQjOXgDs0RYp97GtRhWlHBALbxw9qOsSQS28fXwO2rYeoO...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=abluBUnHQzmgu2rwvKdjCA2&google_push=AehlK4AyFclnzAIjFKbVdMyO9fhzgeeq7rcek0ocflVQjOXgDs0RYp97GtRhWlHBALbxw9qOsSQS28fXwO2rYeoOhqMlVlVwInQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=abluBUnHQzmgu2rwvKdjCA2&google_push=AehlK4AyFclnzAIjFKbVdMyO9fhzgeeq7rcek0ocflVQjOXgDs0RYp97GtRhWlHBALbxw9qOsSQS28fXwO2rYeoOhqMlVlVwInQ
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 04 Sep 2022 12:26:13 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=abluBUnHQzmgu2rwvKdjCA2&google_push=AehlK4AyFclnzAIjFKbVdMyO9fhzgeeq7rcek0ocflVQjOXgDs0RYp97GtRhWlHBALbxw9qOsSQS28fXwO2rYeoOhqMlVlVwInQ
x-host
tde-deliveryengine-production-6768b6476d-5rr96
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame E03A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHkHWuM7K92IxrQDHs8piu0&google_cver=1&google_push=AehlK4DucrENjWo_62Pa94Nn9BEX2I5T_3MwPgH5Z4_dNSXdWIEoFOdC9lyXm2s4dNEMgkHSWyEdZRPrRrZWuWXJ3WgjHBO...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4DucrENjWo_62Pa94Nn9BEX2I5T_3MwPgH5Z4_dNSXdWIEoFOdC9lyXm2s4dNEMgkHSWyEdZRPrRrZWuWXJ3WgjHBO34zs&google_hm=MzMzNjAwOTg1NTU0NzIxNDA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4DucrENjWo_62Pa94Nn9BEX2I5T_3MwPgH5Z4_dNSXdWIEoFOdC9lyXm2s4dNEMgkHSWyEdZRPrRrZWuWXJ3WgjHBO34zs&google_hm=MzMzNjAwOTg1NTU0NzIxNDA5Mg%3D%3D
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 04 Sep 2022 12:26:13 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4DucrENjWo_62Pa94Nn9BEX2I5T_3MwPgH5Z4_dNSXdWIEoFOdC9lyXm2s4dNEMgkHSWyEdZRPrRrZWuWXJ3WgjHBO34zs&google_hm=MzMzNjAwOTg1NTU0NzIxNDA5Mg%3D%3D
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame E03A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHonjw-Uu-any0XwPwG_o1w&google_cver=1&google_push=AehlK4BWtZl66-UQEbvXFdsSeDpyeU5K9kN8zatHtcG7ealm7d4zPp0OELu2D5ysffxD-j57FKJ7WUov...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDk0MzQ1NDMxNDQwNDAyOA&google_push=AehlK4BWtZl66-UQEbvXFdsSeDpyeU5K9kN8zatHtcG7ealm7d4zPp0OELu2D5ysffxD-j57FKJ7WU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDk0MzQ1NDMxNDQwNDAyOA&google_push=AehlK4BWtZl66-UQEbvXFdsSeDpyeU5K9kN8zatHtcG7ealm7d4zPp0OELu2D5ysffxD-j57FKJ7WUovxHWbG8-ThQjf6FoFGnsa
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDk0MzQ1NDMxNDQwNDAyOA&google_push=AehlK4BWtZl66-UQEbvXFdsSeDpyeU5K9kN8zatHtcG7ealm7d4zPp0OELu2D5ysffxD-j57FKJ7WUovxHWbG8-ThQjf6FoFGnsa
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame E03A 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESECO2OXtr-3Miz0K2wEMzwZY&google_cver=1&google_push=AehlK4ATWrJwaW9vqlWCXgQBkd0nLnypqvhTjazTkRwgzOO20XaE9Okj4Lb40DANJDaClWNBy6hUZZ_EIROEUUQGhgJgL08GzGk
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
0sdnef2cc4mjggdl3lbfi3jgcghq1i9s
/
onetag-sys.com/match/ Frame E03A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDbF14GWhOYLtOCqBl8jtp4&google_cver=1&google_push=AehlK4Bzuj5dE3ZQlyFqa3mTVH0LGJUVvYUaohhNMt8z65nyXbJvEaAElCnQ6ssGowVt8bDvd47Wg0Uf3eN...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4Bzuj5dE3ZQlyFqa3mTVH0LGJUVvYUaohhNMt8z65nyXbJvEaAElCnQ6ssGowVt8bDvd47Wg0Uf3eNzHMAxz7KDmbDqyvO8Uw
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E03A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LsmGFjZ48t6Bh-zi7wBQjtkAxSt6sg7cz4cg9oj6BS20bVg9v87hI3dTOvpR1IhTOJLhXDRg
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:13 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
googleads.g.doubleclick.net/xbbe/ Frame F846 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNWSVBCl7LQCGNCP_L4BMAE&v=APEucNVp4VaoHKFLThEfJbFdt5fp7QkywMqVl3Omx_ExOaOCilHPg93oUUlkeqBhAiueW-K5e-RWI0rBfH5QvfZ4OMvnBteFcBDWUnHDaxbXpDWoVxJa4deLaznG1aK2FRyxNa1oVXZEFZk6qxJ8cDJ8JtdQRTp0_zr8B_4-FeVHQDhBhiH-ykY
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 10A6 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJ68DXaO8_euW85l2FT9SaEn_E3DtQVgHYVkjo8fTkd0fVG163J5CU54CXpbCsroPHPcAatWIxyqOC5wjaLSb4Yxbq3g&cry=1&dbm_d=AKAmf-D1WG0RicoVZM8UpfXxwBCGQSEqq_X9SrnrQG-cwPdFPIrOQYNKrvxpjCgF5YkNkjB-H6sqxz3Vm_EzLObYVXbej0u6o184tlW_XMdLVR66sOD60Eb-4wtat_3_pBraDSTHXqohOraNJIFNVpz8CsecpsBV0PQtMikpQ2K9Wq8T1P7wN0cQULhF9e0eSQmhnikFigRGbLBRsdbOFeK3GazeoU_aB8ctRA_Z0HH0OGMJWRXtPRX_CJm3xunUqIn7opPkJ-Z5C6sy2YkpKS2auyjORpwfykF12Qk8KX4cf_Cc6CSuXOESEF1RSTEsU0IsmhDzMqRanj49CYcfUzuX0cMPfBaJA_gto8C21-1fUYjvMHa1iVTcRPF9spG3O_Ce-y8RQt1wJw1Ub2LR9EPtazMyCcPVRgtcpLP7C_UrOnLO6SWNpb-xTX-o08Tv2wlXqScuXqsC3UAqTFhIUVwZkvoi9pFbnavhaGekZ6O0lp7rCx7NYaqoYdABLoHbmwM38tGh4vETArSbmIaKeJfQKt92eee03O0wFXikYJ3AyPpg8K40rzRiSnAdzitvHnFQRgFdndwrsbQAWfOTYfGheOxVESzBCcN5DFaasHhpwJtX8flr4K9r95Olkhh15xNRCCoOdzU2wFoOTBegELQEhU8kXsUcefdrssaZyZaAfrpTYIYK2kefnmAJSfs1J9wMtuC57ibAiKZujvKBqC8q0nWzTOcuRx_hS9-ATABqN9xoEg1aKesyY7fqajzRAvGw1XKSj8qUSjDqMlsKw_jZojqbTFe5bMYE0gJWoN87Uk8wuD29ZXHLKjEKU8P488VjUjYTnt6lxWyuwjpeoEHZ_b6wNlSy8mmeb_fZXH-etWmGmlpnhXYZ5Y8oi-YLx9UnEdpZIWfWt92jym-8FWYWw5fT8GEZTn2ATvtAYDb_yuwuYB5sJ3jjtZgnDWwjRocB-dFOPD3T4kNZsqHk47HOPNHSK-uvZcD6aUA9gCDApssv63g1gTwGldo2vRdhU5JOpkCEj3bFHepreMBSTiuER73EG3zZ-Kq7hlrDlhde2YYovIQMD8qcvatwP0azGtrsewNgb8oG7-5Phx69wp2o7SfgjQBY6B3lWmRYko2vAp2G9CX2juEdSsYsML1pg-EXLUYbLLIjO9aUn5LwPqOvmsSntUWLxijd0VWqNkuLfsIoa7UXVx9_WfmQvZTdRz95dAekF1cM0ii26KTbZN0PNKg4Q7wjY2595kVlOvfNN7xnZU90pcqL6WMpuEbGVJ7Z2GFXDnFKmRdQJw5WJ1NTZL877eLHtTTVTsaOtI0L9pKHfZnZohnkmmEepmjBhXXdWXGh7Pb1ZeGQxB2COL1v98oXDx2sjRuvnTFp3pr24LWseWu9BmKbOkmKGCx4TrCic1D0ecKVletehyBcXpoqg3pjppqrWZfObv-056--UkdGH4c_VGQqX9AugiWVnS8yv9QuEPx-sGnPwE4E5rHzPpiNIRMk251lTqhfYD7SI3t4jdmd3BA2aWDZNZk_1ZXZRfmMnYQaaFDpKso5-dPWJ-Z8LfOKhIfpH-IzVqhCLNeq0r96-QeaxsoiYxiPze4JUJ8ntQe01kYcLWqjdap98FZjqSZaftS0yD3J1FexYEl93g0N0AopweeEqItjoc_Vzp40J8ZBXF8Z-9iXswwbY77cs-RaPTsQl8t3tRZNF4nNeHZ5EFefKGfT5xvuljmgyvAeNJbPyLyu4YxcccF-_dFsJsYUf9miVrAHl68Ru7op4MRdgQIamXfEdSBB9SG20eTvnlyTtuVQ0OrYZ9LGdQJ7MwhJWeBkw4L-LZZcbGWi3Z6VtZl_IjdKME8oQERSTrOcw511il4b8UBaTPd6qgDnZx2h7USMc5tBAw8byBt5IuNfEEAVb0U3UyDrJ9gCxeCUvWx6SQbWuRrxKMXNNF7CgCovQuDzwcO-dIS1I0h43VnATXzC4idXqS2YvcCP8eZ6n5ZZBc3t12PdDW4BqD5zp3NI9yceA2MIf2Dwb6q7DyVv2ZmZKAZJBZKvZ6n8RMaf5YPr2366qDgiE53ffU7NPuCDdaDU8yHFPOTnOdYOmyLT-l2SpNOSynGYxPSat_WUKmzvWZnCI7DIi9szhynyNsoceFEhCz5ry6siyr715YL6tsvoNbQDecKIADSLs8ROaXCicbW0zpe3gArRPmdUStZ-FfGsgXF3ckT1mly9WapHnuadbfBUFB3de-bAb8sBBRuHnIpg0JXHlaRd3S-KD3g3SydrI-1cSvVLSLgAko-kqtX4uox44loxSzUMAw8qWIIf7GWFUsgR14rbAABjmDHMva-lRw2aTzZ_hqsry8v9LwKsTbZsa5Q-8VQmYyZh87xLRXqVhBRSkcOwb3G8OuAw8ILyNNtB0g35WuJJzQooJqTONbKPW9TgB0PBVpFODC5NjKVyb77W0twAaSZUcXn-WfSjiFQojaRKTupdU6eqLTdPd2u5MZX2LQMdgp0rnUstOyGmhOtDbuFA_R9fTgMpyOh3Os96ekmAYPGvTGCKTjB27botpZ2duDTqclGe53MkhkDNtS8pOCSEjGceDkc5dKA23q4lieWO2W238Z8OL6nrkbBGmN9g_kncDSHt5jI177o858m4kSSYwmEUyN_a87j5H4E1qCEWCFTjrHLArnvq7sJyVVN5yS68NiHA-eoPB8S2RtGv9zw-SuyQTP_pEfq1KPPp4szLBBAMtpzj8x8MmtCKO14tHOjbYwYNwrGvblR_lklDf47xgwnq1Qa0RjPooFFQiHkvdhlebWdDefsis04R9AjtMuxUKvnSEKkEcAl78qr3jpCF4Sp_qHGMARDX2umCWuG6__sw0org3HDRlbqKybXF3LY8RNmeFkPLMwAVqkARehdDZ_170N4qvtQ3-D9QvDCmJtgwUfX8An1tmaDTeNHQ843QXSveLk6by1ymyGySg1yqv1rD0QI85l8hiYjnrWdDeUUnZgE5E-8nOkum3DtKxflPwVd_s6HZ2HKHmtB7-r_f_v38U4c485iow4zsc9M-hOcdIAAlM8XA41CHOaSbLjD9qlcXu2f3_xhNm_QMBHavYPJqJi6KWUho_Lo1MXtleoWIFWLpJjrwwK9pIKCqRS6Pivj7bVIH0VZdTMFui05XhDhollVVmsZi3wDWjdObks6Vt8m-vykz5W5k76VUjW09vwN5iLLY9oyg1ge4TktFsj9WlOAGsuH-isXqX12WOWU2VNNH9JEHkAZWxTZFCDkI1FD0Xb9Jh7Yqikl3O6KnebCQk8E9J2QQq_MOu3OGJd3amNuBbqE&cid=CAQSTgCsnQUxtKZ8JQfxKoHYvtY1ffWcLaH9alhF-n9q3AUIrxE-zS7QxDMFfInYFqzgmRFmAk9PKTshjp_Z1x9-QCEQb4ZD72Qt-etupQjUbw&rfl=1%2Chttps%253A%252F%252Fthemorningtribune.com%252F%240
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c20d83f4400f6412e87aad214cca99d79d7cb6a38654286e0e0b32f6b3ec19a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20412
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 10A6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BHoARZqwS7Q7O7sgG9tiP4cBJcmYx9iL-MdhRUWcnrCkFKFP35sChiW9oKUMX5Zd4JWmggaT7E-8TI0uq-lrfoYIc-5BLi0hG-Avo7wrOaiXKU2fI
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 10A6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:10:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
941
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:10:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 10A6 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Sep 2022 12:26:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 10A6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:17:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
524
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:17:29 GMT
pixel
protected-by.clarium.io/ Frame 10A6 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzI4OTYyMTcyNDA6MzAweDI1MA==&v=5&s=v31gc47ed17&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsMjI3NDE1NDM4MDgvdGhlbW9ybmluZ3RyaWJ1bmUuY29tX1dlYl8zMDB4MjUwXzMiLCJ5IjozMzA3MjIsImNvIjowLCJzIjoiZGl2LWluc3RpY2F0b3ItYWQtMSJ9fQ%3D%3D&sb=undefined&cb=3032306&h=themorningtribune.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6STRPVFl5TVRjeU5EQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODk2MjE3MjQwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.15.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-15-154.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:13 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 3149 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 16:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Sep 2023 16:16:51 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 985A 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsveB69fa8_KJUTS0Z69HYBR4N1cGLjl9Q4qI1YGHZBiDG7IIORuDDXUW5iWMFNdvF6wYZvzU6Nhyey9i8bQ0Hk-MFrQZD3cV3Bjma0AUg2Xic5xQ-qvzfMyQeS3SiPC9Ra1c4zYIRSJEDNTZ3pzblSeyDxbV0ne79W5UhsTyqdzIyt2UqgOPZX9YMMn3sF49weGZ6rjiveNVwxiKx6Fo67CWnazjr5--gkyO0Cx7wllUaAuRjx-RqXK4vsxbRmzBQPg3Q7UOAYeVr0wsWJtqQhOTnoI8FGx1BOaRzLst7KfGRz0_EVUPDrOGkxsBydqbo_c7yfH0OTlwLwwB-lemodBY1vZiPLYr2prU18nZAudTo1zUsOH5yqgiAiBB6njTKFnkrkaH31EsOqG_gVD_No2Z7kuFy93EGdfKxdDy5boyHI9cTxUoiK9ZhQf1x795rkHa4oy6dBrTfS_JTOvTwVTdZjfPEOFlMDgZ8-oQwWkSPlIR6NsgTQd-WJIbZtBnIJDQWpscUESUJwI55o5qoMNVMinylixTIxHc-eln56gE7X_Xm7QnHQac8-YKdq2Qtczl3MMF96RGBrQFxlsCIOTHdztrlJ4GEeyUS1ASXyICN0GMmun2Zm5aKhLPtFP_7zgAmS1m4p8XaQ1oHuXRRgVIVcaQQ55y3QWgDW62ITViOznnQvP8TCsCXzAKG7FhQUjQ1QjR_KXIAo60FeMqZHGS-YgxaVCtp8ZAyUcnlaJ2fRSutlkBDkrt6eC7Hw-9kh18zXgmDf0VsLNbFpNgpunjlz0rQAhTkxIURVjQBXqbfaV7w705BLaJ1NOplOEpd6judKJDynsKRWYKZH5MB1PSd3TlAvDCMKBAZzoS8Op7AJEXMk1TFo7Ru-Wm9mv91Mj590g3Vz_aSPdhVwlnz57KKfm57zljB1LjgpkwUcPxn2hWHrK497Dyy_tOLIh6ipD3GECriYajnuPwbIRBR5gHAUoL-CDcEZtZ-d0hKys2YGgzc47CCU766z5AlcvyZjot92fSctIspv8HM6Ic6u7ake1NUCjdRHdYtvZ1gOHma4LHUcOSOh-dKxqodB_OnzkSxFkzZGgVouH3E2ekU6dg0oKn0RLcXczurwzZpk--HkgXTc-VgYygLfWjgWDprtefQSYAXAr7vaa5yHnuMKtpv2jD4m6JX6iUpstmY_XyuODg9mO_ofWtyKcmhWgkBvYdTHeqFSH-lU6epK2GD1SGK6o2gVHvamcNdXwu_6p7OG7rglmN0ij99PbkpXgigujlCsnvF6D7Gwzrl6d2uJxZkeb&sai=AMfl-YTI5VMIL7QucJASQDoxKKfe9--Ea9Dfc-yzVsucm2w1gexyudyl94Nvysy1PDiq4rlaGryIHWndknaqOnAFlL7yJlSNMnz7SOQq3hSL6gEF_V4YKI6Nc-JM1yALt4e_KoEq2oKK3dLgPBxKVGOPKwd-5M0QlhCfCQQQ93WZUGeHGo_A0ao87fKts4pYqIP-tVub1VHAcgfJ0PAlxsyFI0FaXr2Kr21n6gvF7KJDubM6Zgjcp5b5ZgIS2A3e50H9jwFzdrAQEo0qPi9s6NR4SVS1uG4yHb3ycmJLho2R7WHBpiPz_Yp9rimFCA&sig=Cg0ArKJSzNeyDxMI5UJtEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=273&vt=11&dtpt=181&dett=3&cstd=90&cisv=r20220831.38782&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Sep 2022 12:26:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Pflegetext_1_So_individuell.png
s0.2mdn.net/sadbundle/15847332698834868346/ Frame E148 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15847332698834868346/Pflegetext_1_So_individuell.png
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41214ea16ddef32ccfcdaf1eb885d511b2691221dc266954f2a05a856548cc3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15847332698834868346/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 15:41:32 GMT
x-content-type-options
nosniff
age
506681
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6798
x-xss-protection
0
last-modified
Wed, 11 May 2022 14:21:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Aug 2023 15:41:32 GMT
Handwerktext_2_Die_Grundversicherung.png
s0.2mdn.net/sadbundle/15847332698834868346/ Frame E148 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15847332698834868346/Handwerktext_2_Die_Grundversicherung.png
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21016cbf3ec7cd76b1de47ec4f39eea9889f4ec5bdaafc2cd21d917bca77fc6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15847332698834868346/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 04:32:11 GMT
x-content-type-options
nosniff
age
287642
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4209
x-xss-protection
0
last-modified
Wed, 11 May 2022 14:21:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Sep 2023 04:32:11 GMT
cta_Jetzt_informieren.png
s0.2mdn.net/sadbundle/15847332698834868346/ Frame E148 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15847332698834868346/cta_Jetzt_informieren.png
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4108f012d20a4a5db9771b21831ccdb8680dce8a8b0c066ceccb376307c7f91d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15847332698834868346/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 16:06:28 GMT
x-content-type-options
nosniff
age
332385
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3473
x-xss-protection
0
last-modified
Wed, 11 May 2022 14:21:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 16:06:28 GMT
Barmeinia_Bunze.png
s0.2mdn.net/sadbundle/15847332698834868346/ Frame E148 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15847332698834868346/Barmeinia_Bunze.png
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b29257e2d73ac9475d2e96137962bdfdf6925eb38f15cb5050158ad48df09a9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15847332698834868346/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 04:32:11 GMT
x-content-type-options
nosniff
age
287642
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4346
x-xss-protection
0
last-modified
Wed, 11 May 2022 14:21:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Sep 2023 04:32:11 GMT
Abdunkelung_Handwerk.png
s0.2mdn.net/sadbundle/15847332698834868346/ Frame E148 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15847332698834868346/Abdunkelung_Handwerk.png
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4e6e5c8177a7a4eb68a34cc357578c6eedba44d39075a29e9b7c0f2bdb76b79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15847332698834868346/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 17:03:48 GMT
x-content-type-options
nosniff
age
328945
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16205
x-xss-protection
0
last-modified
Wed, 11 May 2022 14:21:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 17:03:48 GMT
Handwerk_unscharf.jpg
s0.2mdn.net/sadbundle/15847332698834868346/ Frame E148 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15847332698834868346/Handwerk_unscharf.jpg
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2010a67c304bdc5501811f6b9750087607b9860202f848437da7a072bd352dc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15847332698834868346/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 11:06:58 GMT
x-content-type-options
nosniff
age
263955
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14926
x-xss-protection
0
last-modified
Wed, 11 May 2022 14:21:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 01 Sep 2023 11:06:58 GMT
Handwerk_scharf.jpg
s0.2mdn.net/sadbundle/15847332698834868346/ Frame E148 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15847332698834868346/Handwerk_scharf.jpg
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8e212e1358bb7afb4915583367bd85f8749c65708714153c45c3d1443e20d76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15847332698834868346/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 12:01:12 GMT
x-content-type-options
nosniff
age
347101
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38337
x-xss-protection
0
last-modified
Wed, 11 May 2022 14:21:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 12:01:12 GMT
sd
us-u.openx.net/w/1.0/ Frame F846
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKbxu7052dmv2VeWzPKSeo&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKbxu7052dmv2VeWzPKSeo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNWSVBCl7LQCGNCP_L4BMAE&v=APEucNVp4VaoHKFLThEfJbFdt5fp7QkywMqVl3Omx_ExOaOCilHPg93oUUlkeqBhAiueW-K5e-RWI0rBfH5QvfZ4OMvnBteFcBDWUnHDaxbXpDWoVxJa4deLaznG1aK2FRyxNa1oVXZEFZk6qxJ8cDJ8JtdQRTp0_zr8B_4-FeVHQDhBhiH-ykY
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKbxu7052dmv2VeWzPKSeo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame F846 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNWSVBCl7LQCGNCP_L4BMAE&v=APEucNVp4VaoHKFLThEfJbFdt5fp7QkywMqVl3Omx_ExOaOCilHPg93oUUlkeqBhAiueW-K5e-RWI0rBfH5QvfZ4OMvnBteFcBDWUnHDaxbXpDWoVxJa4deLaznG1aK2FRyxNa1oVXZEFZk6qxJ8cDJ8JtdQRTp0_zr8B_4-FeVHQDhBhiH-ykY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame F846
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESECial8zTFsYmI4D3EvuKqHA&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESECial8zTFsYmI4D3EvuKqHA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNWSVBCl7LQCGNCP_L4BMAE&v=APEucNVp4VaoHKFLThEfJbFdt5fp7QkywMqVl3Omx_ExOaOCilHPg93oUUlkeqBhAiueW-K5e-RWI0rBfH5QvfZ4OMvnBteFcBDWUnHDaxbXpDWoVxJa4deLaznG1aK2FRyxNa1oVXZEFZk6qxJ8cDJ8JtdQRTp0_zr8B_4-FeVHQDhBhiH-ykY
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 04 Sep 2022 12:26:13 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESECial8zTFsYmI4D3EvuKqHA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame F846 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNWSVBCl7LQCGNCP_L4BMAE&v=APEucNVp4VaoHKFLThEfJbFdt5fp7QkywMqVl3Omx_ExOaOCilHPg93oUUlkeqBhAiueW-K5e-RWI0rBfH5QvfZ4OMvnBteFcBDWUnHDaxbXpDWoVxJa4deLaznG1aK2FRyxNa1oVXZEFZk6qxJ8cDJ8JtdQRTp0_zr8B_4-FeVHQDhBhiH-ykY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 04 Sep 2022 12:26:13 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif
/
servedby.flashtalking.com/imp/1/173827;6259061;201;js;GroupMProgrammatic;DisplayPRGRSTNAllianzCareLife10EnglishPRO300x250202201/ Frame 10A6 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/1/173827;6259061;201;js;GroupMProgrammatic;DisplayPRGRSTNAllianzCareLife10EnglishPRO300x250202201/?ftx=&fty=&ftadz=&ftscw=&ft_custom=325499515&ftOBA=1&ft_ifb=1&ft_domain=themorningtribune.com&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fthemorningtribune.com%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&cachebuster=738406.6527761122
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app6.frk11 /
Resource Hash
d4b829542d11c7b72ba3232130db9e75124395fb6a8452ffca58a1d4532f637e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:13 GMT
Server
prod-xre-app6.frk11
X-HW
1662294373.dop207.fr8.t,1662294373.cds285.fr8.shn,1662294373.dop207.fr8.t,1662294373.cds275.fr8.sc,1662294373.cds275.fr8.p
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
1519
Expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 10A6 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:24:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11778
x-xss-protection
0
server
cafe
etag
15541287485089275602
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:24:33 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 10A6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:03:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1355
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:03:38 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 10A6 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssM3bb_DyvtpaFSYDXJddYw2fy0wBVE-NW7gdmfXhw79vo9co-LySttdQk7Pzqu0c-DVAKWnfxDU5bjFOrvt2uhFgV_vcpHjqrrzgbrUXfy281YamVG-aZ5vuayChwq7nif4s-y3LdTWyVbkQrcvZfkE14AHkZpwhVy_yy-HzOjXmvRaLSuu8hF284rAoYQg6t1HH6kTfNzxUZUz4PnIZEiCvoaKlPbupQPpv-waksMRZp_P7Ff-1fNjXk-1Naxw9WLfhwYexUkiieDkYVqTaHrwF8wehq9Eivtfknxays6iWcR7av2GZpr9YpjuXED_gu799uQftzyRQSiNIdxqAESH9iBsz726aj20jLV5hdPn4yipYsZzKG6ZEsLhDRWxi75sCx8Hpg7cinXQN7MH0eOitVD6cG5XnbI3oZ6Nxv_wM5UnhH5XsgrvZ3kXWczhOk8spDZ-6a1jHmykUjQa0xx4xmTDbssmQaGNFXRI6wiRXsFlGWorfjd3Wrq2tw9TWTx5LAAb0aZPq9MHUXiesseftLrMmbDLh1HyK0cQYURUdz0GYSu7ElaH0M0_P-rswiqK-1VLIMVnjVajpFRSdu7Gyvb0XxwLvuwvu5OzaWYSwXdCUn0F74qxdJmfVvLeO_6g2UP2_AMC5iYc9WrnnbQAPwVOUJkeaQjjZDzueV26ctl4tGjSCkC6gqEelbljBvb4YC4xGSXs2GNkE81JEbZZyRXVIYTGMOisa39H4_EPmDmHQcb1If9p4_D4BVNDwxFuhjhsBTf5XGZcAOOlAi9VjqwLQejWmYm6gyB39m6W0tNvX0mF4-hHVlS2VnaKabnNtmKPKQd49edSlkhTYOvmOO6yydhbsnVJp2ui0LdHtEMhQjFs6n7eMexU005Tc8n2bgFf830QSkLdRaZpOjwvAbR82xcj_8q1NTS9C304gcajAHNdGnVOU6Amg4SfXAZ7s4d7hHfjVgRhdZPrwsaLOzCjNI4uyenxGvhZ-Nx4rJ_HTuX9pl9ZygehKQmHGTDNa9leT2sEftNfhPjpmniHOROPy_9VD8qOtAQUBx1NWR5nvAV2e9cWu4Ff3hEnfqQ_5YWlGdqjaLJGaiNGb3SpwQbFviram9LxIvNqUHVSYZEYNGVUrZyCC2QtfhyAsJbec5rQmyLePzrdYzinai7MXB58jVJ4RY8YWHWrhb841aEjwd5r4jrnHkAz3EUQ5nCGgokbU2gOEA_6RVZueNjcijvt3-e0IePt3uRvw7rScEM9sPIePMRa0vcK0qmIXIORVsCoZs7BJERClQMPKufzjs9Jw&sai=AMfl-YTYg-EpQTRv6p8yAYvG4kO2yz0MMUZkaX1EFe6ExDRdrfqCvtmW-J5oU4_A3VUpxElujOf4LBTDuqs3qnwBiGvgnTdA91lAFV7iUmgpbKSxvFfcMtKH0Nq7aNK7EYTUJrzytstP3C7kCB9nNzC098RueltkOKu-CFDJDZ_NgolSybCgSHueCSbGBLpbVgC3OuuGOkvc0OIFCKvyZGUKpvisTOQVdlgmVUL_uvRy93hgrnYOyrGdxATARkolflDxgomTx3VQmexg6jxUpF16wRZxYSZWx5dYTliWH2WhRuvtqpSbAQ-6GM3LGQ&sig=Cg0ArKJSzNGhelXUUIUBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220831.19743&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJ68DXaO8_euW85l2FT9SaEn_E3DtQVgHYVkjo8fTkd0fVG163J5CU54CXpbCsroPHPcAatWIxyqOC5wjaLSb4Yxbq3g&cry=1&dbm_d=AKAmf-D1WG0RicoVZM8UpfXxwBCGQSEqq_X9SrnrQG-cwPdFPIrOQYNKrvxpjCgF5YkNkjB-H6sqxz3Vm_EzLObYVXbej0u6o184tlW_XMdLVR66sOD60Eb-4wtat_3_pBraDSTHXqohOraNJIFNVpz8CsecpsBV0PQtMikpQ2K9Wq8T1P7wN0cQULhF9e0eSQmhnikFigRGbLBRsdbOFeK3GazeoU_aB8ctRA_Z0HH0OGMJWRXtPRX_CJm3xunUqIn7opPkJ-Z5C6sy2YkpKS2auyjORpwfykF12Qk8KX4cf_Cc6CSuXOESEF1RSTEsU0IsmhDzMqRanj49CYcfUzuX0cMPfBaJA_gto8C21-1fUYjvMHa1iVTcRPF9spG3O_Ce-y8RQt1wJw1Ub2LR9EPtazMyCcPVRgtcpLP7C_UrOnLO6SWNpb-xTX-o08Tv2wlXqScuXqsC3UAqTFhIUVwZkvoi9pFbnavhaGekZ6O0lp7rCx7NYaqoYdABLoHbmwM38tGh4vETArSbmIaKeJfQKt92eee03O0wFXikYJ3AyPpg8K40rzRiSnAdzitvHnFQRgFdndwrsbQAWfOTYfGheOxVESzBCcN5DFaasHhpwJtX8flr4K9r95Olkhh15xNRCCoOdzU2wFoOTBegELQEhU8kXsUcefdrssaZyZaAfrpTYIYK2kefnmAJSfs1J9wMtuC57ibAiKZujvKBqC8q0nWzTOcuRx_hS9-ATABqN9xoEg1aKesyY7fqajzRAvGw1XKSj8qUSjDqMlsKw_jZojqbTFe5bMYE0gJWoN87Uk8wuD29ZXHLKjEKU8P488VjUjYTnt6lxWyuwjpeoEHZ_b6wNlSy8mmeb_fZXH-etWmGmlpnhXYZ5Y8oi-YLx9UnEdpZIWfWt92jym-8FWYWw5fT8GEZTn2ATvtAYDb_yuwuYB5sJ3jjtZgnDWwjRocB-dFOPD3T4kNZsqHk47HOPNHSK-uvZcD6aUA9gCDApssv63g1gTwGldo2vRdhU5JOpkCEj3bFHepreMBSTiuER73EG3zZ-Kq7hlrDlhde2YYovIQMD8qcvatwP0azGtrsewNgb8oG7-5Phx69wp2o7SfgjQBY6B3lWmRYko2vAp2G9CX2juEdSsYsML1pg-EXLUYbLLIjO9aUn5LwPqOvmsSntUWLxijd0VWqNkuLfsIoa7UXVx9_WfmQvZTdRz95dAekF1cM0ii26KTbZN0PNKg4Q7wjY2595kVlOvfNN7xnZU90pcqL6WMpuEbGVJ7Z2GFXDnFKmRdQJw5WJ1NTZL877eLHtTTVTsaOtI0L9pKHfZnZohnkmmEepmjBhXXdWXGh7Pb1ZeGQxB2COL1v98oXDx2sjRuvnTFp3pr24LWseWu9BmKbOkmKGCx4TrCic1D0ecKVletehyBcXpoqg3pjppqrWZfObv-056--UkdGH4c_VGQqX9AugiWVnS8yv9QuEPx-sGnPwE4E5rHzPpiNIRMk251lTqhfYD7SI3t4jdmd3BA2aWDZNZk_1ZXZRfmMnYQaaFDpKso5-dPWJ-Z8LfOKhIfpH-IzVqhCLNeq0r96-QeaxsoiYxiPze4JUJ8ntQe01kYcLWqjdap98FZjqSZaftS0yD3J1FexYEl93g0N0AopweeEqItjoc_Vzp40J8ZBXF8Z-9iXswwbY77cs-RaPTsQl8t3tRZNF4nNeHZ5EFefKGfT5xvuljmgyvAeNJbPyLyu4YxcccF-_dFsJsYUf9miVrAHl68Ru7op4MRdgQIamXfEdSBB9SG20eTvnlyTtuVQ0OrYZ9LGdQJ7MwhJWeBkw4L-LZZcbGWi3Z6VtZl_IjdKME8oQERSTrOcw511il4b8UBaTPd6qgDnZx2h7USMc5tBAw8byBt5IuNfEEAVb0U3UyDrJ9gCxeCUvWx6SQbWuRrxKMXNNF7CgCovQuDzwcO-dIS1I0h43VnATXzC4idXqS2YvcCP8eZ6n5ZZBc3t12PdDW4BqD5zp3NI9yceA2MIf2Dwb6q7DyVv2ZmZKAZJBZKvZ6n8RMaf5YPr2366qDgiE53ffU7NPuCDdaDU8yHFPOTnOdYOmyLT-l2SpNOSynGYxPSat_WUKmzvWZnCI7DIi9szhynyNsoceFEhCz5ry6siyr715YL6tsvoNbQDecKIADSLs8ROaXCicbW0zpe3gArRPmdUStZ-FfGsgXF3ckT1mly9WapHnuadbfBUFB3de-bAb8sBBRuHnIpg0JXHlaRd3S-KD3g3SydrI-1cSvVLSLgAko-kqtX4uox44loxSzUMAw8qWIIf7GWFUsgR14rbAABjmDHMva-lRw2aTzZ_hqsry8v9LwKsTbZsa5Q-8VQmYyZh87xLRXqVhBRSkcOwb3G8OuAw8ILyNNtB0g35WuJJzQooJqTONbKPW9TgB0PBVpFODC5NjKVyb77W0twAaSZUcXn-WfSjiFQojaRKTupdU6eqLTdPd2u5MZX2LQMdgp0rnUstOyGmhOtDbuFA_R9fTgMpyOh3Os96ekmAYPGvTGCKTjB27botpZ2duDTqclGe53MkhkDNtS8pOCSEjGceDkc5dKA23q4lieWO2W238Z8OL6nrkbBGmN9g_kncDSHt5jI177o858m4kSSYwmEUyN_a87j5H4E1qCEWCFTjrHLArnvq7sJyVVN5yS68NiHA-eoPB8S2RtGv9zw-SuyQTP_pEfq1KPPp4szLBBAMtpzj8x8MmtCKO14tHOjbYwYNwrGvblR_lklDf47xgwnq1Qa0RjPooFFQiHkvdhlebWdDefsis04R9AjtMuxUKvnSEKkEcAl78qr3jpCF4Sp_qHGMARDX2umCWuG6__sw0org3HDRlbqKybXF3LY8RNmeFkPLMwAVqkARehdDZ_170N4qvtQ3-D9QvDCmJtgwUfX8An1tmaDTeNHQ843QXSveLk6by1ymyGySg1yqv1rD0QI85l8hiYjnrWdDeUUnZgE5E-8nOkum3DtKxflPwVd_s6HZ2HKHmtB7-r_f_v38U4c485iow4zsc9M-hOcdIAAlM8XA41CHOaSbLjD9qlcXu2f3_xhNm_QMBHavYPJqJi6KWUho_Lo1MXtleoWIFWLpJjrwwK9pIKCqRS6Pivj7bVIH0VZdTMFui05XhDhollVVmsZi3wDWjdObks6Vt8m-vykz5W5k76VUjW09vwN5iLLY9oyg1ge4TktFsj9WlOAGsuH-isXqX12WOWU2VNNH9JEHkAZWxTZFCDkI1FD0Xb9Jh7Yqikl3O6KnebCQk8E9J2QQq_MOu3OGJd3amNuBbqE&cid=CAQSTgCsnQUxtKZ8JQfxKoHYvtY1ffWcLaH9alhF-n9q3AUIrxE-zS7QxDMFfInYFqzgmRFmAk9PKTshjp_Z1x9-QCEQb4ZD72Qt-etupQjUbw&rfl=1%2Chttps%253A%252F%252Fthemorningtribune.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 04 Sep 2022 12:26:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
j-6259061-3772697.js
cdn.flashtalking.com/xre/625/6259061/3772697/js/ Frame 10A6 		81 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/625/6259061/3772697/js/j-6259061-3772697.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
fcb83e23059a13e2f411db9fbbc047bb49a24b96fec61fdb008410b76ce4d395

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jan 2022 16:28:22 GMT
Server
Flashtalking (AKA)
ETag
W/"d637a394c310e39dada78d51cbb4c2fb"
Vary
Accept-Encoding
X-Varnish
68010196
Cache-Control
max-age=1096
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript; charset=utf-8
Content-Length
19801
Expires
Sun, 04 Sep 2022 12:44:29 GMT
container.html
7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8577 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202208101343/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:10 GMT
expires
Mon, 04 Sep 2023 12:26:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3149 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqT3JZZkUY_70BZSk9u8Pp_mS2AIAAAAAOAHgBAI&bg=!XV6lXhrNAAZTikH4c4o7ACkAdvg8WqheqjLCk5JDO9QLt81RRaM6rlqpM0rpVG7ytUoUuM9ufa3qMgIAAACTUgAAAAJoAQeZAuYACuMPOxzstLyaqkntFpKhB9VFiZi-8symjHPyLsN6n7IOch6NV8ihVCFjrwcoZtADVlx5SoS_VedmRYmdQZ89aPvAP3DQnyReDGmjfYDGSW46z9kUOSFWteViS3HLZXuRkRdQQQz-xxZO6Zgo94BCezdK5Qe3jsO-FoVmXmksAfpkUx0grgMcv30OaX1MHefoOWaziUxiBrm5XZHrrRs64cXyYocNDOyw2797mJrmTTUPJ2-8fBUPvcjlkjGtr8zVI3V2snI09OxlfwnJN7rJzHedH3uE-MHyp1aPKIVW9qjbaNQq23E7LG6WHfo2AO_fmJm5ASjrc6Wg7EpgsbrQ1MIJkkvSS6PTKoYmrmDnpoajGEEw35ObA7TqzBsF96Wk4PnC9Ez3hau50HJlojlLK28So3-akCvAYCXHBzWycbAa9M5BlkVVBQ7wjVC5qDB6PcHWkhnx8snmm5adRD9ZY4CxPR2JPSm1NDPQnhc1JrJG6p3IlSPvGbM3a680jnn4PCs-8fwZdx1E5XBb6psSQx8EOFzbO55tU2rVsEdgOtCCn9JK9a6HRZSJciv4B4MwmdVRjwRUhbJHf25MD2gi05TM3aXBDgQI3poqZFKRYQQNZ-KP5QncHIw_2IFj5D5JoQxhBQDI3FGmVJJfsVswphtbAgZWcewTEqKv9_ScRZixHxqT14TKf0179BNFvVDP3ldtYjcYwVa2fNreMuwDR6ziaaVMObN0AXKEI8DbSC-6KMN8dYMP_TpC-z8snAv62YJanxOA2ujmSWJEQj_eR9OCo-A2tk0C6gq-OcA1Ti7qfFd3KMJ_UoWc1Hq9FVQnfzu_KL-lOXjEolWW4sOQiIPDWSOfStRraj6isEvPT5ktE1y6f43mYFKGSzYaWnjKgBW8TQvaRdWzD5_flRzuElbl9a3ZI1chjMQUPkvCHiMf6bo1D7Yk-Kyq9oJCYyhQkh4O68QQbk8_JvHfl7CpX1pKoqjV
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9FA3 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNVMB_6GFKdIBrRMgCcN4wYTe6pysg08dtZ4JxPHoEZi4pKBqOcVRMEjUqNjP-URdZOevoPojIJuncG6ST587a92BMoUiUzEfZR6WGvJF_yfIxqD-sRtS4ViSrR-XFvBNjthGHIOpC27bCa5EBVtD_tE98FzxFm8Htsrn0L3LZEkesOa--k
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 8577 		84 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BlOxIpnSyZ4aUnclTjQPoBhNzO1i-IvzDgi4OfWiG2F-4ZdrIjTW0GIrBzY5LIQzg8cvkrcuGOfx07lYFpEhbXsofbmbdvEW0K1GpNya21MDHTrqVhWyjMZLns3_0AfllA_51BW1NpBRo8O6vWH9hAN7s_FA&dbm_d=AKAmf-BJSqqeCgMYuFIfaro43tjTvQLKYNGvVph6m3pOZ1M4YazE951WJNPaOsRpEd0l81YAltBXVajOxmpmAkURXAw9QcLsCRRadjEGvOOOSbgDN7RngcG3txjoie20cPJlGS217UcDGuaeBZuuPT6NdxDEtwqeQEV28JXD5_XhtWV3hFOPX1HhBC52oV2ZCsh9MwH2QHfDOb1KmFT1BVjqbdQGGrMItw5rgVkHG1ery6S0KaEGX35JERggXtZwqN2EoW8LjLvKg4jbGjp4Y2xloaa5eZICz1d40dXqOYVfzY-o5y8Zh4PqUzsmrTI7pPp8_6IdVWsmswWp6yJghQe9q0FRgN7G9TXCSr6AKZSbZIPblAj42_GwJi6ZfJlEk_9ruH9QhF3M1H0WbBrnrKLpkcxTis6NE__6jcWIXR3j7GOUsICLiroK5a4Vl6iBquEjvxdNxMuhhJ_62f4ygNml5I2Avgv9m7vih-gN0JwpJH_j0m9ZgjqTwe_ZSRty7nWjWOrlumODBGtsZ91l6Zo0h30XermbwfzSO1aVSutDHF-0xwRVb1DyjgFtoSDifzzZO8g2BVK0l0SmQTWLCbahhbgeogFBXWoLbFwO4f45xkDSufgWcnV1QGTsSf2PMlUZXPKJkof4zQssCwvnH1vR3xvIGSQrMowSkeKHZ7cSlKEw0lPVu3lUF_JJQjvuqY6kxR3KD3KCJo0_eqfEeOX-LxKRiNcw9c-Vtat3IAI7JP_74PgZtLwk2e_u_ixO-JbGO-mlyExDV8R4SlFEkE8_ynWQ7RmESnErmG8wWPn68UdcJKAdyI6rU5eUj4VtIyU64i6f8JAUPiNKlak0x8aNPz0t4MIXU1ytA0DkXdJj7jVtzIvb1Z9eO64VvDt_ChxPLK0Wjoih_SRF8-t2_bM3FOBMakQcdD7KVKTOjg4yVaIiA6w7Fk8Eyyll3bK9lGx43-Y8vPD6ojlbvGaYDabtR6hQpSshFIKEZCCvz8VwksqxkxfLC0LuptkkECHZ886dgRorq6yPlkjJlYeMa0QGLlc4qoTHczn-wehwcZV61ukMCH9UgjCJKh_chhbhxIslV-FIBuEKTIEJyjvjKlP5_U-QtKZtjMAcv1kMG_zovH6VBpDxAJgDyWYaVYpud6Vo8krhf3CJ6BW3_p3g1qu-5K41PDA43cx-e8IgcDL4Ouctsqycfld6vk3FYhczfUJG6f8BlAbvqY9G9d_Wv9C5GugJ6mlLaOndUxlkLL0ZS56K97en8RSFIarJAcGpj3PpGSdcivypPDOn2tDwUzAraUpfSFIjrpBDVR9pacstGnlWp0-_JCp3qc0FGfHtuByLAhlaKZIx5VyE2Vz6ObYdP0M4Rsmp5AQGqe3CrO87PPEFXKPcJewvhjT7QA4J8UJ4qNA6Em106XRaqoafLizJHgyzaIoeJiLHNlSKr9-jxLzDY0MnjDOuPLLB7ZqXYMCZ6lAYB2xs6fiywB6Gpmbj65qA4uJ1ccWwL9LJa8FR48RSyymzGXqh68gQBsSXiK2hKNILUAgkNjp1O-gljaFjQN7Nk47oRxwxF-11iSflOCkahts9FztYOBcS-NtfU2tQbJ_jvWXRgdTLBFiBhh9F21ecyC9c5Ft2fS0sBtaqdOuFtNuGHZGvysV9vqCNUfRJlYcLHBTeqBKB5raBxANkzOOly8UkF9qtquV6vKuWbzhjKQdQ90nJKpHhgezr9wT0fe-ge_BvAQZWosHiX5SRZjz8PYtfdO83AKW-0ahkJA68q2EiIOFBmVE4Uh96oNWlmqUJceJAzmZRAHBRE7e9AspmW5cvm1JMjg6CMV-m3EmjGNzGyvvjVXiOl7pCJoNl6VixoMK5I_bZ_PuBlw-DfkrGJy6L1gHZ6I3MozlZr-rOQw6IhntBUDR7i_9hf56Xtk8SKHiDqhWkUgniVHDL7Ifvyz1zdBrsPuhn0r4vwRwvf1HfNB-5XDYjUZOuubbwdFOXRCsmTIKUp-0y7BxN30SRO9eDnNpelVXhRx2fxRKKT1BdgHZWyucUqb4PtNCMvK30T0gF9ExhJ1-iidNfQ4oMizEGR6zCSJD1diL1wBkruA2fRJif4Px6XA1xLxBGojmHtdlAWVXnHmpiLn7XkSBXKoz_HYG4xKmglCmVucXxWJiK93PuRaWs2iJAzUj9j2t4mszaSFW_Dj85sXD_ZsH61BhUv1lsDW-ENnzX-nCUhikbiHEZDWHJsM6Gc0-VrOFcd6BdSWrcPMLP9xuWKJp9UFpEI87ogL-8BK2Kwz66l518bZN1ooDIsG2fKZ1-GAxB6m8ndVhBvbiPQo7SDFMRuVsvE-3r-lxaWjQ6_Kz0ztsSya7-SstY119-gvFUK0u97h1143LU3wnph5jsxYNs2fQ9a_pUTVP39k-xA9rffDIZIYPMEbSSi0Cs3TFCXd2PtPOUhS7ptjIeM5AJnH4Wk-utscIpcYof_yzVbDHVOHyZQZ_vpdbvVAZ8KQhqKDMXqWmCjAQXVVOTyQhBPnmrZcwJzG_5HAGHZM6b7j3pRYODQuFy4AnOPxZk8naiUJcJu708jhaqySz6V0gMsZGeqGhqSg_zIcfyL3-nfx0NwBvxXnLDYX3yRqYM7jGc2kTrV4ROZyPpJ30o-xDB7dfqpPxBqsCkH8QOZi8W0y9PYCF6Xy1W5MuV7PDHQs4SSd14iwxfBYVjZ0KmCv9poB6UI7F-BrlqyJ7OEA-3FgNkpSBZA3QcYrZVE8LxUoqxU5sLpkHwkGiFbTwxCD_zKF4Tb14n0r9xqH0iGitcUu-u5nTmk6TT_-oBEGVGeAcg84nUndJjuMQfpbcAIg-S4Y_p3Yijv6RKqEmyPxli1bhP1L3oIGBYFkJjZQpGLLm_L7odg9ui3W-nQWV7CXgGb_Vpa24wsLjpGdIMI7FhBjeeGFTgKIduNdYLe9kbiKqyQZmw9dAcUe6bSElmSEGns3v4WWiBtOZGIDh2RxoE8qSLfVWc4tLAlK19jiWXES9arlO3Ukd8j_TYWM5sK8b4Za2Nui3fhb8x8WwPgJMcJzPdpjNUntT6HkSekjeSxAFb_Q-KIMGZx42rQudKsVDK7OT2FjKmPDSvvl-QduKgq9ft_L-JcJXpu2m_991OUCEHLgfcfjsbLQjRwCNJpLb5xikloXHfecih3iV8_hh5M3cnf1XgAfSOVvEuBthBZ0I5n5whUacQPXAVDbNJfs6cF4h-dF1cgl2w-2pvn5DL0TKSIbfkugqLUl5N-YJggEFTcVng3bc_nW7t-_CeBSBV_hsdsLe83P4SSQYH1RvFPIm4IiaK85dDYxQVPJDY8gSwJKbO9-HTg82ZJHn4WeYUjiOkPIP6dmuZfT5NUEy2ml04rh5gD1Z0lPXf4PxS-8m7BQU6BJlt2qwGzoZci-bXTFjvn2rCGVLAEfkhaHIUOddSGzZEauKzGJ2OGle6CyZ1rWigt4TavMG7_X0nvvGSwmzosNQxRE57jpi3CnlNvEXVjWYydLl3JwCdg3coq8m4emv1mhPbkp1po_UqHFDwJb6EUzThiwASPbCL9S84aqgWZPXMX1LWMSQmAz-OmuRQ5NVXuESA_hbNEoGwJ9IBvIs2XVfwETs_NoeJcCXWqnV2B-hfnIsULu3SMSgyCjk0Vo7ev3SEPDolrCSxcBATvuexTqNr3uwunArZdeU0b3tjI_zLkog&cid=CAQSTgCsnQUx6h8YfA5LjzS46gIWwSBBlPts6fk1_itFeEKSsvr3kOFKSf2YZVxs4bt1xO4E5P-RtI5U8UA9NUyB4lnzxILfh4SumcVQNLQ2hg&rfl=1%2Chttps%253A%252F%252Fthemorningtribune.com%252F%240
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33ae8ef5379aedf4c07d48ddb72a150d607e3eb241831edf1eefafa959f68e28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35057
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8577 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Co_PRZR8GMC1GBeMD6g1ZNWG2P0VdgVuRYvQTuPek-ByxfTb11gCTCDct8tC4d6l0fzmyZBob9-Qg0RPCUR7YqY_i_4k7QMJ5fAXw_M6xaw7Zd9rs
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 8577 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:10:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
941
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:10:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8577 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Sep 2022 12:26:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 8577 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:17:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
524
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:17:29 GMT
l
www.google.com/ads/measurement/ Frame 8577 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRKvaQd-bnkyIip5csw_jXvvGgW9qw2OdMOpE9j8lLhZ_kMHU4e0vVOn4qjuVhn4IVyHjiWE4970d5xfb-0qRf6XdTn-A
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame 8577 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzI4OTYyMTcyNDA6NzI4eDkw&v=5&s=v31gc47ed8u&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsMjI3NDE1NDM4MDgvdGhlbW9ybmluZ3RyaWJ1bmUuY29tLWFuY2hvciIsInkiOjMzMDcyMiwiY28iOjAsInMiOiJkaXYtaW5zdGljYXRvci1hZC1hbmNob3IifX0%3D&sb=undefined&cb=6733764&h=themorningtribune.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6STRPVFl5TVRjeU5EQTZOekk0ZURrdyIsIndkIjp7Im8iOjI4OTYyMTcyNDAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.15.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-15-154.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:13 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
index.html
cdn.flashtalking.com/155564/3772697/ Frame 7F65 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155564/3772697/index.html
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
da9bd6293cfe80c6e8430c383e324251b8a480f5f37c22749908dcb4007dfb01

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=1096
Connection
keep-alive
Content-Encoding
gzip
Content-Length
429
Content-Type
text/html
Date
Sun, 04 Sep 2022 12:26:13 GMT
ETag
W/"161d360213b2d27ece1d1be819f92b8d"
Expires
Sun, 04 Sep 2022 12:44:29 GMT
Last-Modified
Thu, 20 Jan 2022 12:34:15 GMT
Server
Flashtalking (AKA)
Vary
Accept-Encoding
X-Varnish
67549540
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7552 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
83458
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:15:15 GMT
etag
48472445140208031
expires
Sun, 04 Sep 2022 13:15:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 10A6 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65b6379f1016ab70afbabc691e325db440129f6413ac7adf468bad16c5184d2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
style.css
cdn.flashtalking.com/155564/3772697/ Frame 7F65 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155564/3772697/style.css
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155564/3772697/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
7e01cca9f55d03fc38e339504ead5a7ae838aa05192a0a6256edfbe55f53259b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/155564/3772697/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:13 GMT
Last-Modified
Thu, 20 Jan 2022 12:34:15 GMT
Server
Flashtalking (AKA)
ETag
W/"1c1e9955985e7872e9fef1c1a1501622"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
67401465
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1097
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
6901
Expires
Sun, 04 Sep 2022 12:44:30 GMT
gsap.min.js
cdn.flashtalking.com/frameworks/js/gsap/3.1.1/ Frame 7F65 		56 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/gsap/3.1.1/gsap.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155564/3772697/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
732117ac92a33b760d9290a33f1541762ee9449dc417ea249b5a0df50738ad16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/155564/3772697/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Jan 2020 18:56:48 GMT
Server
Flashtalking (AKA)
ETag
W/"663fd753cae2b462cf8ed119c3f991ab"
Vary
Accept-Encoding
X-Varnish
70982538 68755780
Cache-Control
max-age=28345
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
22803
Expires
Sun, 04 Sep 2022 20:18:38 GMT
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame 7F65 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155564/3772697/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/155564/3772697/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Aug 2022 14:14:24 GMT
Server
Flashtalking (AKA)
ETag
W/"232f021c7925a065046f63511f376193"
Vary
Accept-Encoding
X-Varnish
137937774 138544531
Cache-Control
max-age=75840
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
28679
Expires
Mon, 05 Sep 2022 09:30:13 GMT
ftUtils.js
cdn.flashtalking.com/155564/3772697/ Frame 7F65 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155564/3772697/ftUtils.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155564/3772697/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
88d4f2dd0c7d1d91f98411acb6ce7b12afbe8019f2730e71b05653a67b4f5314

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/155564/3772697/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Connection
keep-alive
Content-Length
1539
Last-Modified
Thu, 20 Jan 2022 12:34:15 GMT
Server
Flashtalking (AKA)
ETag
W/"d8fdb65aa4c9ec23b1d4e95fb11d3bc2"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
67095153
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1097
Accept-Ranges
bytes
Content-Type
application/x-javascript
Expires
Sun, 04 Sep 2022 12:44:30 GMT
script.js
cdn.flashtalking.com/155564/3772697/ Frame 7F65 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155564/3772697/script.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155564/3772697/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
0a4b39eb8db270a2b57bfc1f9d3e8a57bd9f2a78522683f1fdce948cf21140e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/155564/3772697/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Connection
keep-alive
Content-Length
2012
Last-Modified
Thu, 20 Jan 2022 12:34:15 GMT
Server
Flashtalking (AKA)
ETag
W/"14f8e3b534eb1d70cecc24f9b50dcb10"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
67614455
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1097
Accept-Ranges
bytes
Content-Type
application/x-javascript
Expires
Sun, 04 Sep 2022 12:44:30 GMT
sd
us-u.openx.net/w/1.0/ Frame 9FA3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKbxu7052dmv2VeWzPKSeo&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKbxu7052dmv2VeWzPKSeo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNVMB_6GFKdIBrRMgCcN4wYTe6pysg08dtZ4JxPHoEZi4pKBqOcVRMEjUqNjP-URdZOevoPojIJuncG6ST587a92BMoUiUzEfZR6WGvJF_yfIxqD-sRtS4ViSrR-XFvBNjthGHIOpC27bCa5EBVtD_tE98FzxFm8Htsrn0L3LZEkesOa--k
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKbxu7052dmv2VeWzPKSeo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 9FA3 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNVMB_6GFKdIBrRMgCcN4wYTe6pysg08dtZ4JxPHoEZi4pKBqOcVRMEjUqNjP-URdZOevoPojIJuncG6ST587a92BMoUiUzEfZR6WGvJF_yfIxqD-sRtS4ViSrR-XFvBNjthGHIOpC27bCa5EBVtD_tE98FzxFm8Htsrn0L3LZEkesOa--k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 9FA3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESECial8zTFsYmI4D3EvuKqHA&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESECial8zTFsYmI4D3EvuKqHA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNVMB_6GFKdIBrRMgCcN4wYTe6pysg08dtZ4JxPHoEZi4pKBqOcVRMEjUqNjP-URdZOevoPojIJuncG6ST587a92BMoUiUzEfZR6WGvJF_yfIxqD-sRtS4ViSrR-XFvBNjthGHIOpC27bCa5EBVtD_tE98FzxFm8Htsrn0L3LZEkesOa--k
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 04 Sep 2022 12:26:13 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESECial8zTFsYmI4D3EvuKqHA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 9FA3 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhiVs_fOATAB&v=APEucNVMB_6GFKdIBrRMgCcN4wYTe6pysg08dtZ4JxPHoEZi4pKBqOcVRMEjUqNjP-URdZOevoPojIJuncG6ST587a92BMoUiUzEfZR6WGvJF_yfIxqD-sRtS4ViSrR-XFvBNjthGHIOpC27bCa5EBVtD_tE98FzxFm8Htsrn0L3LZEkesOa--k
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 04 Sep 2022 12:26:13 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 8577 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Origin
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 07:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16517
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 07:50:56 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 8577 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:03:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1355
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:03:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 8577 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:24:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11778
x-xss-protection
0
server
cafe
etag
15541287485089275602
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:24:33 GMT
pixel
cm.g.doubleclick.net/ Frame 7552
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEp49UwqnwfrbxoI5ckVhq0&google_cver=1&google_push=AehlK4AaOOclt6VoDKETuTG_jY4S4lFx_kDDvtvyHkHvlmKz0ZAfvkIxfernZCJPUtbIQ5Ap0S0LXH1kilE_d2JX...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AaOOclt6VoDKETuTG_jY4S4lFx_kDDvtvyHkHvlmKz0ZAfvkIxfernZCJPUtbIQ5Ap0S0LXH1kilE_d2JXpW38mOOP0Xzk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AaOOclt6VoDKETuTG_jY4S4lFx_kDDvtvyHkHvlmKz0ZAfvkIxfernZCJPUtbIQ5Ap0S0LXH1kilE_d2JXpW38mOOP0Xzk
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 04 Sep 2022 12:26:14 GMT
Server
MT3 4505 5b23575 master cdg-pixel-x34 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AaOOclt6VoDKETuTG_jY4S4lFx_kDDvtvyHkHvlmKz0ZAfvkIxfernZCJPUtbIQ5Ap0S0LXH1kilE_d2JXpW38mOOP0Xzk
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 04 Sep 2022 12:26:13 GMT
pixel
cm.g.doubleclick.net/ Frame 7552
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENsLry9V78CBx2kJ4_SezhE&google_push=AehlK4BZhR_a1SvWW21UPUV2ANBozO6CenrW7kkwORtMgF005pVXzMTqpI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENsLry9V78CBx2kJ4_SezhE&google_push=AehlK4BZhR_a1SvWW21UPUV2ANBozO6CenrW7kkwORtMgF005pVXzMTqpItbDWQ66-U_KopQXEIdUFnygfJi6g9sELE97lIAWJMP
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1662294374.856843,VS0,VE89
x-served-by
cache-hhn4077-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENsLry9V78CBx2kJ4_SezhE&google_push=AehlK4BZhR_a1SvWW21UPUV2ANBozO6CenrW7kkwORtMgF005pVXzMTqpItbDWQ66-U_KopQXEIdUFnygfJi6g9sELE97lIAWJMP
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
dot.gif
s0.2mdn.net/ Frame 7552 		43 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEMPFpSpGxk9Bd9ocdpS2Y40&google_cver=1&google_push=AehlK4CJ3EwUZ_tDopIK4HKeu_x9HIXFS3Q1rEFCIKMKTu31gnVa763erodWo1nUKnbrc1OqlWWrI9V3zyd4LsOU5v3-4u2H00U
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 12:26:13 GMT
pixel
cm.g.doubleclick.net/ Frame 7552
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mAv24TXZQ6-QVYKXWvobDQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mAv24TXZQ6-QVYKXWvobDQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4AgGaB81QgSsNjivpjniUZ93dwkKW6croA-5o2uiPXyn3Ryep5ga3pyetIwoSXG1v2f2n4wJk8nzosSs5ecqX5upNr9l84
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mAv24TXZQ6-QVYKXWvobDQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4AgGaB81QgSsNjivpjniUZ93dwkKW6croA-5o2uiPXyn3Ryep5ga3pyetIwoSXG1v2f2n4wJk8nzosSs5ecqX5upNr9l84
date
Sun, 04 Sep 2022 12:26:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 7552
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4BvgUazyrZ5tX5eClbhWxIMV3e9byl9sCPrWcDQ_xsIn2o3Ks97mG9mXQbfchP8XxH7RUrA4_9Ny_zRHHGEOzAhKUkagqSe&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-cce006bb-9f5d-4719-8193-34f2dab4951d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4BvgUazyrZ5tX5eClbhW...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BvgUazyrZ5tX5eClbhWxIMV3e9byl9sCPrWcDQ_xsIn2o3Ks97mG9mXQbfchP8XxH7RUrA4_9Ny_zRHHGEOzAhKUkagqSe&google_hm=A8zgBrufXUcZgZM08tq0lR0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BvgUazyrZ5tX5eClbhWxIMV3e9byl9sCPrWcDQ_xsIn2o3Ks97mG9mXQbfchP8XxH7RUrA4_9Ny_zRHHGEOzAhKUkagqSe&google_hm=A8zgBrufXUcZgZM08tq0lR0
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BvgUazyrZ5tX5eClbhWxIMV3e9byl9sCPrWcDQ_xsIn2o3Ks97mG9mXQbfchP8XxH7RUrA4_9Ny_zRHHGEOzAhKUkagqSe&google_hm=A8zgBrufXUcZgZM08tq0lR0
date
Sun, 04 Sep 2022 12:26:14 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXcce006bb9f5d4719819334f2dab4951d003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 7552
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEOdPSRNCw3XzuHaDeYx_W6U&google_cver=1&google_push=AehlK4CRroJhHoF_w5B4pfwoy3NmnppKBUBkoLWlr63n3G5-BAOdpd1LwAq9_VKaIJXjToDKvZDhVjWXZUUESxu9hKzTpT4SeQPb
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA1Mjk1OTczMDczMzIzMTAwMFYxMA%3d%3d&mn_hm=MzA1Mjk1OTczMDczMzIzMTAwMFYxMA%3d%3d&google_sc=1&google_push=AehlK4CRroJhHoF_w5B4pfwoy3Nmnpp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA1Mjk1OTczMDczMzIzMTAwMFYxMA%3d%3d&mn_hm=MzA1Mjk1OTczMDczMzIzMTAwMFYxMA%3d%3d&google_sc=1&google_push=AehlK4CRroJhHoF_w5B4pfwoy3NmnppKBUBkoLWlr63n3G5-BAOdpd1LwAq9_VKaIJXjToDKvZDhVjWXZUUESxu9hKzTpT4SeQPb&gdpr=&gdpr_consent=
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:13 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA1Mjk1OTczMDczMzIzMTAwMFYxMA%3d%3d&mn_hm=MzA1Mjk1OTczMDczMzIzMTAwMFYxMA%3d%3d&google_sc=1&google_push=AehlK4CRroJhHoF_w5B4pfwoy3NmnppKBUBkoLWlr63n3G5-BAOdpd1LwAq9_VKaIJXjToDKvZDhVjWXZUUESxu9hKzTpT4SeQPb&gdpr=&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Sun, 04 Sep 2022 12:26:13 GMT
pixel
cm.g.doubleclick.net/ Frame 7552
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKOUyaS4FECBkqx71_WZ66A&google_cver=1&google_push=AehlK4CsdOnv4Dt2nRcOBP4F-US-UHD-Q0UscQwOzpurMU_uzUA1tacfiBbb4B2CC2voVJbGV3...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1nY05hb1JsRTJ1RzZtTy5BYUVwdHFEUm1KSmlwRTNQSH5B&google_push=AehlK4CsdOnv4Dt2nRcOBP4F-US-UHD-Q0UscQwOzpurMU_uzUA1tacfi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1nY05hb1JsRTJ1RzZtTy5BYUVwdHFEUm1KSmlwRTNQSH5B&google_push=AehlK4CsdOnv4Dt2nRcOBP4F-US-UHD-Q0UscQwOzpurMU_uzUA1tacfiBbb4B2CC2voVJbGV3uIVc391K7EVd5uZJoifAUpVTwzhA
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1nY05hb1JsRTJ1RzZtTy5BYUVwdHFEUm1KSmlwRTNQSH5B&google_push=AehlK4CsdOnv4Dt2nRcOBP4F-US-UHD-Q0UscQwOzpurMU_uzUA1tacfiBbb4B2CC2voVJbGV3uIVc391K7EVd5uZJoifAUpVTwzhA
date
Sun, 04 Sep 2022 12:26:13 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 7552 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KY0onCdDmZ7W_pTBwpb6deU3rwG-8fE0eObCrR8XOZYCKLw5ZHG4T73buoEBvDvH-jI40vdg
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:13 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
AllianzNeo-Condensed.woff
cdn.flashtalking.com/155564/3772697/fonts/ Frame 7F65 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155564/3772697/fonts/AllianzNeo-Condensed.woff
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155564/3772697/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
a9b0d7c0ecb660bfe4de7e5593a85b00553c991af7bbb3b577ca2b70cace0d93

Request headers

Referer
https://cdn.flashtalking.com/155564/3772697/style.css
Origin
https://cdn.flashtalking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:13 GMT
Connection
keep-alive
Content-Length
38200
Last-Modified
Thu, 20 Jan 2022 12:34:15 GMT
Server
Flashtalking (AKA)
ETag
W/"25934088e8206e1a9f9af95cd4af5c37"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
X-Varnish
68887924
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Range
Cache-Control
max-age=21632
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
application/octet-stream
Access-Control-Allow-Headers
Range
Expires
Sun, 04 Sep 2022 18:26:45 GMT
AllianzNeo-CondensedBold.woff
cdn.flashtalking.com/155564/3772697/fonts/ Frame 7F65 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155564/3772697/fonts/AllianzNeo-CondensedBold.woff
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/155564/3772697/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
b1929a1a67ac8637b03a412182ab9919f60bed969d608f2b2fd0ee23c0c29ed0

Request headers

Referer
https://cdn.flashtalking.com/155564/3772697/style.css
Origin
https://cdn.flashtalking.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:13 GMT
Connection
keep-alive
Content-Length
40524
Last-Modified
Thu, 20 Jan 2022 12:34:15 GMT
Server
Flashtalking (AKA)
ETag
W/"4c68cdd81792ce1bcefbcf10f726e2e0"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
X-Varnish
69514105
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Range
Cache-Control
max-age=21632
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Content-Type
application/octet-stream
Access-Control-Allow-Headers
Range
Expires
Sun, 04 Sep 2022 18:26:45 GMT
container.html
7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 442E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202208101343/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:10 GMT
expires
Mon, 04 Sep 2023 12:26:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/ Frame 7644 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69baa42b5243c9fad39140cd27772eb779a829f93bbc325e2e695fd8b74f4371
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
8144
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2318
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 10:10:29 GMT
expires
Mon, 04 Sep 2023 10:10:29 GMT
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8577 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstXvOhkTBfVmhRZ-TDIUU2Yn7be2cLlNrm5S4Zw-YlMbp2a1RDM-0E3oe4k0wVaBOr4NA1n1un0hnM58jKudo5GGI5L1QtdTxhYi23J1papMHwh_KqSKxSxbN7OsYShMGRUEQ2nUPT3xfNOCA39rGLEudd7NMdDLTH64HyCdDEqWzMbnGE2E2fX45x-Z_HP-l0pTme59yvF5IbftQZi23aURHvaKGJtSdFNHTMmuJO0Veq06Zpm9-34oloC2Nx23GKDZoB0zUIFZuIS5tdDoFmH_-aJlatNtlpuixUK6YZ7ZWtyy9H7q1OUzZIB5Ozqa8RZYkTILZu8-tIto5h-UluXorsmu73W5Tt0f9Nszb_ddKjRM2nc8Ulut9NG9Zz97lrozsEp2VMjjszcgmJSUG9eD21U4A6q56caqiIVic8aq5sg7vB9XtNuPRwFncr_og9Px6AGnZ0YFJONe25JAV2ruzUfrUW3f4LwuPHMg04jAeuU5efqOLODLOLToOlJ9_9Su1f81C_JBx5hal4rJzh-Yo3ZPIJ30GKktBvT0SIaiEAAVS96fXAJRAEUBv16JeUzUxGvKe5NOZhj1hEM_NZePT6EgYkHUCx7d0qduHrcZmHidi-tqE8bfQhLGkAY_TmwHXclYiE_7uHTju1eg52Zdm43ke2vMm7Z_FstlHu1ul9s9hbUqv3oGxE2BiqXGWSK5rIvho6uq33tTfotWwWpAuTLB6ff3OHCuptkwDZHJBkxFnEcviTKxXbbctvk-k2Xcfdsi7e6ZbkdKvChd9AijO6Q2cc8bNd9O0fNhdFjM0eRiDb_TvhMdTavmvb0VRsFVq6a1cJ5Dh-eebBCDQ3PG02OBcdogN8Ww_MxMfWJ50eig9rLR93wYI5Qk8Ekcc7mtJ_E39FYT9dR_fTcWXtrcS_ZV4bsauVmF7Zg0xD8mAdWwiK7_sZMF6UyZOh4--CQNnVgSLcWFGeL9GvPvGfbjoGpkDTEBTRQ0UhonWgazAgUyyCo4JC7yoix2PoSEc25iOtg0U_zviknzpXZVd9aBAQR4SRdaY5-dNC6BQWrko_ZVAQZT8exACA0v0RjNvCHZqG0Q9QbxdfoobV5wVMZmNjcEk9D_p6g6dfndgqSQprmm-XdYe9v1ntN4qR2YxzuOwp9lpqE-bhrA-blJJCu7kLTfE8KaWoKvXhLdC-WjIfife3hvTSYZ6UESDQXSldsXoOUn7HRBTfHke7bIheet_4-2pwebCoXFTCyt5QJh6DjX9kEZuQYlCQJ2lKEvMs_OlJ8Tlse5-xIcfEErVYL1DqVldBPUtmFXiRkLVEIhL3RQkh2UK9dCh2m-deZ66qP4uktP-wjX8c-8jHkZPUdL836V8sp8Sf7SOu_oTI-FrWiRGEzis0E35JNJNKflx131JB38-S6lVl-JW5ZiJJn&sai=AMfl-YRHkk8Pyivb8lPTQXbarz4TVJsob1WBkQMVrqRTeabfMS4ftnY569akEWkY-2C8F4y9hL__0MST-Y1W-v0ai-_DRMtWld9Kfcjf2x1qMWD1ovXXlqs3TTvVkswhdyQZUhhPdkNMVqvnicZwbMJ-AXCmFyIb-PlNhOSrBoEADmJoNb4Psxn5z30H1UkWbKqJrBpmjueFPrTLI3Wvw4KrTwU_0oZc_NIGCFHlt4bT-9tgk9OQhezzZDY7YlSbbvbG9p_ePy7lNxfu9cc2NyTE73JQppzvO4GC8cucb1gCz87tbn7rzpPsx8hFWaK9WfSIfR9GwS0DAE4I2da6lw&sig=Cg0ArKJSzC4K68MDuU9ZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=48&cbvp=1&cstd=46&cisv=r20220831.04962&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 04 Sep 2022 12:26:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
manifest.js
cdn.flashtalking.com/155564/3772697/ Frame 7F65 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155564/3772697/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
840ad1e1c79cd5a60ae29c3237dda4ef279ca8cbe1fa600234ec2916593ad583

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/155564/3772697/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Connection
keep-alive
Content-Length
754
Last-Modified
Thu, 20 Jan 2022 12:34:15 GMT
Server
Flashtalking (AKA)
ETag
W/"b585ee205431126c03424afc9cb5c8d4"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
67010224
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1098
Accept-Ranges
bytes
Content-Type
application/x-javascript
Expires
Sun, 04 Sep 2022 12:44:31 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8577 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 16:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243413
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 16:49:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 95AF 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
83458
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:15:15 GMT
etag
48472445140208031
expires
Sun, 04 Sep 2022 13:15:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8577 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba779091c1cf9857fdf168168e75323bcfde25f1e3eef3b6f9f681c782fd18e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
async_usersync
ib.adnxs.com/ Frame 4C08 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:13 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
5d083834-ca98-4ff7-81a5-c443a12664c0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F84B 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhiHgu68ATAB&v=APEucNVllW2Eosx2Vd3FCLKZr2Q-0PGGuk7Hv6ZXNbbWGrn06RHJjvbtQGUO3SjQwR_l9yPos-UDpRlipMfGP4ENfbGSeSD80BMcEuEINPfp6PgNNxo01WZcNX7rnPE5NepBTMvLSwtw10ZdDjtUTPDszqY2oFXEg11LUGb_JEbaKafJonVkPy8
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 442E 		82 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AjKQibVEJsvMu-39_avCz7-IFCEkiJ2zmu1JqUb3Z97J7wHj6UHOjGfAb8B7J3IHsp8SKAM61hNTcyzczy6PKlfl_V_He2YZzDxFJoeV0bgxi14R_i-PvGR_bD0sBE_ZyjeBDxKd7SDl2INo7phPXwockp4Q&dbm_d=AKAmf-CGRmyXPEfnSS8b1wXCoqvEkHcX54CJiYe66bzi6tvO991690bXCsPrLWD6HwHslpGAHuHcSRvEb_ZRw2ehjv9zJBVbt9moXHW-ccc5iZzsniD3M-LgewrqSOmMr-JjpjsU_KBZsBmS1OcoOuaGiC_zkAkwQ4ZVuX9jLKrWk6BdsVgHSwx5HT59XEaz8mJ5uA4S3KguvOsIB5r9krbw-SqsrnaZ-BsKqIuCZOiVXgcIiEX6fYnzOMiU9nmdsLMfguPDAOOeWwiJhDeM2DCwnDxtY1Q1gYMhAgtZzigYjkUpcbBxDv7YdjWBKJZfFB69Fb6jweGws1OdL8mpViTLw2BFjJM7ewDEVHnq0-wYySps3PQB1ibJ95T-eNnitWFTOSTorUeklptI5k7Hai3lH-uXEP3dvVNP0TYAexyEWcRL_J-OKEqTMpOh2sPyiLJ9gvPlKLP2f0YnogSR_pXPN8S9Pme1zFlIwziqD0xtHPqABwYQiMhMKhcRW-noUhixjAOvHNWj40S0p20NjWkeCBEvDeblTjY7ecyG7_zHq891rMxCWmlZ89x1QMiLDSR805w5jyhMlOwAFqEl6wwgd7veNvn1Sqk-o8HqfsME0PWpeJay_avqn8urfmMJpo4tCp_XI0X4U9_DTbwNaQ56k1NxwzKuurc7Q0tWEox0AYdno0U06XFDGmjBTnaQxVrxu7nQKZQSOBnIwBhTjhfEoLGGTSMH_VqVyY48W7zdcpZd_UJhkYvFDLpl98XqoroIEEJ8BtVj2jwIIR3udjCcu0aSuJm_9ucn9aI8pot_j5pQ6LEdKs-IumZXBiLxRagX45I1iL27aUyldKb0WK3fXZlDE5qShbYIik1nDaE1l59mN6elz3kpioTm6nnClXxnabb_6uOf0dgrKF_19Gp_nnUufgLrUAEekJVKUh-pgoLpRUQYHT8-T9uNjBrgQQLa4gmZWIpbk2E3r1Dr0dbkNlu7-zDqiXTjolJmm-y8h10h1LQNknJ8GDPNhPqlOc-8WxfuEnqf7f2jVUKTbnM6C3X6sX4VpOsCRBImZFwSCfBALmwXrYdt-IcQXfmB_Kq0B8-prI917WmqDColF_IiRE4HksgdQ6S9cevRlzICYcltHyHe00CwCq_IzYE-YQ_seiObqe-Na4EmoaMv5L8Ic8oanQJI7yxoMaQSElm0aIxgdgZELLSkDI8tnPwDSSwcs2bdouzQVi1yb3D0XRikuJKQ6WY4fN3tGq9jVhmxVCiIvpJiV4mDxuZr8h-u-O0bkV6lvCHBDcVwiTWBY2sIGaM2k9bigjlPrC4xBtDxhBK9mrBFLOsLn35GWcP6nsYipd4siYZApptj0E9WT75kdZN3ziaW_2C4XZgeUt44JI6vNmA7ZTbLV0m2sdGAd5XshAyw636-dj7NI5aYTiZ7Li1dREpKZ179c563-ph12si5WJysDo4seiCpFLKtL1fVIMyHgvwwiGMU1UMAxx_44nfhRi0ouY0w3tpcMb_153WvAdThVi5N-oPqVZyvIHRIL8ZC9bG2CDheER4otjlMexQvUUGTAcvNfqYH646sqRznlMxkX_KZM7AjPFtJH_cE_7i59IZoaoBMGGFUcTc_cqkT2eMue3YFWrxcfQOFS0mDatygrn5WVscWVR2_l9OIPUJqG_2b3DdTGs0XEaptinSOjMJxqpsaBkiyNEbWBuDbatrC_2uGhyMctmH17qGmMcu8QXSqCue_0raZq6WypStVS3BPqneKANsHA27Hzf1elWVesL_zMVNTUJuyA-cbWn7VUJNph2_ugsBPrttCkU1Qyr2acjyQm64c7TQkT2CFIXOfVbVCrydKTLtIcSvqrx0s8vcH6kGTdhqyNBrNKkafBr--3XZtKeFuPwXr43OSEhOZSptdU36l2rZNaZNJ5-sgITxqKX2YUk-iArgvWUES6UyCJFVvezNEAmuYOcC54bQ6GaA8obnzR80Udrhytx8R_wlAEarq6i73s-46s2jR_Zhg85Lfm55w9YJDST28Ot1WvKPuI25KVlLAcHQEdHmKPFk8SwoyJj3micps-06qwkbZMx0FczU_WmrUTjkyqBgZx5BLHtZnEDivrz4E5HLBVJLW_Tq38v8XxvrR1HsHt8vroCWhZS9t89pQNSPuy7f_8ylpzcUNQM2-l8ki0xOp_tnjehmazh6AE_ksHZyaUXRIlYd9iumK7KcqJNeTtY_81gUbP6bnKtWK8L-uK7wk6NVpTg3lw6YQ-QW_5BE4ox_q9Dp42dW9E7ArIky_8_UsMxOmos2rqBIjNKXt_nYRVAN9sibJ05qKf0Q_cSal_YOH24Rzgs6vZ_NgAC4M2CPitEaiqchLeYSqVTK1LdbfVY0IILAtmbzDPFdDeuFYoxGaIQiWpO6xLDX_jdGawFcPXTSLAh_eUHoMsPF-uqSbUp13UfnewNy6hsPkgqmIOPOiNrRl-0OJI7anV-fTJ0sYK2J7aeda9RtQE78RX2cWF2ePut4MqA9n-9NIBAHjkbZI7Z27Sx4xvG0pjZiFIMpqKiwd6bHXrUIxKfXKUisgL5YcYPpqepbtKJWYvJJqZVACWv-Zh0VAbwwT0yXMNzdPbCYWZjlns0dlCBFDOBEjraGSywFJjxkjTCPZmPXGLpXvATQjbrowE-C1sUvMXNvbthDymJAa0cSo8y29u3MKIJGEx_tW1p2r_VknOOfB3ZS6GqgppWKRdwZuhgsEDVyYhYDDBYGe2eu4KbD8GexuvH7f7fATCHGDOVGRfOAxKgGWVWlOLUuC_pqeFslWqpwquL13W2gCmAhbuhVq6OebVcWLPJwdVn2fDpoo7MnAa9ouqJBUSSxeClwx0BOF_ewKUgM8nFPxHQ2CR7Bp-SF0uzX24baba4kFPxWVnjkr_SgQ3vMORLQMVGIfnPIJzYrJ9oD760mnMh4pmHLeghQCdRRjcC8hCI2FaU74mA7uIM1uVz729Pgi-uoEUgENpIWlCZtcBlxoCSTYbrCt1ZmyFH927d7icgqKsWla9ba26GxIVAiMsMiQDV-uk5wPntbG7gReaUhN3GCfp_AQO0ztYyzpu64RQ0JhDrkVoJCkse61EoXBW4XRhyREGeOc4kmB4o2eYgzNW0CLbLTP0gX5jcDb6L585cc4wQQFNdGzGYXD8rkbIP2nSDwC6M7bCR0XlCZzt8g2za0Ifl8O4vs39Aj0R8C7uNCV6w2AJ3FnBiyRO1K-mITPxxP9fs14wslHpq-33R5ZQtX2Wr8BBZTagvVBTBZlgmbyKaAT9-MvDWOPcvi55gYtm7R6MTfS8MSdZmFwCXK4rAlCJ44l0U84nP6cnoZejFBV_2De6CnMEay5jMcInTgWlnau0QNVBBJEaACAKmLCxipdD_QrZcoN7ku2Tzcbdrfzbf8HF4OfqbqhOw&cid=CAQSTgCsnQUxaWOm7J_FBzdjOfqlOeo3N3DmCbMSRhaSqXtLNIKz6xfxJbeB2IoYsswypXzEi-P6dS-08MYxv-fpL-aUPe-oAQgnmz0dlLJGGA&rfl=1%2Chttps%253A%252F%252Fthemorningtribune.com%252F%240
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45ee2725c6ebd544d4d82397d7013f0d2e64d9ded813843fa9b4df7c31700a93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 442E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AGF7SHyF_OiS0kHUODTqfA_KXFXIa_mJdCRTSrx3qE97DOxAyH2mGYxXIVB2z1ZGyk_bBlq2FvTrC2lCyhF4kDiWFDxPbQbm_er4CCSmSfvYlaZHM
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 442E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:10:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
941
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:10:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 442E 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Sep 2022 12:26:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 442E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:17:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
524
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:17:29 GMT
l
www.google.com/ads/measurement/ Frame 442E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR4bnJ276kHmMzHkLT6J4lmIuPUj5B8qqJtKZ4Uzua1q5ODsHGt3r3MmMeXlJ4TmpgvdsQA92BCQ1lrG8a-SJZYtnZvtQ
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame 442E 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzI4OTYyMTcyNDA6MzAweDI1MA==&v=5&s=v31gc47edha&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsMjI3NDE1NDM4MDgvdGhlbW9ybmluZ3RyaWJ1bmUuY29tX1dlYl8zMDB4MjUwXzciLCJ5IjozMzA3MjIsImNvIjowLCJzIjoiZGl2LWluc3RpY2F0b3ItYWQtNSJ9fQ%3D%3D&sb=undefined&cb=4256649&h=themorningtribune.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6STRPVFl5TVRjeU5EQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODk2MjE3MjQwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.15.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-15-154.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:13 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 896F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
243414
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Sep 2022 16:49:20 GMT
expires
Fri, 01 Sep 2023 16:49:20 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 10A6 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssM3bb_DyvtpaFSYDXJddYw2fy0wBVE-NW7gdmfXhw79vo9co-LySttdQk7Pzqu0c-DVAKWnfxDU5bjFOrvt2uhFgV_vcpHjqrrzgbrUXfy281YamVG-aZ5vuayChwq7nif4s-y3LdTWyVbkQrcvZfkE14AHkZpwhVy_yy-HzOjXmvRaLSuu8hF284rAoYQg6t1HH6kTfNzxUZUz4PnIZEiCvoaKlPbupQPpv-waksMRZp_P7Ff-1fNjXk-1Naxw9WLfhwYexUkiieDkYVqTaHrwF8wehq9Eivtfknxays6iWcR7av2GZpr9YpjuXED_gu799uQftzyRQSiNIdxqAESH9iBsz726aj20jLV5hdPn4yipYsZzKG6ZEsLhDRWxi75sCx8Hpg7cinXQN7MH0eOitVD6cG5XnbI3oZ6Nxv_wM5UnhH5XsgrvZ3kXWczhOk8spDZ-6a1jHmykUjQa0xx4xmTDbssmQaGNFXRI6wiRXsFlGWorfjd3Wrq2tw9TWTx5LAAb0aZPq9MHUXiesseftLrMmbDLh1HyK0cQYURUdz0GYSu7ElaH0M0_P-rswiqK-1VLIMVnjVajpFRSdu7Gyvb0XxwLvuwvu5OzaWYSwXdCUn0F74qxdJmfVvLeO_6g2UP2_AMC5iYc9WrnnbQAPwVOUJkeaQjjZDzueV26ctl4tGjSCkC6gqEelbljBvb4YC4xGSXs2GNkE81JEbZZyRXVIYTGMOisa39H4_EPmDmHQcb1If9p4_D4BVNDwxFuhjhsBTf5XGZcAOOlAi9VjqwLQejWmYm6gyB39m6W0tNvX0mF4-hHVlS2VnaKabnNtmKPKQd49edSlkhTYOvmOO6yydhbsnVJp2ui0LdHtEMhQjFs6n7eMexU005Tc8n2bgFf830QSkLdRaZpOjwvAbR82xcj_8q1NTS9C304gcajAHNdGnVOU6Amg4SfXAZ7s4d7hHfjVgRhdZPrwsaLOzCjNI4uyenxGvhZ-Nx4rJ_HTuX9pl9ZygehKQmHGTDNa9leT2sEftNfhPjpmniHOROPy_9VD8qOtAQUBx1NWR5nvAV2e9cWu4Ff3hEnfqQ_5YWlGdqjaLJGaiNGb3SpwQbFviram9LxIvNqUHVSYZEYNGVUrZyCC2QtfhyAsJbec5rQmyLePzrdYzinai7MXB58jVJ4RY8YWHWrhb841aEjwd5r4jrnHkAz3EUQ5nCGgokbU2gOEA_6RVZueNjcijvt3-e0IePt3uRvw7rScEM9sPIePMRa0vcK0qmIXIORVsCoZs7BJERClQMPKufzjs9Jw&sai=AMfl-YTYg-EpQTRv6p8yAYvG4kO2yz0MMUZkaX1EFe6ExDRdrfqCvtmW-J5oU4_A3VUpxElujOf4LBTDuqs3qnwBiGvgnTdA91lAFV7iUmgpbKSxvFfcMtKH0Nq7aNK7EYTUJrzytstP3C7kCB9nNzC098RueltkOKu-CFDJDZ_NgolSybCgSHueCSbGBLpbVgC3OuuGOkvc0OIFCKvyZGUKpvisTOQVdlgmVUL_uvRy93hgrnYOyrGdxATARkolflDxgomTx3VQmexg6jxUpF16wRZxYSZWx5dYTliWH2WhRuvtqpSbAQ-6GM3LGQ&sig=Cg0ArKJSzNGhelXUUIUBEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=427&vt=11&dtpt=427&dett=4&cstd=0&cisv=r20220831.19743&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJ68DXaO8_euW85l2FT9SaEn_E3DtQVgHYVkjo8fTkd0fVG163J5CU54CXpbCsroPHPcAatWIxyqOC5wjaLSb4Yxbq3g&cry=1&dbm_d=AKAmf-D1WG0RicoVZM8UpfXxwBCGQSEqq_X9SrnrQG-cwPdFPIrOQYNKrvxpjCgF5YkNkjB-H6sqxz3Vm_EzLObYVXbej0u6o184tlW_XMdLVR66sOD60Eb-4wtat_3_pBraDSTHXqohOraNJIFNVpz8CsecpsBV0PQtMikpQ2K9Wq8T1P7wN0cQULhF9e0eSQmhnikFigRGbLBRsdbOFeK3GazeoU_aB8ctRA_Z0HH0OGMJWRXtPRX_CJm3xunUqIn7opPkJ-Z5C6sy2YkpKS2auyjORpwfykF12Qk8KX4cf_Cc6CSuXOESEF1RSTEsU0IsmhDzMqRanj49CYcfUzuX0cMPfBaJA_gto8C21-1fUYjvMHa1iVTcRPF9spG3O_Ce-y8RQt1wJw1Ub2LR9EPtazMyCcPVRgtcpLP7C_UrOnLO6SWNpb-xTX-o08Tv2wlXqScuXqsC3UAqTFhIUVwZkvoi9pFbnavhaGekZ6O0lp7rCx7NYaqoYdABLoHbmwM38tGh4vETArSbmIaKeJfQKt92eee03O0wFXikYJ3AyPpg8K40rzRiSnAdzitvHnFQRgFdndwrsbQAWfOTYfGheOxVESzBCcN5DFaasHhpwJtX8flr4K9r95Olkhh15xNRCCoOdzU2wFoOTBegELQEhU8kXsUcefdrssaZyZaAfrpTYIYK2kefnmAJSfs1J9wMtuC57ibAiKZujvKBqC8q0nWzTOcuRx_hS9-ATABqN9xoEg1aKesyY7fqajzRAvGw1XKSj8qUSjDqMlsKw_jZojqbTFe5bMYE0gJWoN87Uk8wuD29ZXHLKjEKU8P488VjUjYTnt6lxWyuwjpeoEHZ_b6wNlSy8mmeb_fZXH-etWmGmlpnhXYZ5Y8oi-YLx9UnEdpZIWfWt92jym-8FWYWw5fT8GEZTn2ATvtAYDb_yuwuYB5sJ3jjtZgnDWwjRocB-dFOPD3T4kNZsqHk47HOPNHSK-uvZcD6aUA9gCDApssv63g1gTwGldo2vRdhU5JOpkCEj3bFHepreMBSTiuER73EG3zZ-Kq7hlrDlhde2YYovIQMD8qcvatwP0azGtrsewNgb8oG7-5Phx69wp2o7SfgjQBY6B3lWmRYko2vAp2G9CX2juEdSsYsML1pg-EXLUYbLLIjO9aUn5LwPqOvmsSntUWLxijd0VWqNkuLfsIoa7UXVx9_WfmQvZTdRz95dAekF1cM0ii26KTbZN0PNKg4Q7wjY2595kVlOvfNN7xnZU90pcqL6WMpuEbGVJ7Z2GFXDnFKmRdQJw5WJ1NTZL877eLHtTTVTsaOtI0L9pKHfZnZohnkmmEepmjBhXXdWXGh7Pb1ZeGQxB2COL1v98oXDx2sjRuvnTFp3pr24LWseWu9BmKbOkmKGCx4TrCic1D0ecKVletehyBcXpoqg3pjppqrWZfObv-056--UkdGH4c_VGQqX9AugiWVnS8yv9QuEPx-sGnPwE4E5rHzPpiNIRMk251lTqhfYD7SI3t4jdmd3BA2aWDZNZk_1ZXZRfmMnYQaaFDpKso5-dPWJ-Z8LfOKhIfpH-IzVqhCLNeq0r96-QeaxsoiYxiPze4JUJ8ntQe01kYcLWqjdap98FZjqSZaftS0yD3J1FexYEl93g0N0AopweeEqItjoc_Vzp40J8ZBXF8Z-9iXswwbY77cs-RaPTsQl8t3tRZNF4nNeHZ5EFefKGfT5xvuljmgyvAeNJbPyLyu4YxcccF-_dFsJsYUf9miVrAHl68Ru7op4MRdgQIamXfEdSBB9SG20eTvnlyTtuVQ0OrYZ9LGdQJ7MwhJWeBkw4L-LZZcbGWi3Z6VtZl_IjdKME8oQERSTrOcw511il4b8UBaTPd6qgDnZx2h7USMc5tBAw8byBt5IuNfEEAVb0U3UyDrJ9gCxeCUvWx6SQbWuRrxKMXNNF7CgCovQuDzwcO-dIS1I0h43VnATXzC4idXqS2YvcCP8eZ6n5ZZBc3t12PdDW4BqD5zp3NI9yceA2MIf2Dwb6q7DyVv2ZmZKAZJBZKvZ6n8RMaf5YPr2366qDgiE53ffU7NPuCDdaDU8yHFPOTnOdYOmyLT-l2SpNOSynGYxPSat_WUKmzvWZnCI7DIi9szhynyNsoceFEhCz5ry6siyr715YL6tsvoNbQDecKIADSLs8ROaXCicbW0zpe3gArRPmdUStZ-FfGsgXF3ckT1mly9WapHnuadbfBUFB3de-bAb8sBBRuHnIpg0JXHlaRd3S-KD3g3SydrI-1cSvVLSLgAko-kqtX4uox44loxSzUMAw8qWIIf7GWFUsgR14rbAABjmDHMva-lRw2aTzZ_hqsry8v9LwKsTbZsa5Q-8VQmYyZh87xLRXqVhBRSkcOwb3G8OuAw8ILyNNtB0g35WuJJzQooJqTONbKPW9TgB0PBVpFODC5NjKVyb77W0twAaSZUcXn-WfSjiFQojaRKTupdU6eqLTdPd2u5MZX2LQMdgp0rnUstOyGmhOtDbuFA_R9fTgMpyOh3Os96ekmAYPGvTGCKTjB27botpZ2duDTqclGe53MkhkDNtS8pOCSEjGceDkc5dKA23q4lieWO2W238Z8OL6nrkbBGmN9g_kncDSHt5jI177o858m4kSSYwmEUyN_a87j5H4E1qCEWCFTjrHLArnvq7sJyVVN5yS68NiHA-eoPB8S2RtGv9zw-SuyQTP_pEfq1KPPp4szLBBAMtpzj8x8MmtCKO14tHOjbYwYNwrGvblR_lklDf47xgwnq1Qa0RjPooFFQiHkvdhlebWdDefsis04R9AjtMuxUKvnSEKkEcAl78qr3jpCF4Sp_qHGMARDX2umCWuG6__sw0org3HDRlbqKybXF3LY8RNmeFkPLMwAVqkARehdDZ_170N4qvtQ3-D9QvDCmJtgwUfX8An1tmaDTeNHQ843QXSveLk6by1ymyGySg1yqv1rD0QI85l8hiYjnrWdDeUUnZgE5E-8nOkum3DtKxflPwVd_s6HZ2HKHmtB7-r_f_v38U4c485iow4zsc9M-hOcdIAAlM8XA41CHOaSbLjD9qlcXu2f3_xhNm_QMBHavYPJqJi6KWUho_Lo1MXtleoWIFWLpJjrwwK9pIKCqRS6Pivj7bVIH0VZdTMFui05XhDhollVVmsZi3wDWjdObks6Vt8m-vykz5W5k76VUjW09vwN5iLLY9oyg1ge4TktFsj9WlOAGsuH-isXqX12WOWU2VNNH9JEHkAZWxTZFCDkI1FD0Xb9Jh7Yqikl3O6KnebCQk8E9J2QQq_MOu3OGJd3amNuBbqE&cid=CAQSTgCsnQUxtKZ8JQfxKoHYvtY1ffWcLaH9alhF-n9q3AUIrxE-zS7QxDMFfInYFqzgmRFmAk9PKTshjp_Z1x9-QCEQb4ZD72Qt-etupQjUbw&rfl=1%2Chttps%253A%252F%252Fthemorningtribune.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Sep 2022 12:26:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
mv27014093.json
cdn.flashtalking.com/155564/ Frame 7F65 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/155564/mv27014093.json?cb=305434634
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
e717a645581874f187745e175a04a6a3b2aca4217c1fb7071e1e2d89ef1c673b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/155564/3772697/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-meta-creative-id
3772697
Connection
keep-alive
x-amz-meta-creative-library-id
155564
Content-Length
769
Last-Modified
Wed, 24 Aug 2022 11:24:59 GMT
Server
Flashtalking (AKA)
ETag
W/"4ec42b5e3fc1dc577f462664a1d39f5d"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
69330930
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
x-amz-meta-ad-type
HTML_onpage
x-amz-meta-version-id
27014093
Accept-Ranges
bytes
Content-Type
application/json
Expires
Sun, 04 Sep 2022 12:46:13 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 7644 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 04 Sep 2022 12:26:14 GMT
index.js
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/ Frame 7644 		23 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6e080e881e29a77d25b2707d3d130d52bf039080f439ffe7618ed9ebe5c0d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 22:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311001
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4226
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 22:02:53 GMT
/
google2waycm.netmng.com/cm/ Frame 95AF 		0
0
google
match.adsrvr.org/track/cmf/ Frame 95AF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIca05nf4uqF8DLJ7GXdz5Y&google_cver=1&google_push=AehlK4AqgF9CnUtPVqjhxCfK1oh2-jDVym71OCe3XYdejBibtYfovqN3dA3y5SWcHqA-SeGqMFzYRcsbdAkFeO_WHSkyOIehkgN4
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 95AF
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEP0CukN9qEFkqeLDq1jyZTE&google_cver=1&google_push=AehlK4DyKrCEUAhJh46O3-EMsEQdyvAPF8noJ5N5rHYKLOEtNX_gqFYWgqz_LVKTqg6gv-kck6OAehW...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEP0CukN9qEFkqeLDq1jyZTE&google_cver=1&google_push=AehlK4DyKrCEUAhJh46O3-EMsEQdyvAPF8noJ5N5rHYKLOEtNX_gqFYWgqz_LVKTqg6gv...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=jGDCFsmaSly5Poz7Jrd7J2MUmWY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=jGDCFsmaSly5Poz7Jrd7J2MUmWY
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=jGDCFsmaSly5Poz7Jrd7J2MUmWY
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 95AF
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEE59SkskPYLFBe1bSrp7wCQ&google_cver=1&google_push=AehlK4BC8WnvDK3tm67bR34iBX-zD8ljfSC8-tXBu1j1hijAi9Vd1rVRZZfTKBuintQsqkKu4jDQlyosvod...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4BC8WnvDK3tm67bR34iBX-zD8ljfSC8-tXBu1j1hijAi9Vd1rVRZZfTKBuintQsqkKu4jDQlyosvodQGXiV0C_V8ZU_zg1M&google_hm=nhsaX_bJSeyr9BNZ8xSwqoQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4BC8WnvDK3tm67bR34iBX-zD8ljfSC8-tXBu1j1hijAi9Vd1rVRZZfTKBuintQsqkKu4jDQlyosvodQGXiV0C_V8ZU_zg1M&google_hm=nhsaX_bJSeyr9BNZ8xSwqoQ
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4BC8WnvDK3tm67bR34iBX-zD8ljfSC8-tXBu1j1hijAi9Vd1rVRZZfTKBuintQsqkKu4jDQlyosvodQGXiV0C_V8ZU_zg1M&google_hm=nhsaX_bJSeyr9BNZ8xSwqoQ
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame 95AF 		43 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEMPFpSpGxk9Bd9ocdpS2Y40&google_cver=1&google_push=AehlK4Dx4Jrfnz8knw92rsOe05n2B3TncpXzE8dNgbk-26cnrfffMMpz9PUWqWKDCT-e2x3wsefuWHNOpsh_j-vV1yV1ZC04AGI
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 12:26:14 GMT
pixel
cm.g.doubleclick.net/ Frame 95AF
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKSntnvxvQWca9fmfiQcxtE&google_cver=1&google_push=AehlK4AXLMGiEI23FGKsJP83c6tEgpAffTiIYNfCkZLXPlU5YcP3JWVCslBCJvvR9n7qVTVhWtA2pJOkHZLF3HALNhMIJJkcT43u
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODYyNzA4ODg0ODYzMDc2ODQzNzg4&google_push=AehlK4AXLMGiEI23FGKsJP83c6tEgpAffTiIYNfCkZLXPlU5YcP3JWVCslBCJvvR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODYyNzA4ODg0ODYzMDc2ODQzNzg4&google_push=AehlK4AXLMGiEI23FGKsJP83c6tEgpAffTiIYNfCkZLXPlU5YcP3JWVCslBCJvvR9n7qVTVhWtA2pJOkHZLF3HALNhMIJJkcT43u
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODYyNzA4ODg0ODYzMDc2ODQzNzg4&google_push=AehlK4AXLMGiEI23FGKsJP83c6tEgpAffTiIYNfCkZLXPlU5YcP3JWVCslBCJvvR9n7qVTVhWtA2pJOkHZLF3HALNhMIJJkcT43u
date
Sun, 04 Sep 2022 12:26:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
dot.gif
s0.2mdn.net/ Frame 95AF 		43 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESENbr79oHo2hqlrqZtYc7uKQ&google_cver=1&google_push=AehlK4DZ1XXuhe7zP-x6phPdKbb_bytwp9vRBW7-v4dCyYxFW7Adk5CcTKCSTjq17uuTFHaAkMPjbMhXSAG4xEfpJmMlnF_23cb_ZA
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 12:26:14 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 95AF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L5Tlt4TdOFBSvxWyiPR3z3cJhCPmdOxrzrTzQVND_-Bi8MOw0PKpih0fqD-wHXdjgRhouYbw
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 442E 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Origin
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 16:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70482
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 04 Sep 2022 16:51:32 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 442E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:03:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1356
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:03:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 442E 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:24:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11778
x-xss-protection
0
server
cafe
etag
15541287485089275602
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:24:33 GMT
sd
us-u.openx.net/w/1.0/ Frame F84B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKbxu7052dmv2VeWzPKSeo&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKbxu7052dmv2VeWzPKSeo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhiHgu68ATAB&v=APEucNVllW2Eosx2Vd3FCLKZr2Q-0PGGuk7Hv6ZXNbbWGrn06RHJjvbtQGUO3SjQwR_l9yPos-UDpRlipMfGP4ENfbGSeSD80BMcEuEINPfp6PgNNxo01WZcNX7rnPE5NepBTMvLSwtw10ZdDjtUTPDszqY2oFXEg11LUGb_JEbaKafJonVkPy8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKbxu7052dmv2VeWzPKSeo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame F84B 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhiHgu68ATAB&v=APEucNVllW2Eosx2Vd3FCLKZr2Q-0PGGuk7Hv6ZXNbbWGrn06RHJjvbtQGUO3SjQwR_l9yPos-UDpRlipMfGP4ENfbGSeSD80BMcEuEINPfp6PgNNxo01WZcNX7rnPE5NepBTMvLSwtw10ZdDjtUTPDszqY2oFXEg11LUGb_JEbaKafJonVkPy8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame F84B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESECial8zTFsYmI4D3EvuKqHA&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESECial8zTFsYmI4D3EvuKqHA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhiHgu68ATAB&v=APEucNVllW2Eosx2Vd3FCLKZr2Q-0PGGuk7Hv6ZXNbbWGrn06RHJjvbtQGUO3SjQwR_l9yPos-UDpRlipMfGP4ENfbGSeSD80BMcEuEINPfp6PgNNxo01WZcNX7rnPE5NepBTMvLSwtw10ZdDjtUTPDszqY2oFXEg11LUGb_JEbaKafJonVkPy8
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 04 Sep 2022 12:26:14 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESECial8zTFsYmI4D3EvuKqHA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame F84B 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhiHgu68ATAB&v=APEucNVllW2Eosx2Vd3FCLKZr2Q-0PGGuk7Hv6ZXNbbWGrn06RHJjvbtQGUO3SjQwR_l9yPos-UDpRlipMfGP4ENfbGSeSD80BMcEuEINPfp6PgNNxo01WZcNX7rnPE5NepBTMvLSwtw10ZdDjtUTPDszqY2oFXEg11LUGb_JEbaKafJonVkPy8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 04 Sep 2022 12:26:14 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 896F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 16:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Sep 2023 16:16:51 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 442E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 16:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243414
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 16:49:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B893 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
83459
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:15:15 GMT
etag
48472445140208031
expires
Sun, 04 Sep 2022 13:15:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 6A8D 		115 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=cXx3ErWWLy&t=1&renderingType=2&ev=01_247
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7733207cffdf30a54d5243350f4d55e696721a83a3022df349ce7ee17cbd3c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:14 GMT
expires
Mon, 04 Sep 2023 12:26:14 GMT
last-modified
Thu, 23 Jun 2022 10:58:01 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
truncated
/ Frame 442E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed53f9e05f2bde9f023a19cd474153a7d3544de2d1328cae6da849f746b6c915

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 442E 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuEGG-JQfg3QRD39g1Qm3J-2s-I5RdBDUjv_UVw-2HPmuJt2HPKZAvzslbQ96KaK7aiEdCyS9kQbU18mIYyt1RFFjvfuLGwUCF-GMepGpnbhHjkcy_lkOtEOqJfLzRhMquZ2z92eS2fEpil7ixWb2Hg9A9J9rP8WfOcCbNYTiXnH4QtPq2zT-Qxx-S7CRj4w9uWcQwJrp3p-XKUkdodcXlC7fQPJS3FVR-8onH5IumN2N1-UOx8cLGm6WfuZPErrt1uYdgaQbHLCe6217OK9APpejTuSyVT6-XHMMQkZcpTxLOCV24xDqr0uFQ4iwjuPF3LWTuWK0J6ycnLIr0z4y2bKjuixF21h7n3td_6vpsWUvyFk7dfqvPtVK3TWkgHoSwLMMnl3GdQmJDS_jXEi2xEdL5fmwoEoY_dq9JC1jFfoGKBosNxAaDUnRWJ0zw_UybgYghXUFSsP7lQZCGPPmmFaBeEL2ovPLAitT0xV2c8MDckS-zqqZuDN-N6VSMXt0b5zZGiPIBvG1-9ralrJudfMQPTvjWo1gQcr5L4HkeMuJQf9QAusKTL5RN0mrENpKbXrFBaSm22cngiKHE6M11Pz0V7DW0SoVly1H9pPQ2C9KOY2EUWkh9CLjpL7TVj2zRDwESzSNYRZQNp7fJ6gOGa5G3XHM4WvTt8eikpyeYPkpYbhVRBzP01jN8qhj7i_dmu1uNL8KqZ4vuEqUmRD0FEn7CG9HAaos30bhwWoK1Lq5QHh5OFieLLr-lG-mHuTQpmwDxy8oENdVZVG-DPvXvy4lqN_j6blZL0I2oUP4ucxEsekhVyIoCPvJ2P8fGRNBjvLYKStWf67KHMxBfaQjH4uMIA9BYeOXmTh1VoIMd-w4IuQRXnR1lqHaXkt2P2MtuNfKfwIf-AfW6zzNesGdjbQNoWXTSMC3oDMxiY0q7DrH38gg2uh3EW6SOgjrVNgxDQ5DYNPrIK6EOX30bdyhedOLOagh-EAgyQ8CjwcFUh7UipZKoejgZrYkzrhaW-dBOnRORIvjNQNDBkGwDZyo0ASewbeQkXy9q966BXweqN0vClHgVvzEehvIsjbWsF95N4XPYCOpwqHlEa1hTeXudCfnUyTRrGXLWxy09Nx2t_-QE05IzqYzzTWBYLXvG3_9oy5bCjXoSWps64-6uUTbENYmz6k_lenuHfinPK8divSIs2s5R5nKmFcL7ONoG2EMEzfxdelGiYGC4zN0UXleZ370eUqMMe8wFJStGL4EO2Azcmk1oo_TL2Foq-x8mThHKiSQB1nYLQ_yr-YvF_D0cEIJUdjwo1GQFOMfS-5L6bLCU6Ds1-FA&sai=AMfl-YS9hY8dSp79Fb3z-ARC_eeW6fmVu1sPchbzw9aWPnnek4PX9tpZYZfirm4FcbzA3HJMt_kbxbPuTg06AEJZRYP7tFwvkuclqUuwht1spUf5PVjhw1cl_huJz21hYJAT0UZgDFT_jwt3M0XMfNTrb3PPhduu6GRwbS_tVpS2oi7cvy04DQF_1xQhS3cL59EG0Jgg9iotcZeg7zElZS7pB54ayVinehGjCNwP7i8JuaDbXEmS5_l95mPz8Kjv6JApqkYWewXx8GRdQB-GoDNbIUJt9EDGh2E_3ItsaMxNAywzzT3ntzBnuT5kPQ&sig=Cg0ArKJSzOxmEnbt4shwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=92&cbvp=1&cstd=89&cisv=r20220831.26067&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 04 Sep 2022 12:26:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
bgrd.jpg
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 7644 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/bgrd.jpg
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7310148aef9b5a6415c86ad58145e45ca053cb4dd04ee071a3840355f955966b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:08:11 GMT
x-content-type-options
nosniff
age
1083
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8938
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Sep 2023 12:08:11 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8577 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstXvOhkTBfVmhRZ-TDIUU2Yn7be2cLlNrm5S4Zw-YlMbp2a1RDM-0E3oe4k0wVaBOr4NA1n1un0hnM58jKudo5GGI5L1QtdTxhYi23J1papMHwh_KqSKxSxbN7OsYShMGRUEQ2nUPT3xfNOCA39rGLEudd7NMdDLTH64HyCdDEqWzMbnGE2E2fX45x-Z_HP-l0pTme59yvF5IbftQZi23aURHvaKGJtSdFNHTMmuJO0Veq06Zpm9-34oloC2Nx23GKDZoB0zUIFZuIS5tdDoFmH_-aJlatNtlpuixUK6YZ7ZWtyy9H7q1OUzZIB5Ozqa8RZYkTILZu8-tIto5h-UluXorsmu73W5Tt0f9Nszb_ddKjRM2nc8Ulut9NG9Zz97lrozsEp2VMjjszcgmJSUG9eD21U4A6q56caqiIVic8aq5sg7vB9XtNuPRwFncr_og9Px6AGnZ0YFJONe25JAV2ruzUfrUW3f4LwuPHMg04jAeuU5efqOLODLOLToOlJ9_9Su1f81C_JBx5hal4rJzh-Yo3ZPIJ30GKktBvT0SIaiEAAVS96fXAJRAEUBv16JeUzUxGvKe5NOZhj1hEM_NZePT6EgYkHUCx7d0qduHrcZmHidi-tqE8bfQhLGkAY_TmwHXclYiE_7uHTju1eg52Zdm43ke2vMm7Z_FstlHu1ul9s9hbUqv3oGxE2BiqXGWSK5rIvho6uq33tTfotWwWpAuTLB6ff3OHCuptkwDZHJBkxFnEcviTKxXbbctvk-k2Xcfdsi7e6ZbkdKvChd9AijO6Q2cc8bNd9O0fNhdFjM0eRiDb_TvhMdTavmvb0VRsFVq6a1cJ5Dh-eebBCDQ3PG02OBcdogN8Ww_MxMfWJ50eig9rLR93wYI5Qk8Ekcc7mtJ_E39FYT9dR_fTcWXtrcS_ZV4bsauVmF7Zg0xD8mAdWwiK7_sZMF6UyZOh4--CQNnVgSLcWFGeL9GvPvGfbjoGpkDTEBTRQ0UhonWgazAgUyyCo4JC7yoix2PoSEc25iOtg0U_zviknzpXZVd9aBAQR4SRdaY5-dNC6BQWrko_ZVAQZT8exACA0v0RjNvCHZqG0Q9QbxdfoobV5wVMZmNjcEk9D_p6g6dfndgqSQprmm-XdYe9v1ntN4qR2YxzuOwp9lpqE-bhrA-blJJCu7kLTfE8KaWoKvXhLdC-WjIfife3hvTSYZ6UESDQXSldsXoOUn7HRBTfHke7bIheet_4-2pwebCoXFTCyt5QJh6DjX9kEZuQYlCQJ2lKEvMs_OlJ8Tlse5-xIcfEErVYL1DqVldBPUtmFXiRkLVEIhL3RQkh2UK9dCh2m-deZ66qP4uktP-wjX8c-8jHkZPUdL836V8sp8Sf7SOu_oTI-FrWiRGEzis0E35JNJNKflx131JB38-S6lVl-JW5ZiJJn&sai=AMfl-YRHkk8Pyivb8lPTQXbarz4TVJsob1WBkQMVrqRTeabfMS4ftnY569akEWkY-2C8F4y9hL__0MST-Y1W-v0ai-_DRMtWld9Kfcjf2x1qMWD1ovXXlqs3TTvVkswhdyQZUhhPdkNMVqvnicZwbMJ-AXCmFyIb-PlNhOSrBoEADmJoNb4Psxn5z30H1UkWbKqJrBpmjueFPrTLI3Wvw4KrTwU_0oZc_NIGCFHlt4bT-9tgk9OQhezzZDY7YlSbbvbG9p_ePy7lNxfu9cc2NyTE73JQppzvO4GC8cucb1gCz87tbn7rzpPsx8hFWaK9WfSIfR9GwS0DAE4I2da6lw&sig=Cg0ArKJSzC4K68MDuU9ZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=360&vt=11&dtpt=312&dett=3&cstd=46&cisv=r20220831.04962&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Sep 2022 12:26:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
az-care-logo-white.png
cdn.flashtalking.com/155564/instantAssets/ Frame 7F65 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155564/instantAssets/az-care-logo-white.png
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
3c0b71db9ba69d2911827d13d1e05166c5e8f22276290c69a15926854e2b2d2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/155564/3772697/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:14 GMT
Last-Modified
Wed, 24 Aug 2022 11:06:54 GMT
Server
Flashtalking (AKA)
ETag
W/"f2e2504b5c76225cd76f5f23b8756ca4"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
67423421
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=981
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
4601
Expires
Sun, 04 Sep 2022 12:42:35 GMT
f1_300x250.jpg
cdn.flashtalking.com/155564/instantAssets/ Frame 7F65 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155564/instantAssets/f1_300x250.jpg
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
085327e7c84123af45c60636421105c9822b6060823ca5049f261c01adc69b69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/155564/3772697/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:14 GMT
Last-Modified
Wed, 24 Aug 2022 11:06:54 GMT
Server
Flashtalking (AKA)
ETag
W/"5093be875e0ccc748d1ca85cbde99c47"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
67173076
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=142
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
38829
Expires
Sun, 04 Sep 2022 12:28:36 GMT
f2_300x250.jpg
cdn.flashtalking.com/155564/instantAssets/ Frame 7F65 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155564/instantAssets/f2_300x250.jpg
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
403222a6df8e667b965352ff18004eed9f7deb7c6ec0d9d275d342138d7c61a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/155564/3772697/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:14 GMT
Last-Modified
Wed, 24 Aug 2022 11:06:54 GMT
Server
Flashtalking (AKA)
ETag
W/"dbfdf6263580571705b0e20418751781"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
67780259
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=142
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
25234
Expires
Sun, 04 Sep 2022 12:28:36 GMT
f3_300x250.jpg
cdn.flashtalking.com/155564/instantAssets/ Frame 7F65 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155564/instantAssets/f3_300x250.jpg
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
d07a81032ceeeb3aad2bb744cfdbb82f9f7b08dc52912f0fc16f50c1d8f30583

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/155564/3772697/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:14 GMT
Last-Modified
Wed, 24 Aug 2022 11:06:55 GMT
Server
Flashtalking (AKA)
ETag
W/"9af8d0e46f8955a71b440c15e38dd6fe"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
71452784 71316630
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=142
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
40169
Expires
Sun, 04 Sep 2022 12:28:36 GMT
f4_300x250.jpg
cdn.flashtalking.com/155564/instantAssets/ Frame 7F65 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155564/instantAssets/f4_300x250.jpg
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
8ae05b21516547099fd39ee4b2336cbfb1be997c5f5fc8c83e17b3d47cfbd434

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/155564/3772697/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:14 GMT
Last-Modified
Wed, 24 Aug 2022 11:06:55 GMT
Server
Flashtalking (AKA)
ETag
W/"0b6134c75eae59dbf7d3b16b0db294ac"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
67293914
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=142
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
26404
Expires
Sun, 04 Sep 2022 12:28:36 GMT
f5_300x250.jpg
cdn.flashtalking.com/155564/instantAssets/ Frame 7F65 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/155564/instantAssets/f5_300x250.jpg
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-47.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
d66055eaf222d4d2b4dd6db0b58a832472e92a7fe324299b5071feb936b9723a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.flashtalking.com/155564/3772697/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:14 GMT
Last-Modified
Wed, 24 Aug 2022 11:06:55 GMT
Server
Flashtalking (AKA)
ETag
W/"725a83b5a9fc9c598146e71df9d4a7e0"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
X-Varnish
68887926
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=142
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
43771
Expires
Sun, 04 Sep 2022 12:28:36 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthemorningtribune.com%2F&domain=themorningtribune.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://themorningtribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 04 Sep 2022 12:26:13 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
427556
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fthemorningtribune.com%2F&domain=themorningtribune.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=Px0zR3x5cEhwWVhIby80YWVaM3B4U2FyRnk4WmMwbWlVbUtYaHZUYUV6M0ZLblMrOVFLczZSSjBCZmJ3aU4reHRQbHBHd2xnS1o0RERwclBSbmpkMU5yWGFwRHpZTzhOUjRubWJRRE9KN0wwYitxMHBjV1FsNHJOYncwdD...
371 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Px0zR3x5cEhwWVhIby80YWVaM3B4U2FyRnk4WmMwbWlVbUtYaHZUYUV6M0ZLblMrOVFLczZSSjBCZmJ3aU4reHRQbHBHd2xnS1o0RERwclBSbmpkMU5yWGFwRHpZTzhOUjRubWJRRE9KN0wwYitxMHBjV1FsNHJOYncwdDcwR2Z1ajd1bzUrbjZQUEU3S24vOG5QZm5XTTg1aTBrSDZZTnV0Vi9xS3JXaU1TejFCYzVncFVmZmR3eGg3RmpkUEU1L2hDSFlnMTNucFhMYzJoQnFzOVI4N2ZnRWR2RW1TeU1BQVhUTUtmZS9ONmh3T1g0NnRzcFdWYVAwOWVxbUFSbS91ZmlHfA&cppv=2
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
53c4a84d181d986474d76c4b33c971fa6237af62e1644ab37219e497d4360fbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1741039
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Px0zR3x5cEhwWVhIby80YWVaM3B4U2FyRnk4WmMwbWlVbUtYaHZUYUV6M0ZLblMrOVFLczZSSjBCZmJ3aU4reHRQbHBHd2xnS1o0RERwclBSbmpkMU5yWGFwRHpZTzhOUjRubWJRRE9KN0wwYitxMHBjV1FsNHJOYncwdDcwR2Z1ajd1bzUrbjZQUEU3S24vOG5QZm5XTTg1aTBrSDZZTnV0Vi9xS3JXaU1TejFCYzVncFVmZmR3eGg3RmpkUEU1L2hDSFlnMTNucFhMYzJoQnFzOVI4N2ZnRWR2RW1TeU1BQVhUTUtmZS9ONmh3T1g0NnRzcFdWYVAwOWVxbUFSbS91ZmlHfA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
292670
content-length
0
expires
0
369.json
id5-sync.com/g/v2/ 		216 B
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/6114/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
7a4cd86f5095c8acd3619ec7f98146027af925e4c6d8e4157cffe0a936867553
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://themorningtribune.com
date
Sun, 04 Sep 2022 12:26:13 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		63 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/6114/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.72.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-72-119.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
23eb999f5846b6a745d534f054d1e29dd4c61fd652190b7f3a1e031b66db6f09

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://themorningtribune.com
cache-control
no-cache
x-server
10.45.24.187
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		63 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/6114/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
07c6e0667798b1c8059b960ad7633c4a0a5f99ef83a4393695caf8f5a7be6ab7

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Sep 2022 12:26:14 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://themorningtribune.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Tue, 04 Oct 2022 12:26:14 GMT
container.html
7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EE28 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:10 GMT
expires
Mon, 04 Sep 2023 12:26:10 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ia_evt&aflvr=true&al=1&qid=COnUpY2R-_kCFbTwuwgdCOkIkA&ns=4023.3999977111816&fs=1&req=https%3A%2F%2F7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ptt=17
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
btn.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 7644 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/btn.png
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30f634e5cee1ff5942cb19c0667435e895c64969f3c9dbab99b06b83d218a924
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 22:02:55 GMT
x-content-type-options
nosniff
age
310999
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1420
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 22:02:55 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D9E1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
243414
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Sep 2022 16:49:20 GMT
expires
Fri, 01 Sep 2023 16:49:20 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 6A8D 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=cXx3ErWWLy&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=cXx3ErWWLy&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 07:51:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 07:51:00 GMT
dot.gif
s0.2mdn.net/ Frame B893 		43 B
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEMPFpSpGxk9Bd9ocdpS2Y40&google_cver=1&google_push=AehlK4AemdtPKbYUKuFXDAzv0OYGj8eDFLY0ctzpdN3OnafsiUP1Zzsx5vRjnMzngFrB8u0EM7m3-hH3gEC897ZL1E06LXEL-iZxkg
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 12:26:14 GMT
pixel
cm.g.doubleclick.net/ Frame B893
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEAumE1W0reEv8xhAoxVvvxU&google_cver=1&google_push=AehlK4Do-Q7IMcfkTo5T5SlEKkBrhO6E0ov-Gi4jSCM56ctx5MsCs-6Ofxx-lnNqcY3Sw8rMJ6sbLDgZSjofHOvD7Jsm4Kp...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEAumE1W0reEv8xhAoxVvvxU&google_cver=1&google_push=AehlK4Do-Q7IMcfkTo5T5SlEKkBrhO6E0ov-Gi4jSCM56ctx5MsCs-6Ofxx-lnNqcY3Sw8rMJ6sbLDgZSjofHOvD7Jsm4...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4Do-Q7IMcfkTo5T5SlEKkBrhO6E0ov-Gi4jSCM56ctx5MsCs-6Ofxx-lnNqcY3Sw8rMJ6sbLDgZSjofHOvD7Jsm4KpUcpbP
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4Do-Q7IMcfkTo5T5SlEKkBrhO6E0ov-Gi4jSCM56ctx5MsCs-6Ofxx-lnNqcY3Sw8rMJ6sbLDgZSjofHOvD7Jsm4KpUcpbP
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4Do-Q7IMcfkTo5T5SlEKkBrhO6E0ov-Gi4jSCM56ctx5MsCs-6Ofxx-lnNqcY3Sw8rMJ6sbLDgZSjofHOvD7Jsm4KpUcpbP
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame B893
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHonjw-Uu-any0XwPwG_o1w&google_cver=1&google_push=AehlK4B-frZ9LGHu0MlopctlMB6hpS2N2Hpt_84RHkuRTdbLewuC1QBEPkFdeBcqCsNArA9Zf-XOxzBm...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDk0MzQ1NDMxNDQwNDAyOA&google_push=AehlK4B-frZ9LGHu0MlopctlMB6hpS2N2Hpt_84RHkuRTdbLewuC1QBEPkFdeBcqCsNArA9Zf-XOxz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDk0MzQ1NDMxNDQwNDAyOA&google_push=AehlK4B-frZ9LGHu0MlopctlMB6hpS2N2Hpt_84RHkuRTdbLewuC1QBEPkFdeBcqCsNArA9Zf-XOxzBmkEmh5hOoneDW97m7iea2
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE3NDk0MzQ1NDMxNDQwNDAyOA&google_push=AehlK4B-frZ9LGHu0MlopctlMB6hpS2N2Hpt_84RHkuRTdbLewuC1QBEPkFdeBcqCsNArA9Zf-XOxzBmkEmh5hOoneDW97m7iea2
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame B893
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDafq4NYMJJbZu5QFF6WfW8&google_cver=1&google_push=AehlK4DmkSYrmBOWB39qJ5dLkgLixVdELtV3-WIBN_09vS0fkJ0TI-UCD0WbDZ4bDQMtvbEgEAa...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdOQjVEWU0tMVQtS1dSWg==&google_push=AehlK4DmkSYrmBOWB39qJ5dLkgLixVdELtV3-WIBN_09vS0fkJ0TI-UCD0WbDZ4bDQMtvbEgEAa1j3SgLBNUmC09EOW5eHdFBTepnQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdOQjVEWU0tMVQtS1dSWg==&google_push=AehlK4DmkSYrmBOWB39qJ5dLkgLixVdELtV3-WIBN_09vS0fkJ0TI-UCD0WbDZ4bDQMtvbEgEAa1j3SgLBNUmC09EOW5eHdFBTepnQ
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdOQjVEWU0tMVQtS1dSWg==&google_push=AehlK4DmkSYrmBOWB39qJ5dLkgLixVdELtV3-WIBN_09vS0fkJ0TI-UCD0WbDZ4bDQMtvbEgEAa1j3SgLBNUmC09EOW5eHdFBTepnQ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame B893
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEC9sdZRfyTckJGTVl-Zlejk&google_cver=1&google_push=AehlK4Cdjb3NL01yZTdb1hT7SlsJdntQup24mF-06ztHys4DZ4JaNGoukxiPjJm4CQwjuYHc_Ag2-10NuxuGGaSC8...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEC9sdZRfyTckJGTVl-Zlejk&google_cver=1&google_push=AehlK4Cdjb3NL01yZTdb1hT7SlsJdntQup24mF-06ztHys4DZ4JaNGoukxiPjJm4CQwjuYHc_Ag2-10NuxuGGaSC8...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4Cdjb3NL01yZTdb1hT7SlsJdntQup24mF-06ztHys4DZ4JaNGoukxiPjJm4CQwjuYHc_Ag2-10NuxuGGaSC8ljkcJSL6m9fHw&google_hm=FQoKqGZH0TR4l0ffSF6R...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4Cdjb3NL01yZTdb1hT7SlsJdntQup24mF-06ztHys4DZ4JaNGoukxiPjJm4CQwjuYHc_Ag2-10NuxuGGaSC8ljkcJSL6m9fHw&google_hm=FQoKqGZH0TR4l0ffSF6RYN5n
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 04 Sep 2022 12:26:14 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4Cdjb3NL01yZTdb1hT7SlsJdntQup24mF-06ztHys4DZ4JaNGoukxiPjJm4CQwjuYHc_Ag2-10NuxuGGaSC8ljkcJSL6m9fHw&google_hm=FQoKqGZH0TR4l0ffSF6RYN5n
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame B893
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEL3-kNmb_Ys74vp_-dRcAAw&google_cver=1&google_push=AehlK4AU8o55_YbSoG5D9pMLkD9wV8lMwhnGdULosqxP59pjg-e392dVpsuv3SMMQ7ShBbbW0qyEKk5MmaXUxfSB...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4AU8o55_YbSoG5D9pMLkD9wV8lMwhnGdULosqxP59pjg-e392dVpsuv3SMMQ7ShBbbW0qyEKk5MmaXUxfSBoHJgYk7ebeiykw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4AU8o55_YbSoG5D9pMLkD9wV8lMwhnGdULosqxP59pjg-e392dVpsuv3SMMQ7ShBbbW0qyEKk5MmaXUxfSBoHJgYk7ebeiykw
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 04 Sep 2022 12:26:14 GMT
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4AU8o55_YbSoG5D9pMLkD9wV8lMwhnGdULosqxP59pjg-e392dVpsuv3SMMQ7ShBbbW0qyEKk5MmaXUxfSBoHJgYk7ebeiykw
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
XWOE_lnQcdh-5dpmzAtgYhewmf796dpQdGEQ9RWPc4Nzvanux9Vvnw==
/
onetag-sys.com/match/ Frame B893
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDbF14GWhOYLtOCqBl8jtp4&google_cver=1&google_push=AehlK4B1l7S9cyvsYLUEhGMl5lFKX21_EDul_7YBfmCcE6SemSZsekEUeY3neImDvic95O3fFOa_kMZfhfj...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4B1l7S9cyvsYLUEhGMl5lFKX21_EDul_7YBfmCcE6SemSZsekEUeY3neImDvic95O3fFOa_kMZfhfjduOv9Pyuc_ZzmZHKKxEU
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame B893 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JaoEQyjYYDffyaegoO6P8TXz6TQND-8C4gB919Q4Mg5Otxtjrdkx6sKiJCnmxXPJYEu7b9sw
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame 985A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuymn3qs7aFmabWXHo1nOoa0op6OuCxs_SXfqQc22gmHIDYotYuBhITGfEjCAhVFe8L2X9QoSIfM0irdITpjDHBYQipEabOKqJhPtWD3l5wV4tCaL5tmR2K2DPa_ieszZeEfqNXVw&sai=AMfl-YSTeJWiu4puZxaIWCxm-oBoXyCZK9JQyuBZhruiup9HbEbLzZMadBO8Z89mvYomRJULMS1bjirOe0oME1oskGS5tI3qoaxMCkJnkGcAfshIF-juucQpeIqlZqiuSEVZ0Y8eHGLY7UqAkqCHVp4K&sig=Cg0ArKJSzHOZOLzSQjukEAE&cid=CAQSTgCsnQUxMmXWX-kR7wMV_p8fWwZXINVpwZfJQOti7B2a7Da_ps8znlAzlWg5OlGeDlWB2e2PI0Nc2vhT_hquuxkxNVRdTJJbegIeI38j0A&id=lidar2&mcvt=1031&p=438,765,688,1065&mtos=1031,1031,1031,1031,1031&tos=1031,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1153366966&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662294373022&rpt=225&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Px0zR3x5cEhwWVhIby80YWVaM3B4U2FyRnk4WmMwbWlVbUtYaHZUYUV6M0ZLblMrOVFLczZSSjBCZmJ3aU4reHRQbHBHd2xnS1o0RERwclBSbmpkMU5yWGFwRHpZTzhOUjRubWJRRE9KN0wwYitxMHBjV1FsNHJOYncwdDcwR2Z1ajd1bzUrbjZQUEU3S24vOG5QZm5XTTg1aTBrSDZZTnV0Vi9xS3JXaU1TejFCYzVncFVmZmR3eGg3RmpkUEU1L2hDSFlnMTNucFhMYzJoQnFzOVI4N2ZnRWR2RW1TeU1BQVhUTUtmZS9ONmh3T1g0NnRzcFdWYVAwOWVxbUFSbS91ZmlHfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 04 Sep 2022 12:26:14 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
531710
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
bubble.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 7644 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/bubble.png
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c409f494ee43633c5e2caaeac201b20d165c0bf295d05133ceaf9ac385cab97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 22:02:56 GMT
x-content-type-options
nosniff
age
310998
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11555
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 22:02:56 GMT
css2
fonts.googleapis.com/ Frame EE28 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 04 Sep 2022 11:44:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 04 Sep 2022 12:26:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Sep 2022 12:26:14 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FF40 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYurfwwgEwAQ&v=APEucNW_lLmh5bj863KqqSqN7_Wn8gSXw2dFQx-c0npQuJkup6WfMzo1sZP5ayUPmg2NXf4IArzRP1M1gFs8skApUrhpAT-fL2_ACKGotcSUt3mcubqaub0T0L7QA2GksrIHk_BbGR4o9aLTJrn6SIxQggHLmCgGYX2uHido5aA7W_ung-c3AS0
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 3F12 		85 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AnINs8DCke5BRtNmQS9rKqW5cSTPpsgu2mLFMqP8eGJcrU9I0jggGKqz0Uni4sp5sLOcZXchISHRXf-Z-as_a-3zMuqw&cry=1&dbm_d=AKAmf-BBi3QV8fpCl7qBhS0dhsGWy25qDEQxHLkz0QsSqUw3Y6HG_v7fkfyvt-vcT7g_7Ebsv0ceo_sxCqDSyMe7NsWIxe0mR0kEWnFnRN7KL0XqO2rnWUI5aS2czwUGGo5E4cjo8XgRj38x3XancVEMQmB0G-thyZ_abya-wylZXVY6XY28-Y_XtyHleRMqFpDgwFd_iZPGxafoKcRV-4LUm8wvv06UmJybEv3qD7LJRT0saVtrIuccKxiLX-zrTBBo86FkdcvBA7vi-u4NWP0OgbmPxQBzZarlYu9K8boCBQEl24WUSa_q474FzIZgQy9eeOp7VmnkhpWZbDb_hwThptEjFxKb43wOANa6cL3zSdtE5cbTRsl2mCeHmnFAKtOsHmJDfzvOU0Mkqw0NYbIlvDoiew6DgpP1yNZiH6UYIoNyGF4o1JVffTxjbMJ8an9t8aStHa5__rR7HSpX5PpZLHOBwEe0FumPK42GMCFiwJPcaLMPksa14cSXblU96C--SUkkZrDK-cDv1or9lKpa97ILc9PCvJohB_VoZFJlbajmYkHgGMZ7yPBAdFlSyZUJaHaufuRCIZbPf9qV45Kgnrc1jHxOnubADW-42QBwwhaJHuiqNFj-C5o47IolJ0G1UARRbgvIPE4bzq_NtjUEFledpQhvnd6fCOp6ST0zKmwM2AO5KI5vC0tdyEqkvgZngYvja0jgHFQGYCEB-PCMpIxHKsXeMXiorEj_6tkMouFC28IVUhBX1kbcspXNuMpXI7jwPxcKSYbX_DzHFOgPmhdAwHMeSEhlzNx-czkMrN2X3EHR1GhBNA0-7qWzO0iBz25qXZNoL5JE4gfQPXvUlkvGE87SdBbSMCDNImkLsgEHkoyvvp9d4WgXRU92Jj8vCkadYf9D-oAaRO3p88AbZIqacuG2F95K70boTrcIRHIvceShu2Ov5XFwtMBgUpbdAkBP23-LFOy3ORLvMbFE4deTWdcC-AZZ-_1lVi-Y1r1ZEjNvmLbRQ75-sfw1j0-Al0VfCxcCVwzZgXeX9WGo_bnI2avTGgZ2GoekqvTDXQ2t2Nfmjfeyb_30mXMD3kskzmwW4zq_EumRnqoJMD9d9ii5RApcFAmvT26YBR0x-Qcf-wgmvn7hb74GzQN_jkAckyQmtBz7O7k4l87qzqz5cDJkQs9hpLotW-LvVkX7wnIfE-2uFEv_gl_z6XAcugrSU-D1o0o46h7VWfa1bZyV-bRvyvF1-iNyeY9UiJwiZ0DjB0sRDJncz34B7shkIaTMwTUkBTpT46HC7jnlIHjYSxj2lsGa2_XjoxB2EwYSG5FkRDEneLOZjEc0E_ZSeXBTtggdPldK-kE-KsiPCqhceyRGqY0oWcj6sBE2ewwLw7I_68RStQzACwcfy1rVSkqWKBAowqJEifWpOAPIzwDi2N9VxbejEkjUU0WLVd58raoUhzpXUPrUTxk3I9IcTLtKYznPZBaANtsKQfKN3pCH24XHmvlzoaU8hyc2XGCelg2Xb-K7UaJotJYffR5Ysz0gi3cCcPmu5SuxcZoNSn8ZrkNEQc77TwN0SfY3L2hXs9Udzho9jwG53o9ectn7M-IWgM9KkDvz-zDW-sKpKLojwdB9SNbeT0jCBZ5Xkd3CFgzGyvGYTIydnNbbojxxHl_6kFF7iRlrEu1pVBQpc7wHto4Tu_6FrYtWRRVyAtBqrwm8p9KZGWt_x-4oWG64Io6ClrLd-r1BhA99gfSDzffsw4Z3pl2DK4HfnamvKhN7ojo8zjFIKU36MlFQcxMJ4kf0wMPU6bAJft-KZ4QacIdsVU_TcyC3MT5aTPzMfxf77PLCHNJIr4KEc9l5qrq2p7kpY27nUi0aO7p6dbZnWcrTA0LCHRhl7B07HCl6knPs79efiN4LNFFQ-Q89JuF35NVH1nazaF5Gs5d0YOT-AoKSI-6DKJDf8_CCuvEZ3QR_ReBgZTaiq9VhiT48A2PGYzEqsDQRHntWjbMajWpAPnyhH3mM6ConrQBr2_6VAESWCH46lqUTIyBER_u-i9e3CmOvm7io7A8NQ1Nuy8pdSJbyu8oZsuVLPfa4WBLGnV0ZTtEd0nz_y6SOSE-vTfYuoBkifI1rtDcWsvS01oJxUxIZ5HEm_Me3rM0YaGaTPpoKxW8mo_SEdD2klFQGMdvOogHs0y9ERsy07hD64OVSgQ9zGQQWd0LBw0_DIbtESYSJGdkQ7Yr9KfVyJHVpyBgxHn97-EsxDdoar0ZVYtp_x4KWPay18YDEEgS8gTLhulJ7y6Bqd8bkvyOSFr69VZmO2j8AUpc-38yWmFU2ba8tou3LzEnpU2bjcnm2mEr49WDKNx2Ce5pSIZemBdqlZ8pT7f3N7QqbH9EL0IXUmznrgKgc6tPZt67yeSe5beMWrH5g-Iua5OOjy_Y1ci_Y7eI8W24IueLcXUcXzKEC1NNNKc013uxVFY6qTHqqnHmdfAG6jltmF3JAvD-YpICJ377DZ_vjYgoEPZDcoqSDPoZe70bQzSZBUUNk-5_gdL5_FJqNeovHDiPpAVQ0Fk_UIfOSKTNOAexWEXRJQvbN9wh-4xQVv9pRTvDEXw7f3Df4XGsDRvMYNMcm1mrdrHPOB6KptQGspucuazk21-KtgCIdT1yKkU9zoiZmrXhHd9Q7sYjPD9fU3HxHftVuVAnSty3J5aYD9XwzvxhsRN3hZwklhJfpqamjj2aZZKx-Y3rz2rljvqAqaZ77yA2lSat_1v10yJCmCK-403RjXLOO0YQH6E--DZ8my2sJj2FCqVPK5ZtkqXuAPO0K_P7QW8I0JeD7YW72Ay0kuFcZNrURlCtf56UTjtJmLdfIpZvfjIl-GMOasJjOmp5Dmi2-DGLmCzTR6_q3tF8WJIoF6UHAafVht2EOgoqmA8TPkCxtpNNJL8oXHKiqzX0l5PoVWhcGbSRuKRdRT1IsDn3ReU-1SEs8OWqOT8bJZ5fQu-RVXk4m9E0wasddtcc712iiBBWSW_r4up2xmXtF3dSY_0bSIWJ2WgW7BuMqYAiE-XezFxB7J1m6aRndre83QQV0EkeLilq8WL2kWp6uysssyElAxuoDpdvDZ3aLrtprR7ojerr8hdoJczNtXcerAQxeUJBOjYd28z3LJ-gOFmJ2zqwri5zFLaiMzvN6C00UGpsacnHHfy-l3DFIz37hm-Xxdp-aIRPzBTlyL_wZ9ylxQ2i8tQJnfr8juPSrbMob056-yvU9ydfhvmUEKknQsGGZRXdK8oafpQPEN2Hjj2JUWUsmzy5Oo2Yqdb9-PEYmsf9NXMi7kIK5m17x7jmzvG0c_AMLjR2b5I7VkHJxhrZ9U18tgIBRV4W2tDUYLs4eE_d09tQo0WEcgHrot_7vkqgBnRL78aOvk1NaAaWFQ9IaYKjiT_UteegzhijrF5d7kFxjKOqldai9a0bzEaB0JWebW7epYDUaYAKnmzQ05DXmwcX6ORErvhPjNT9iVsXToQ&cid=CAQSTgCsnQUx7HsbPuog8cheoApVshDIe4kbg6qiZgoUVIG3QMB_RaPemxs-EelbnMkjT2Z10oW2zT_yoDRClD-67fFZ84imrvI3W5DnMtf-IA&rfl=2%2Chttps%253A%252F%252Fthemorningtribune.com%252F%240
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
944ab259cd530aae5297cb47f32500602472d60bb30a2c2e1ca25782c7c9c820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35945
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 3F12 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:10:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
942
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:10:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3F12 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44792
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661945761880069"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Sep 2022 12:26:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 3F12 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:17:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
525
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:17:29 GMT
l
www.google.com/ads/measurement/ Frame 3F12 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfErqRSKWB59ZMhgO6sSGRcNeZlRfEOiiE5pDSj9Y79ehUWODmR2U64Hg6AK-9SumgwuZLamZDMNFkCc1W8xJuQEq67w
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F12 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AP3ZU3g-T9OWazp5obj7NTTmOVPB6H1y40VQtQjA5XFVXA8gulKcAQFSbkIdu94nU7qLuhPLWzb6KTqkK3eluyb2aqb7alkAJSDjsHr1GePwpwyE0
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame EE28 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3d58bcf272258d6dde92e0123d8bd16f3caf1c4a025147c5964fe778e064e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:17:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
546
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8311
x-xss-protection
0
server
cafe
etag
13410161823615325117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:17:08 GMT
btn_cta_arrow.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 6A8D 		363 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7024728442041512453/btn_cta_arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=cXx3ErWWLy&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47a278025cea905349e975bf082b6d027e22a536a4b3d370afeb04d8fc5b2ca4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=cXx3ErWWLy&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144084
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
265
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 10:58:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 20:24:50 GMT
kia.woff
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 6A8D 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7024728442041512453/kia.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=cXx3ErWWLy&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=cXx3ErWWLy&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 20:02:53 GMT
x-content-type-options
nosniff
age
491001
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23072
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 10:58:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Aug 2023 20:02:53 GMT
dieter.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 7644 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/dieter.png
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7d6728628ef211d3b30f62aae45ab63fd79dc5ab17ad2dcf6f1bbce1268700d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 22:02:56 GMT
x-content-type-options
nosniff
age
310998
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5444
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 22:02:56 GMT
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame D9E1 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 16:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Sep 2023 16:16:51 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 442E 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuEGG-JQfg3QRD39g1Qm3J-2s-I5RdBDUjv_UVw-2HPmuJt2HPKZAvzslbQ96KaK7aiEdCyS9kQbU18mIYyt1RFFjvfuLGwUCF-GMepGpnbhHjkcy_lkOtEOqJfLzRhMquZ2z92eS2fEpil7ixWb2Hg9A9J9rP8WfOcCbNYTiXnH4QtPq2zT-Qxx-S7CRj4w9uWcQwJrp3p-XKUkdodcXlC7fQPJS3FVR-8onH5IumN2N1-UOx8cLGm6WfuZPErrt1uYdgaQbHLCe6217OK9APpejTuSyVT6-XHMMQkZcpTxLOCV24xDqr0uFQ4iwjuPF3LWTuWK0J6ycnLIr0z4y2bKjuixF21h7n3td_6vpsWUvyFk7dfqvPtVK3TWkgHoSwLMMnl3GdQmJDS_jXEi2xEdL5fmwoEoY_dq9JC1jFfoGKBosNxAaDUnRWJ0zw_UybgYghXUFSsP7lQZCGPPmmFaBeEL2ovPLAitT0xV2c8MDckS-zqqZuDN-N6VSMXt0b5zZGiPIBvG1-9ralrJudfMQPTvjWo1gQcr5L4HkeMuJQf9QAusKTL5RN0mrENpKbXrFBaSm22cngiKHE6M11Pz0V7DW0SoVly1H9pPQ2C9KOY2EUWkh9CLjpL7TVj2zRDwESzSNYRZQNp7fJ6gOGa5G3XHM4WvTt8eikpyeYPkpYbhVRBzP01jN8qhj7i_dmu1uNL8KqZ4vuEqUmRD0FEn7CG9HAaos30bhwWoK1Lq5QHh5OFieLLr-lG-mHuTQpmwDxy8oENdVZVG-DPvXvy4lqN_j6blZL0I2oUP4ucxEsekhVyIoCPvJ2P8fGRNBjvLYKStWf67KHMxBfaQjH4uMIA9BYeOXmTh1VoIMd-w4IuQRXnR1lqHaXkt2P2MtuNfKfwIf-AfW6zzNesGdjbQNoWXTSMC3oDMxiY0q7DrH38gg2uh3EW6SOgjrVNgxDQ5DYNPrIK6EOX30bdyhedOLOagh-EAgyQ8CjwcFUh7UipZKoejgZrYkzrhaW-dBOnRORIvjNQNDBkGwDZyo0ASewbeQkXy9q966BXweqN0vClHgVvzEehvIsjbWsF95N4XPYCOpwqHlEa1hTeXudCfnUyTRrGXLWxy09Nx2t_-QE05IzqYzzTWBYLXvG3_9oy5bCjXoSWps64-6uUTbENYmz6k_lenuHfinPK8divSIs2s5R5nKmFcL7ONoG2EMEzfxdelGiYGC4zN0UXleZ370eUqMMe8wFJStGL4EO2Azcmk1oo_TL2Foq-x8mThHKiSQB1nYLQ_yr-YvF_D0cEIJUdjwo1GQFOMfS-5L6bLCU6Ds1-FA&sai=AMfl-YS9hY8dSp79Fb3z-ARC_eeW6fmVu1sPchbzw9aWPnnek4PX9tpZYZfirm4FcbzA3HJMt_kbxbPuTg06AEJZRYP7tFwvkuclqUuwht1spUf5PVjhw1cl_huJz21hYJAT0UZgDFT_jwt3M0XMfNTrb3PPhduu6GRwbS_tVpS2oi7cvy04DQF_1xQhS3cL59EG0Jgg9iotcZeg7zElZS7pB54ayVinehGjCNwP7i8JuaDbXEmS5_l95mPz8Kjv6JApqkYWewXx8GRdQB-GoDNbIUJt9EDGh2E_3ItsaMxNAywzzT3ntzBnuT5kPQ&sig=Cg0ArKJSzOxmEnbt4shwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=340&vt=11&dtpt=248&dett=3&cstd=89&cisv=r20220831.26067&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Sep 2022 12:26:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sd
us-u.openx.net/w/1.0/ Frame FF40
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKbxu7052dmv2VeWzPKSeo&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKbxu7052dmv2VeWzPKSeo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYurfwwgEwAQ&v=APEucNW_lLmh5bj863KqqSqN7_Wn8gSXw2dFQx-c0npQuJkup6WfMzo1sZP5ayUPmg2NXf4IArzRP1M1gFs8skApUrhpAT-fL2_ACKGotcSUt3mcubqaub0T0L7QA2GksrIHk_BbGR4o9aLTJrn6SIxQggHLmCgGYX2uHido5aA7W_ung-c3AS0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEKbxu7052dmv2VeWzPKSeo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame FF40 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYurfwwgEwAQ&v=APEucNW_lLmh5bj863KqqSqN7_Wn8gSXw2dFQx-c0npQuJkup6WfMzo1sZP5ayUPmg2NXf4IArzRP1M1gFs8skApUrhpAT-fL2_ACKGotcSUt3mcubqaub0T0L7QA2GksrIHk_BbGR4o9aLTJrn6SIxQggHLmCgGYX2uHido5aA7W_ung-c3AS0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame FF40
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESECial8zTFsYmI4D3EvuKqHA&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESECial8zTFsYmI4D3EvuKqHA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYurfwwgEwAQ&v=APEucNW_lLmh5bj863KqqSqN7_Wn8gSXw2dFQx-c0npQuJkup6WfMzo1sZP5ayUPmg2NXf4IArzRP1M1gFs8skApUrhpAT-fL2_ACKGotcSUt3mcubqaub0T0L7QA2GksrIHk_BbGR4o9aLTJrn6SIxQggHLmCgGYX2uHido5aA7W_ung-c3AS0
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 04 Sep 2022 12:26:14 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESECial8zTFsYmI4D3EvuKqHA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame FF40 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYurfwwgEwAQ&v=APEucNW_lLmh5bj863KqqSqN7_Wn8gSXw2dFQx-c0npQuJkup6WfMzo1sZP5ayUPmg2NXf4IArzRP1M1gFs8skApUrhpAT-fL2_ACKGotcSUt3mcubqaub0T0L7QA2GksrIHk_BbGR4o9aLTJrn6SIxQggHLmCgGYX2uHido5aA7W_ung-c3AS0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 04 Sep 2022 12:26:14 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif
h1.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 7644 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h1.png
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc7154e7e7fdd3d5dbc82764f1a95a5ed863553b8981324adc409172e2e90184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 22:02:56 GMT
x-content-type-options
nosniff
age
310998
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1167
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 22:02:56 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 3F12 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/verify/?AnjaliAroraMMSVideo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Origin
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 07:50:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16518
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 07:50:56 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 3F12 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AnINs8DCke5BRtNmQS9rKqW5cSTPpsgu2mLFMqP8eGJcrU9I0jggGKqz0Uni4sp5sLOcZXchISHRXf-Z-as_a-3zMuqw&cry=1&dbm_d=AKAmf-BBi3QV8fpCl7qBhS0dhsGWy25qDEQxHLkz0QsSqUw3Y6HG_v7fkfyvt-vcT7g_7Ebsv0ceo_sxCqDSyMe7NsWIxe0mR0kEWnFnRN7KL0XqO2rnWUI5aS2czwUGGo5E4cjo8XgRj38x3XancVEMQmB0G-thyZ_abya-wylZXVY6XY28-Y_XtyHleRMqFpDgwFd_iZPGxafoKcRV-4LUm8wvv06UmJybEv3qD7LJRT0saVtrIuccKxiLX-zrTBBo86FkdcvBA7vi-u4NWP0OgbmPxQBzZarlYu9K8boCBQEl24WUSa_q474FzIZgQy9eeOp7VmnkhpWZbDb_hwThptEjFxKb43wOANa6cL3zSdtE5cbTRsl2mCeHmnFAKtOsHmJDfzvOU0Mkqw0NYbIlvDoiew6DgpP1yNZiH6UYIoNyGF4o1JVffTxjbMJ8an9t8aStHa5__rR7HSpX5PpZLHOBwEe0FumPK42GMCFiwJPcaLMPksa14cSXblU96C--SUkkZrDK-cDv1or9lKpa97ILc9PCvJohB_VoZFJlbajmYkHgGMZ7yPBAdFlSyZUJaHaufuRCIZbPf9qV45Kgnrc1jHxOnubADW-42QBwwhaJHuiqNFj-C5o47IolJ0G1UARRbgvIPE4bzq_NtjUEFledpQhvnd6fCOp6ST0zKmwM2AO5KI5vC0tdyEqkvgZngYvja0jgHFQGYCEB-PCMpIxHKsXeMXiorEj_6tkMouFC28IVUhBX1kbcspXNuMpXI7jwPxcKSYbX_DzHFOgPmhdAwHMeSEhlzNx-czkMrN2X3EHR1GhBNA0-7qWzO0iBz25qXZNoL5JE4gfQPXvUlkvGE87SdBbSMCDNImkLsgEHkoyvvp9d4WgXRU92Jj8vCkadYf9D-oAaRO3p88AbZIqacuG2F95K70boTrcIRHIvceShu2Ov5XFwtMBgUpbdAkBP23-LFOy3ORLvMbFE4deTWdcC-AZZ-_1lVi-Y1r1ZEjNvmLbRQ75-sfw1j0-Al0VfCxcCVwzZgXeX9WGo_bnI2avTGgZ2GoekqvTDXQ2t2Nfmjfeyb_30mXMD3kskzmwW4zq_EumRnqoJMD9d9ii5RApcFAmvT26YBR0x-Qcf-wgmvn7hb74GzQN_jkAckyQmtBz7O7k4l87qzqz5cDJkQs9hpLotW-LvVkX7wnIfE-2uFEv_gl_z6XAcugrSU-D1o0o46h7VWfa1bZyV-bRvyvF1-iNyeY9UiJwiZ0DjB0sRDJncz34B7shkIaTMwTUkBTpT46HC7jnlIHjYSxj2lsGa2_XjoxB2EwYSG5FkRDEneLOZjEc0E_ZSeXBTtggdPldK-kE-KsiPCqhceyRGqY0oWcj6sBE2ewwLw7I_68RStQzACwcfy1rVSkqWKBAowqJEifWpOAPIzwDi2N9VxbejEkjUU0WLVd58raoUhzpXUPrUTxk3I9IcTLtKYznPZBaANtsKQfKN3pCH24XHmvlzoaU8hyc2XGCelg2Xb-K7UaJotJYffR5Ysz0gi3cCcPmu5SuxcZoNSn8ZrkNEQc77TwN0SfY3L2hXs9Udzho9jwG53o9ectn7M-IWgM9KkDvz-zDW-sKpKLojwdB9SNbeT0jCBZ5Xkd3CFgzGyvGYTIydnNbbojxxHl_6kFF7iRlrEu1pVBQpc7wHto4Tu_6FrYtWRRVyAtBqrwm8p9KZGWt_x-4oWG64Io6ClrLd-r1BhA99gfSDzffsw4Z3pl2DK4HfnamvKhN7ojo8zjFIKU36MlFQcxMJ4kf0wMPU6bAJft-KZ4QacIdsVU_TcyC3MT5aTPzMfxf77PLCHNJIr4KEc9l5qrq2p7kpY27nUi0aO7p6dbZnWcrTA0LCHRhl7B07HCl6knPs79efiN4LNFFQ-Q89JuF35NVH1nazaF5Gs5d0YOT-AoKSI-6DKJDf8_CCuvEZ3QR_ReBgZTaiq9VhiT48A2PGYzEqsDQRHntWjbMajWpAPnyhH3mM6ConrQBr2_6VAESWCH46lqUTIyBER_u-i9e3CmOvm7io7A8NQ1Nuy8pdSJbyu8oZsuVLPfa4WBLGnV0ZTtEd0nz_y6SOSE-vTfYuoBkifI1rtDcWsvS01oJxUxIZ5HEm_Me3rM0YaGaTPpoKxW8mo_SEdD2klFQGMdvOogHs0y9ERsy07hD64OVSgQ9zGQQWd0LBw0_DIbtESYSJGdkQ7Yr9KfVyJHVpyBgxHn97-EsxDdoar0ZVYtp_x4KWPay18YDEEgS8gTLhulJ7y6Bqd8bkvyOSFr69VZmO2j8AUpc-38yWmFU2ba8tou3LzEnpU2bjcnm2mEr49WDKNx2Ce5pSIZemBdqlZ8pT7f3N7QqbH9EL0IXUmznrgKgc6tPZt67yeSe5beMWrH5g-Iua5OOjy_Y1ci_Y7eI8W24IueLcXUcXzKEC1NNNKc013uxVFY6qTHqqnHmdfAG6jltmF3JAvD-YpICJ377DZ_vjYgoEPZDcoqSDPoZe70bQzSZBUUNk-5_gdL5_FJqNeovHDiPpAVQ0Fk_UIfOSKTNOAexWEXRJQvbN9wh-4xQVv9pRTvDEXw7f3Df4XGsDRvMYNMcm1mrdrHPOB6KptQGspucuazk21-KtgCIdT1yKkU9zoiZmrXhHd9Q7sYjPD9fU3HxHftVuVAnSty3J5aYD9XwzvxhsRN3hZwklhJfpqamjj2aZZKx-Y3rz2rljvqAqaZ77yA2lSat_1v10yJCmCK-403RjXLOO0YQH6E--DZ8my2sJj2FCqVPK5ZtkqXuAPO0K_P7QW8I0JeD7YW72Ay0kuFcZNrURlCtf56UTjtJmLdfIpZvfjIl-GMOasJjOmp5Dmi2-DGLmCzTR6_q3tF8WJIoF6UHAafVht2EOgoqmA8TPkCxtpNNJL8oXHKiqzX0l5PoVWhcGbSRuKRdRT1IsDn3ReU-1SEs8OWqOT8bJZ5fQu-RVXk4m9E0wasddtcc712iiBBWSW_r4up2xmXtF3dSY_0bSIWJ2WgW7BuMqYAiE-XezFxB7J1m6aRndre83QQV0EkeLilq8WL2kWp6uysssyElAxuoDpdvDZ3aLrtprR7ojerr8hdoJczNtXcerAQxeUJBOjYd28z3LJ-gOFmJ2zqwri5zFLaiMzvN6C00UGpsacnHHfy-l3DFIz37hm-Xxdp-aIRPzBTlyL_wZ9ylxQ2i8tQJnfr8juPSrbMob056-yvU9ydfhvmUEKknQsGGZRXdK8oafpQPEN2Hjj2JUWUsmzy5Oo2Yqdb9-PEYmsf9NXMi7kIK5m17x7jmzvG0c_AMLjR2b5I7VkHJxhrZ9U18tgIBRV4W2tDUYLs4eE_d09tQo0WEcgHrot_7vkqgBnRL78aOvk1NaAaWFQ9IaYKjiT_UteegzhijrF5d7kFxjKOqldai9a0bzEaB0JWebW7epYDUaYAKnmzQ05DXmwcX6ORErvhPjNT9iVsXToQ&cid=CAQSTgCsnQUx7HsbPuog8cheoApVshDIe4kbg6qiZgoUVIG3QMB_RaPemxs-EelbnMkjT2Z10oW2zT_yoDRClD-67fFZ84imrvI3W5DnMtf-IA&rfl=2%2Chttps%253A%252F%252Fthemorningtribune.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:03:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1356
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:03:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 3F12 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AnINs8DCke5BRtNmQS9rKqW5cSTPpsgu2mLFMqP8eGJcrU9I0jggGKqz0Uni4sp5sLOcZXchISHRXf-Z-as_a-3zMuqw&cry=1&dbm_d=AKAmf-BBi3QV8fpCl7qBhS0dhsGWy25qDEQxHLkz0QsSqUw3Y6HG_v7fkfyvt-vcT7g_7Ebsv0ceo_sxCqDSyMe7NsWIxe0mR0kEWnFnRN7KL0XqO2rnWUI5aS2czwUGGo5E4cjo8XgRj38x3XancVEMQmB0G-thyZ_abya-wylZXVY6XY28-Y_XtyHleRMqFpDgwFd_iZPGxafoKcRV-4LUm8wvv06UmJybEv3qD7LJRT0saVtrIuccKxiLX-zrTBBo86FkdcvBA7vi-u4NWP0OgbmPxQBzZarlYu9K8boCBQEl24WUSa_q474FzIZgQy9eeOp7VmnkhpWZbDb_hwThptEjFxKb43wOANa6cL3zSdtE5cbTRsl2mCeHmnFAKtOsHmJDfzvOU0Mkqw0NYbIlvDoiew6DgpP1yNZiH6UYIoNyGF4o1JVffTxjbMJ8an9t8aStHa5__rR7HSpX5PpZLHOBwEe0FumPK42GMCFiwJPcaLMPksa14cSXblU96C--SUkkZrDK-cDv1or9lKpa97ILc9PCvJohB_VoZFJlbajmYkHgGMZ7yPBAdFlSyZUJaHaufuRCIZbPf9qV45Kgnrc1jHxOnubADW-42QBwwhaJHuiqNFj-C5o47IolJ0G1UARRbgvIPE4bzq_NtjUEFledpQhvnd6fCOp6ST0zKmwM2AO5KI5vC0tdyEqkvgZngYvja0jgHFQGYCEB-PCMpIxHKsXeMXiorEj_6tkMouFC28IVUhBX1kbcspXNuMpXI7jwPxcKSYbX_DzHFOgPmhdAwHMeSEhlzNx-czkMrN2X3EHR1GhBNA0-7qWzO0iBz25qXZNoL5JE4gfQPXvUlkvGE87SdBbSMCDNImkLsgEHkoyvvp9d4WgXRU92Jj8vCkadYf9D-oAaRO3p88AbZIqacuG2F95K70boTrcIRHIvceShu2Ov5XFwtMBgUpbdAkBP23-LFOy3ORLvMbFE4deTWdcC-AZZ-_1lVi-Y1r1ZEjNvmLbRQ75-sfw1j0-Al0VfCxcCVwzZgXeX9WGo_bnI2avTGgZ2GoekqvTDXQ2t2Nfmjfeyb_30mXMD3kskzmwW4zq_EumRnqoJMD9d9ii5RApcFAmvT26YBR0x-Qcf-wgmvn7hb74GzQN_jkAckyQmtBz7O7k4l87qzqz5cDJkQs9hpLotW-LvVkX7wnIfE-2uFEv_gl_z6XAcugrSU-D1o0o46h7VWfa1bZyV-bRvyvF1-iNyeY9UiJwiZ0DjB0sRDJncz34B7shkIaTMwTUkBTpT46HC7jnlIHjYSxj2lsGa2_XjoxB2EwYSG5FkRDEneLOZjEc0E_ZSeXBTtggdPldK-kE-KsiPCqhceyRGqY0oWcj6sBE2ewwLw7I_68RStQzACwcfy1rVSkqWKBAowqJEifWpOAPIzwDi2N9VxbejEkjUU0WLVd58raoUhzpXUPrUTxk3I9IcTLtKYznPZBaANtsKQfKN3pCH24XHmvlzoaU8hyc2XGCelg2Xb-K7UaJotJYffR5Ysz0gi3cCcPmu5SuxcZoNSn8ZrkNEQc77TwN0SfY3L2hXs9Udzho9jwG53o9ectn7M-IWgM9KkDvz-zDW-sKpKLojwdB9SNbeT0jCBZ5Xkd3CFgzGyvGYTIydnNbbojxxHl_6kFF7iRlrEu1pVBQpc7wHto4Tu_6FrYtWRRVyAtBqrwm8p9KZGWt_x-4oWG64Io6ClrLd-r1BhA99gfSDzffsw4Z3pl2DK4HfnamvKhN7ojo8zjFIKU36MlFQcxMJ4kf0wMPU6bAJft-KZ4QacIdsVU_TcyC3MT5aTPzMfxf77PLCHNJIr4KEc9l5qrq2p7kpY27nUi0aO7p6dbZnWcrTA0LCHRhl7B07HCl6knPs79efiN4LNFFQ-Q89JuF35NVH1nazaF5Gs5d0YOT-AoKSI-6DKJDf8_CCuvEZ3QR_ReBgZTaiq9VhiT48A2PGYzEqsDQRHntWjbMajWpAPnyhH3mM6ConrQBr2_6VAESWCH46lqUTIyBER_u-i9e3CmOvm7io7A8NQ1Nuy8pdSJbyu8oZsuVLPfa4WBLGnV0ZTtEd0nz_y6SOSE-vTfYuoBkifI1rtDcWsvS01oJxUxIZ5HEm_Me3rM0YaGaTPpoKxW8mo_SEdD2klFQGMdvOogHs0y9ERsy07hD64OVSgQ9zGQQWd0LBw0_DIbtESYSJGdkQ7Yr9KfVyJHVpyBgxHn97-EsxDdoar0ZVYtp_x4KWPay18YDEEgS8gTLhulJ7y6Bqd8bkvyOSFr69VZmO2j8AUpc-38yWmFU2ba8tou3LzEnpU2bjcnm2mEr49WDKNx2Ce5pSIZemBdqlZ8pT7f3N7QqbH9EL0IXUmznrgKgc6tPZt67yeSe5beMWrH5g-Iua5OOjy_Y1ci_Y7eI8W24IueLcXUcXzKEC1NNNKc013uxVFY6qTHqqnHmdfAG6jltmF3JAvD-YpICJ377DZ_vjYgoEPZDcoqSDPoZe70bQzSZBUUNk-5_gdL5_FJqNeovHDiPpAVQ0Fk_UIfOSKTNOAexWEXRJQvbN9wh-4xQVv9pRTvDEXw7f3Df4XGsDRvMYNMcm1mrdrHPOB6KptQGspucuazk21-KtgCIdT1yKkU9zoiZmrXhHd9Q7sYjPD9fU3HxHftVuVAnSty3J5aYD9XwzvxhsRN3hZwklhJfpqamjj2aZZKx-Y3rz2rljvqAqaZ77yA2lSat_1v10yJCmCK-403RjXLOO0YQH6E--DZ8my2sJj2FCqVPK5ZtkqXuAPO0K_P7QW8I0JeD7YW72Ay0kuFcZNrURlCtf56UTjtJmLdfIpZvfjIl-GMOasJjOmp5Dmi2-DGLmCzTR6_q3tF8WJIoF6UHAafVht2EOgoqmA8TPkCxtpNNJL8oXHKiqzX0l5PoVWhcGbSRuKRdRT1IsDn3ReU-1SEs8OWqOT8bJZ5fQu-RVXk4m9E0wasddtcc712iiBBWSW_r4up2xmXtF3dSY_0bSIWJ2WgW7BuMqYAiE-XezFxB7J1m6aRndre83QQV0EkeLilq8WL2kWp6uysssyElAxuoDpdvDZ3aLrtprR7ojerr8hdoJczNtXcerAQxeUJBOjYd28z3LJ-gOFmJ2zqwri5zFLaiMzvN6C00UGpsacnHHfy-l3DFIz37hm-Xxdp-aIRPzBTlyL_wZ9ylxQ2i8tQJnfr8juPSrbMob056-yvU9ydfhvmUEKknQsGGZRXdK8oafpQPEN2Hjj2JUWUsmzy5Oo2Yqdb9-PEYmsf9NXMi7kIK5m17x7jmzvG0c_AMLjR2b5I7VkHJxhrZ9U18tgIBRV4W2tDUYLs4eE_d09tQo0WEcgHrot_7vkqgBnRL78aOvk1NaAaWFQ9IaYKjiT_UteegzhijrF5d7kFxjKOqldai9a0bzEaB0JWebW7epYDUaYAKnmzQ05DXmwcX6ORErvhPjNT9iVsXToQ&cid=CAQSTgCsnQUx7HsbPuog8cheoApVshDIe4kbg6qiZgoUVIG3QMB_RaPemxs-EelbnMkjT2Z10oW2zT_yoDRClD-67fFZ84imrvI3W5DnMtf-IA&rfl=2%2Chttps%253A%252F%252Fthemorningtribune.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:24:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11778
x-xss-protection
0
server
cafe
etag
15541287485089275602
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Sep 2022 12:24:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6A8D 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65feceacb04f597834fb80b25e72b122e8a467ed8d73b61206a61004cde683d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Sep 2022 12:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5634
x-xss-protection
0
h2.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 7644 		691 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h2.png
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e6d5cbec4fa0435b5307accc162df34fff6f4eb29050eaf1bc2ce28e2c4cdf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 22:02:56 GMT
x-content-type-options
nosniff
age
310998
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
691
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 22:02:56 GMT
motif.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 6A8D 		451 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7024728442041512453/motif.svg
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
524c55c8d2300cce448d346b995650dc7fcd703ab0c3734c057147b5c69d3773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=cXx3ErWWLy&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:24:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144081
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 10:58:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 20:24:53 GMT
logo_kia.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 6A8D 		1 KB
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7024728442041512453/logo_kia.svg
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=cXx3ErWWLy&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 20:24:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144081
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
674
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 10:58:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 02 Sep 2023 20:24:53 GMT
23717839_20211129024308338_bg_01.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 6A8D 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211129024308338_bg_01.jpg
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11e26dec596142c21e667ba0ac19e731f6f65f2a5151f6f7515486bba9eacc6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=cXx3ErWWLy&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:35:28 GMT
x-content-type-options
nosniff
age
82246
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33153
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 10:43:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 04 Sep 2022 13:35:28 GMT
23717839_20211129024311596_bg_02.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 6A8D 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211129024311596_bg_02.jpg
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d44ad22ec2d377c2fbf5ea484ff9dc9de9c9c2951bd60e439f48bf1933136102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=cXx3ErWWLy&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:46:53 GMT
x-content-type-options
nosniff
age
81561
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47653
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 10:43:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 04 Sep 2022 13:46:53 GMT
23717839_20211129024314763_bg_03.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 6A8D 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211129024314763_bg_03.jpg
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45f76e06a4f9e2cf17c0a5369b5431deecf8a3e3663968b1697ba3036d5d614e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=cXx3ErWWLy&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 08:46:27 GMT
x-content-type-options
nosniff
age
13187
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39983
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 10:43:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Sep 2022 08:46:27 GMT
23717839_20211129024318002_bg_04.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 6A8D 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211129024318002_bg_04.jpg
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3cece78973668b50c0fa355e7ec2e74650487062c5231c4aada5ca0cd9ab00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=cXx3ErWWLy&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 13:35:28 GMT
x-content-type-options
nosniff
age
82246
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29545
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 10:43:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 04 Sep 2022 13:35:28 GMT
DE_Consideration_OmnichannelGuide_DIS_HTML5_300x250.html
s0.2mdn.net/sadbundle/17624324709191354189/ Frame BDE7 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17624324709191354189/DE_Consideration_OmnichannelGuide_DIS_HTML5_300x250.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3a572859712e29d256079cf43667752eefdb18ec15072d217b1e0bd76fd7f89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
337233
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3105
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 14:45:41 GMT
expires
Thu, 31 Aug 2023 14:45:41 GMT
last-modified
Sun, 20 Feb 2022 14:05:19 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3F12 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 16:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243414
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 16:49:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 06D6 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
83459
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Sep 2022 13:15:15 GMT
etag
48472445140208031
expires
Sun, 04 Sep 2022 13:15:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
h3.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 7644 		826 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h3.png
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1785cd16abf8a5b653b566a70daae72ddda696445bd3b40b810d65137e23985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 22:02:56 GMT
x-content-type-options
nosniff
age
310998
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
826
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 22:02:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 896F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUY8IZZkUY9ngKeON3gORoYPoBwAAAAA4AeAEAg&bg=!h4SlhMDNAAZTikH4c4o7ACkAdvg8WlwlcCeKbL2TxV0cKeoNFKfRQCHdBm7rCWdghdUORxBNA89ENAIAAADLUgAAAAFoAQcKADAJ9NT047VzmYeO564jKEAO5nwfdYFNAQ1FcAy4We5giaunabyZeOSLQaWBoBeTofOZAugD7LPhWQh9Y1JM_BVG0zCWBfA6iMcF4y2Kst33tR0DSqkYEZ76qwlgAi7jDaKniZ1W0IiiAVFILJFK6StdX6zR1_jfidTcq6ALNU_KhQGcxlI6CLdLUg17THflil2H-ru9zYhOIEHhHY4E9j_wb1LxRXRpeDpHwDG3J7l6mlUIciR4U6ZKn2XmyLsNXSp1RtPhus18Fx6Rb1M6iBWDHhvC5junQEL_rhPTENq2SltMEF7affDpFKqfNfFGrXu9ngHtY6ux9QB0Sb8TTaEVNERgfekO3vQJNG7VLdq2NivAulGpOlN6HF20y7oyuXPdhO371y6sKhXMhxKgdRa2FESecbIa88Kry7vaTNc1mq_-9ScohGM-YR8j-fUwlTUvZvobmuh_ENryfgbiFKok1be9lelWo1niokuZP7bxh1pHZo9m0MDi-zHzPadF_kpSlygtMLKNiHsYKJojMyozFyo3s7-CayoRfJZOW3cQlqQzqNJiGCHDMXuoegs1zr-24C422zNbZh5kZMR6Rnhw3BLLeNWs8978M_xFdOxK9njyxhBdA3nrIwGc1QXT4JpENqYD8styHARi36TR57Ij-awkVDBwSE_zMZJxsozjcnWvlRu2QSfpUm0kOfWYNZqkBCvQTNV6Bm68RlZ2hQwKVuX7iuXE2eGt0Qc3r0v41LmR3N11EudV2hI8h2AjtiBnppRvgQ5gA5uaJL7KySG89884n0CDMJ15c5Gq_d0U9QPrSPGJoELitB-C_sWf7NvJ_Ati3_6sDPrLjHb9U-fqRxQI7Ul7XsFVP5o91RlJx1dD5TDN3rqx8XFWEDFShaxrCTP3FRjw0hs7JXWRvD4aE0_RQi-m1Pyf0qgrFH4Q2Ax0AqtHcaAND55KQSvSbMOFEb8zF2mt8RbBrTCmUWmjcopvPoILBvqCn63xfmjBRwK7ISoTUNuqtMoHTmyqZCkjMyZNW0Y0n5VJYPRbYwq0kLDHGQ0sX6XYf2o
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6A8D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Sep 2022 12:26:14 GMT
style.css
s0.2mdn.net/sadbundle/17624324709191354189/ Frame BDE7 		3 KB
611 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17624324709191354189/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17624324709191354189/DE_Consideration_OmnichannelGuide_DIS_HTML5_300x250.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8f4944d570d6826ec39e25a63dbeaa322b2e7e8390148183804bb4c8f563446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17624324709191354189/DE_Consideration_OmnichannelGuide_DIS_HTML5_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 14:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
337416
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
574
x-xss-protection
0
last-modified
Sun, 20 Feb 2022 14:05:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 14:42:38 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame BDE7 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17624324709191354189/DE_Consideration_OmnichannelGuide_DIS_HTML5_300x250.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17624324709191354189/DE_Consideration_OmnichannelGuide_DIS_HTML5_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 04 Sep 2022 12:26:14 GMT
animation.js
s0.2mdn.net/sadbundle/17624324709191354189/ Frame BDE7 		2 KB
679 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17624324709191354189/animation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17624324709191354189/DE_Consideration_OmnichannelGuide_DIS_HTML5_300x250.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cba897d646547818a576acc765f386685cdc7d7c947c4bef07b3344efbe66b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17624324709191354189/DE_Consideration_OmnichannelGuide_DIS_HTML5_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 14:42:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
337416
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
641
x-xss-protection
0
last-modified
Sun, 20 Feb 2022 14:05:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 14:42:38 GMT
h4.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 7644 		967 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h4.png
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27f35250bb878747b818e2264255e07ec6d3bb732f367a76769154f072fc4af8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 22:02:56 GMT
x-content-type-options
nosniff
age
310998
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
967
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 22:02:56 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0978 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
243414
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 01 Sep 2022 16:49:20 GMT
expires
Fri, 01 Sep 2023 16:49:20 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
google2waycm.netmng.com/cm/ Frame 06D6 		0
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 06D6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIi9OBvNctQKCRHuIR769bw&google_cver=1&google_push=AehlK4DyUsNHqT6qLJgsuOtTJ4PLEdxRqAjTbw6D4jM-wrd07Em8_td_LQMeszIVzRVEZ22QdqD5klFQ0KvuRxCqbRje9dNkOAmW
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc3MzUyNjk5NjAyNTYwNjQyNw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIi9OBvNctQKCRHuIR769bw&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIi9OBvNctQKCRHuIR769bw&google_cver=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:13 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIi9OBvNctQKCRHuIR769bw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 06D6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEp49UwqnwfrbxoI5ckVhq0&google_cver=1&google_push=AehlK4BVUEhdNq9FYUngG9iOCeblo81GToNf0mDsRJ1hdhLQXZ7WkZkAW7lRUayUPsR_owT7oDr_IQiOjnXEVvE7...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=z1BjFJlmQACSS3xhoYxD0A&google_push=AehlK4BVUEhdNq9FYUngG9iOCeblo81GToNf0mDsRJ1hdhLQXZ7WkZkAW7lRUayUPsR_owT7oDr_IQiOjnXEVvE7duqtKf3f...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=z1BjFJlmQACSS3xhoYxD0A&google_push=AehlK4BVUEhdNq9FYUngG9iOCeblo81GToNf0mDsRJ1hdhLQXZ7WkZkAW7lRUayUPsR_owT7oDr_IQiOjnXEVvE7duqtKf3fuyR7
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 04 Sep 2022 12:26:14 GMT
Server
MT3 4505 5b23575 master cdg-pixel-x14 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=z1BjFJlmQACSS3xhoYxD0A&google_push=AehlK4BVUEhdNq9FYUngG9iOCeblo81GToNf0mDsRJ1hdhLQXZ7WkZkAW7lRUayUPsR_owT7oDr_IQiOjnXEVvE7duqtKf3fuyR7
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 04 Sep 2022 12:26:13 GMT
i.match
a.tribalfusion.com/ Frame 06D6 		43 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEMMO6DAG8CPORFdrBpbgevU&google_cver=1&google_push=AehlK4Cdc6RHFrN5m8NuWwgfXI5XOsxC1nvf8MTsX6oYWHDxjPdCTxPC6GIQgrij4wvCi9q6Th3qYq5QWDpT7kkc3YW_H0cN40yi&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4Cdc6RHFrN5m8NuWwgfXI5XOsxC1nvf8MTsX6oYWHDxjPdCTxPC6GIQgrij4wvCi9q6Th3qYq5QWDpT7kkc3YW_H0cN40yi%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
cf-ray
7456b6610e769be6-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 06D6
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEOdPSRNCw3XzuHaDeYx_W6U&google_cver=1&google_push=AehlK4BNTSFZu6CfN0GPZMAqcy6IuaoyG7aaKE8owXqQg5bXjT4S3m24B9YXkQrBultSuhlM8gfqCa-qXMex1AESCrJs25G4aOw4
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA1Mjk1OTczMDczMzIzMTAwMFYxMA%3d%3d&mn_hm=MzA1Mjk1OTczMDczMzIzMTAwMFYxMA%3d%3d&google_sc=1&google_push=AehlK4BNTSFZu6CfN0GPZMAqcy6Iuao...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA1Mjk1OTczMDczMzIzMTAwMFYxMA%3d%3d&mn_hm=MzA1Mjk1OTczMDczMzIzMTAwMFYxMA%3d%3d&google_sc=1&google_push=AehlK4BNTSFZu6CfN0GPZMAqcy6IuaoyG7aaKE8owXqQg5bXjT4S3m24B9YXkQrBultSuhlM8gfqCa-qXMex1AESCrJs25G4aOw4&gdpr=&gdpr_consent=
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:14 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA1Mjk1OTczMDczMzIzMTAwMFYxMA%3d%3d&mn_hm=MzA1Mjk1OTczMDczMzIzMTAwMFYxMA%3d%3d&google_sc=1&google_push=AehlK4BNTSFZu6CfN0GPZMAqcy6IuaoyG7aaKE8owXqQg5bXjT4S3m24B9YXkQrBultSuhlM8gfqCa-qXMex1AESCrJs25G4aOw4&gdpr=&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Sun, 04 Sep 2022 12:26:14 GMT
sync
ssbsync.smartadserver.com/api/ Frame 06D6 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECb4KPx9HibAy62kCyofvzA&google_cver=1&google_push=AehlK4AXJZxuHD1F3vDFLZadIvdOLFNCrOe42Iqb5_8CBH97Xil82g-gaUCA9BUXbLEwU9vkZdr0vBdUDFWsjXR6MN39tGrNCfNq
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:14 GMT
content-length
0
/
onetag-sys.com/match/ Frame 06D6
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDbF14GWhOYLtOCqBl8jtp4&google_cver=1&google_push=AehlK4AKOsDmVHyCeSgem54ISax6b9noh9MIK8_glqkmjApEkrUV8G3wHwRJ2c5_pl410IhBDaNEH15DWKB...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4AKOsDmVHyCeSgem54ISax6b9noh9MIK8_glqkmjApEkrUV8G3wHwRJ2c5_pl410IhBDaNEH15DWKBoDybiKds2zZd2Le-ZuA
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 06D6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KwiCWHGnYrMYYgy4CFEFFk0hh8Ud_xZO6DQb9XAP_3TxDFroXlrhp8t4IK4-JYY-JkJFpl2Q
Requested by
Host: 7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
URL: https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 5CB3 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 16:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Sep 2023 16:16:51 GMT
h5.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 7644 		621 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h5.png
Requested by
Host: themorningtribune.com
URL: https://themorningtribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1316c59ebb7ebf3879a5d7f1fb1644a34769bcaa22e24ce93d7b2e9c43fa0db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 22:02:53 GMT
x-content-type-options
nosniff
age
311001
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
621
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 22:02:53 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022083101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
910f5b3ccfcd92e728ed7e5f154c59a1ef6a37e507653fc2c975a37a3ae1dd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 04 Sep 2022 12:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11099
x-xss-protection
0
aacxs.php
c.aaxads.com/ Frame 55CB 		22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.aaxads.com/aacxs.php?flg=AAXJ0S45T&fv=1&fy=37&ke=1&suylg=292%2C159%2C97%2C366%2C325%2C272%2C229%2C209%2C274%2C306%2C263%2C175%2C213%2C264%2C291%2C241%2C265%2C267%2C89%2C251%2C178%2C310%2C356%2C203&yvVbqf=1&uhiXuo=https%3A%2F%2Fwww.google.com%2F&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAXJ0S45T&hst=themorningtribune.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.103.89.41 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-89-41.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
65415c10eca74a417e80cad783b8298cd1c3170954541e38cfe4780fab9cabe8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8655
content-type
text/html; charset=UTF-8
date
Sun, 04 Sep 2022 12:26:14 GMT
expires
Tue, 06 Sep 2022 12:26:14 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
h6.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 7644 		682 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/h6.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a7dfd2734ca75fc47845a64852c3ec5869642c6680a400baf9b2f651144d8f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 22:02:53 GMT
x-content-type-options
nosniff
age
311001
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
682
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 22:02:53 GMT
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 0978 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 16:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Sep 2023 16:16:51 GMT
hand.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 7644 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/hand.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fce620efedb3a0ab107c356a4980ebff44cb931313fa31fd201b2e28121cfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 22:02:53 GMT
x-content-type-options
nosniff
age
311001
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1491
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 22:02:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D9E1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-ggnZZkUY5OPOvDK7_UP-eqfiAcAAAAAOAHgBAI&bg=!WlmlWR3NAAZTikH4c4o7ACkAdvg8WoDHSZXIOluTlZTn26mhKErtBPcPMfK1h_I27RE4kVkKmB5TeAIAAACvUgAAAAJoAQeZAusFJ3dU4BmMRBhiaeWCKmIJrMBJJEvEoOINbYhB28vXt60wlfv9vkfceJqnFmbnhDV2IYk1VC2_U7RyFGaJ3Zjp10lv_mNEgdL4yiaaflxnB54Fnkfg5ML7hx5vjU_NL4ER1h_yOY7LB5Jjpu8ZHAqbDlzxyoZIqD5CQdniQBo9xsRnGVI1LRvUz6VX0-2YYz_itLWU3L66kNDiuFvUx7wTJnP9DgOzfysiZP8nE5HuspbhYWHo6aYlNCZv8yKx48pivgBCy3BGYcxdIVotXXhrrLk54mZZ9iMsKvndEvMQV4hCxRu5HgC4nRrDO3xb59cJxUIkn_FKy6MdsgIN6LjijcnqJz7RcyclO_hnEEV91o1wba-5g8QGOOJek4Rzg9XoJOp7oiLJyTWie4Ya721BCm-hCBs2Y8IPyrAvkvopFvhNR5HOKWitDOwNH2lBRPCdQKUPj0gwZr_Dd54Fpm8nUqT0cKqLh0_g455tVr5oUf4VVqUKDodyrZI7AvSO-6Mpnvu_r3mFR1-SKNUa5VN9TnnIHUpmrZuySW-cIkogoGzdBKabyN2HkPnD7KA7BvHaMJtnZniIoXK7zpLW7seS_ZcNpqm_HFtgtAsWYPL6EMkejxBKrHwBrLbTxLdmjNRuOxbcf4OrwesnnqKfYzWqCPqeqPmcYILk79Whn3gmGByIEmYRV2RMRUtgP6jDODAeVtJUgIwhHMCMO5rflay0eRNK99YFHNEDLuY4A9k2Cylm8cwYUzc_5YMWUl-Eo-zm2Oo9wRMN2cmhRnLayQf9mGgWdgTh4wj5Jqbv_elWib3qCA2LJnKvZDU11Vi9jpmkPav65ojx_r3UvAPekpdoc8JnKI0r31Znwjl2oiMsV6wKEaOrflyO3Z4AtF9n03JBnUiHPM2nhh7SKjmBj_5KBcpTW-Iow0go33cVFXTZ1sEyf-dOfstzfMuuqlH6lY1HpQ7Lo5FByGFa4pB7c5djzdjICtrzJ1O0kdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083101.js?cb=31069285
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Sep 2022 12:26:14 GMT
introlog.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 7644 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/introlog.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
deb8237504c89676bea6de8c9995746c9b150c0a7ba958372aea28d3874a7358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 22:02:53 GMT
x-content-type-options
nosniff
age
311001
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3529
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 22:02:53 GMT
siegel.png
s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/ Frame 7644 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/images/siegel.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2041c7780dcb51eb3a3318ba9ad92f69e5dcf1ee0af75bda2b430353a2133d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9072289344726761472/freenet_202207_mobilfunk_Stroeer_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:08:08 GMT
x-content-type-options
nosniff
age
1086
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4943
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:48:38 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Sep 2023 12:08:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6A7F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2626
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 11:42:28 GMT
expires
Mon, 04 Sep 2023 11:42:28 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BE9F 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
90b0327fcf2727eca2d0e6fb654a7ab2ec2ec20b01c7559a8f3708423b22392a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Nix7UEX10HqknHj0zR7vvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-Nix7UEX10HqknHj0zR7vvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:14 GMT
expires
Sun, 04 Sep 2022 12:26:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame 10A6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJ-6Yay8nckSpFpXiCdmmgLxutcfAbD_AGdHhzj3JxVVdYa4LXkY43QFgIwfBkL1tMaZoX0U4gMxm-M70CJ1f01d-yPa5q3FdCzNY_jk5QfSOFkiaHyAjnzDG0GeVQ3sSHjczdlQ&sai=AMfl-YSDULUCWKzRSzfdYdVGlZhGVOTd02YFsJTJ79mhJVjxe9APl25uiKalnpzLPcHRLV15XgGbI3kqXid_ZuXIlMqYLlwVP5GxZn2eoY03apn7st-u87QaWUpxR6MT3jxqGm1cPNsGRul_0Z0SH3ms&sig=Cg0ArKJSzP4WrejD7Di_EAE&cid=CAQSTgCsnQUxtKZ8JQfxKoHYvtY1ffWcLaH9alhF-n9q3AUIrxE-zS7QxDMFfInYFqzgmRFmAk9PKTshjp_Z1x9-QCEQb4ZD72Qt-etupQjUbw&id=lidar2&mcvt=1000&p=808,650,1058,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3237052062&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662294373280&rpt=431&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame 6A7F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 16:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15954
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Sep 2023 16:16:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BE9F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022083101&jk=1236502681305917&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0978 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBb_lZpkUY8qhFJSk9u8Pp_mS2AIAAAAAOAHgBAI&bg=!REelRwPNAAZTikH4c4o7ACkAdvg8WsgjwgwHO0KnXS3IWFomzlHjTNdxJSVg3qSnbOzv9LEexXZ-lQIAAAByUgAAAAJoAQeZA0PSpxwOHzVGYk9NUGWFDJ8ZUCjZjL4v4Olr39cVtH3J8uH1xg_Bq7KHY6F4pkAGsPbxOqfbWYKpHR3TvUzkwu-_y4Yqf09x5HrSV0QENR82Xk0F0hmMV3FYUPwEoNqpYPgjUVPH7PPJgIPUejLomCxtK_MI0a3dMjgs73_8i_TXHw6b5yhkyLRDSvcoQkyp6GOiAX69be4LXZNWDRzrs_bHWB4Kyh5oi6z210sg1Gt9DCHLrZMqthRhuI0DXefrKA6bzLHXsk6piQkJxU37V0wVMRGxcelLUrLWSRCcwpw5B36_zfXRPoKNELVyG4POcCnETk4yY4XYKRlTZRDSU5kvXEIiAISuH3Q75tfGfWvlc_Nq4SHJnzGF-bLlKDaRvgmwHXk0uEIMIAPB3-gRDAVXgsAi8Cz7QZdbEkJrrS4sg-YCu6KWvY0OMprT3aZ06w_WwHqiFC5_VxCZ0ShBB4d8h04NGydHgEZGU6pk2dPyFsff6rqgSyMq1lWD4fk9GHZgYsngwzdcaciykYNlRiokwrAzlrEmJZ0YAuHaF3bZaBMp8qcqvBCQdvo-xZUDNIh55zFzjiuymulAyk1Jf4CUu1V-1Jm_NDbWBnDmTb9NcsTR-RRDc8vSQhqZVEcTKkbFv8DYVZ6HjxMsZS7bWsopORAjpHxOgrGE2oDrM24WFNZS84zbcSMA7JphE4mDLnFWRAS44VyHvB83AgLt5CCd4FnwwI9rYDuE3hMUb9CIDblBkMXvb5GrknfzEeK5mhwDgSwv3OoEGDEf8Mq6CXa1uM9tQIv78p0jgggBg3VAPu15zvnXk6lgOikIdi51yoIqz21eT_5ILJhVo9j3jcrvVX1xwFykGciCudl_kmT-NxomSVOprswoRf_ombUK6YBL6cJtBOgBKt2P4m936DioivHWj22YUEDrzaDZLEcTwhSdCbkSf2SygGeyQzAXJWyqNDamCH1YDGYl5rMSPFUhRsxEr3LGoZsNyluJxSj_alghPhUHP9XgYuzEFMk8w5a0QdEMndUNkMoSzKG1XzXugOZD01iJ3zgJgHbfF8WsJ_z7x42F961EU-JuyAT8_G9x6qVSzLrWpWyebcfyDF-rfVq_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
c21lg-d.media.net/ Frame 55CB 		35 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?___stu13p=5idgihgb3r73nr56xnl0ch00yxnzunr&gho=1&yvlg=3052959740733241000V10&ruljlq=1&iow=0&syjlg[]=028AAX&syjlg[]=041AAX&syjlg[]=054AAX&syjlg[]=076AAX&syjlg[]=080AAX&syjlg[]=097AAX&syjlg[]=109AAX
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXJ0S45T&fv=1&fy=37&ke=1&suylg=292%2C159%2C97%2C366%2C325%2C272%2C229%2C209%2C274%2C306%2C263%2C175%2C213%2C264%2C291%2C241%2C265%2C267%2C89%2C251%2C178%2C310%2C356%2C203&yvVbqf=1&uhiXuo=https%3A%2F%2Fwww.google.com%2F&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.aaxads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:15 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 04 Sep 2022 12:26:15 GMT
generate_204
tpc.googlesyndication.com/ Frame 6A7F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?VAfH5A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 8577 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNOg0eWZqmMvUMm_dbZy9ReYwBwOjCrTbHXVgG8UAvY3sCPDeGP51o6h53Qf_OdsKrfElvmrDfN8aFnqnYiweA_ykXnSMeDndm68rrFV9IR9tn6loOIn99P1cdo4i71U9GRwdIM8YxXc-c-6FpAj7RiEXPQuz8ot5jD9Kxq6CLVW-Y_LFKsLngs0V4WtA-PwiBi1IjMwcZVvCrGmOIR8krJNRUeaLL1QmbBwU9fx8hkZmodn5eGcvcpNJ4WQsrtHTmKLACVTc1ZozDcA_ei0Mdp8NwSE8IKJg-oHR39FRx8ZYK898h381C93OOn93SJawX7aT50S-vuIX6HNT7vZ-SfVwkwUy6Lbsl3IY0Di72_-ShwwDTnKOMiIpe7eJSWPLydQuvhN-MioTJRZ7rZDsMHgxf-Rg77ny5c7nqnO2lPJIh2-IMG7-R6taeNAmI_m0T3oAooEA9Wf0KeujdkMVmUr-nRWr2b9YI5xlzIgkepfGqQI-nzZh1X2qMaddZrtsdWOguA2EfFTxlxULEhKWq30MkOHjvRVBUQoId36DoNY9Z7N4-0E3NNUUvib-Qpxvn4cUgMIYS0TsM1AnIKUmvrhiCUyK2pxZSjISXQwOTrfNcuo-nEEQdTx5o3WVHYu4tf_JQUqg1KcFFPQHDVb1xfkr71jIVMGuQ1j-Ii6h8daOmbjDmVqFQk9mVI1jfdjZX3TcGdvwGHOVLyu4fI8wWiklb6VNT81SACl-I3HuW7ckudiMhacVoj0520xoGFi921_j2LWgtqx1FrvLZAqGxTNrMdBQLH3GS8xFz5SCkJNog9BioFmC_5yBopKsnfgZ2ki3EFT1sMtugy8n3CS6ZEuZh05-sTSoQIrI03xxN-mkxOs9XmMUfRXlYH_8iC79XH9f2LL7b2DUNPJHz3iNregMHZerXVXDbn8yYQRmh_DU-UIJn9f5ZC1LrW8aTvyWjc_Un62lgXdpIuKvYnZBDfomx9LD8OIioEtUa9QV94vhuQpuQL6cJju9nB-1lJchj6edbdV9HyUfq5wHuuBEaRTEpOt2UmcTqZjfjNcG1yX6AomGwKEzErHtYsTWxNRejYGUN3e6bC-z1RZRIIn3X4pbI2IVFJPJ7GMDcb-f4KV73ALMc-844YkTX7wmfBtn6PIjNAgkT2HiLaMo2KXLFo1HrSUwB9SQW_g_OiSMwmHM6YmAV9_6UdSf8Pp3ymaoBmrfvgovbqbvMC_mhK6z_Ad3kfhJOSfpuNa_zG10akCJje4Cr4PX15p6FtzpQ-4Gc5fd9g_86aq_m9dqOyg&sai=AMfl-YQQqTGMWYfO38I_5Rhsgf1rGdRYjuGcN7XQp7LGYqIItOo42mKTZLrC2MP90CIivRdr1jml6u6xU4fcn3qwe9vKUEjZOrk6USVJzxQEfed7WarSQXU8bkXbI6bmPEQ4D4K1whhH7hmsuD2T8JzSBgGEGru1yquXSyNUMA&sig=Cg0ArKJSzOWGeT1IbH_7EAE&cid=CAQSTgCsnQUx6h8YfA5LjzS46gIWwSBBlPts6fk1_itFeEKSsvr3kOFKSf2YZVxs4bt1xO4E5P-RtI5U8UA9NUyB4lnzxILfh4SumcVQNLQ2hg&id=lidar2&mcvt=1000&p=1117,437,1207,1165&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=0.92&if=1&vu=1&app=0&itpl=20&adk=1176239122&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662294373621&rpt=256&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
369.json
id5-sync.com/g/v2/ 		216 B
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
6631c10dc7b2fba952f23d54018c776acfeccc1313c974a417f2594fbdcb38ae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://themorningtribune.com
date
Sun, 04 Sep 2022 12:26:14 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		63 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8a9c266791581841e888ecf9a1f46a831f821e3cc1ba7d15e1d5997013647ea7

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Sep 2022 12:26:14 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://themorningtribune.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Tue, 04 Oct 2022 12:26:15 GMT
13b57556-cc9c-49b2-b25e-8a581b41af61
ex.ingage.tech/v1/sync/betweenx/ Frame E493
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43907&gdpr=0&callback_url=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fbetweenx%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43907&gdpr=0&callback_url=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fbetweenx%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3D%24%7BUSER_ID%7D&crf=1
  • https://ex.ingage.tech/v1/sync/betweenx/13b57556-cc9c-49b2-b25e-8a581b41af61?uid=489f821d-4769-52f7-8f7b-3e0aec6fa76d
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/betweenx/13b57556-cc9c-49b2-b25e-8a581b41af61?uid=489f821d-4769-52f7-8f7b-3e0aec6fa76d
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
cf-ray
7456b663eeb992b3-FRA
date
Sun, 04 Sep 2022 12:26:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jPE1xSsAfnj4uofOxA3LSoygvIH1A9B7PhrZdsMQwyc3tAsiCwIYnyx1As0ti4%2Fvv%2B9Npv1TLk2%2BKMCFUeqID5ueUsby2c6%2FDjFRSr2OlPwL6%2BCusCWzURQXSwUUvffEjIrsMULT6IxvDVzCOw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://ex.ingage.tech/v1/sync/betweenx/13b57556-cc9c-49b2-b25e-8a581b41af61?uid=489f821d-4769-52f7-8f7b-3e0aec6fa76d
generic
match.adsrvr.org/track/cmf/ Frame F19E
Redirect Chain
  • https://ex.ingage.tech/v1/syncPage/unruly?userId=13b57556-cc9c-49b2-b25e-8a581b41af61&to=https%3A%2F%2Fsync.1rx.io%2Fusersync2%2Frmpssp%3Fsub%3Dinsticator
  • https://sync.1rx.io/usersync2/rmpssp?sub=insticator
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5137576012
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5137576012
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sun, 04 Sep 2022 12:26:15 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 04 Sep 2022 12:26:15 GMT
etag
RXcce006bb9f5d4719819334f2dab4951d003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5137576012
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
async_usersync.html
acdn.adnxs.com/dmp/ Frame DFFF 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
27457
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 04 Sep 2022 12:26:14 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 383172
X-Served-By
cache-lga21978-LGA, cache-hhn4082-HHN
X-Timer
S1662294375.920651,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 27C3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DPM_UID
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-184-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=42506
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 04 Sep 2022 12:26:14 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 05 Sep 2022 00:14:40 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 143C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406715
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 04 Sep 2022 12:26:14 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap2ams1
pd
u.openx.net/w/1.0/ Frame BC49 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 04 Sep 2022 12:26:14 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
rubicon
ex.ingage.tech/v1/syncPage/ Frame 3A60 		951 B
871 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/syncPage/rubicon?userId=13b57556-cc9c-49b2-b25e-8a581b41af61&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7456b6634e3092b3-FRA
content-encoding
br
content-type
text/html
date
Sun, 04 Sep 2022 12:26:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3nUofDMtICEaZPFgwX1xRfBXKxLt2b78AYA%2BeTjLDkZ71klXQB2pU4N9Wj9b4mxOYPul6C%2FDlWQ4jKMXS8ZK0nSntnDahJm2B3Jcu3FLgudwb3Rym%2BwLBrUtHMJOXJsTa8PkCUfIroYFZ2Lxg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
usync.html
eus.rubiconproject.com/ Frame A4CF 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 04 Sep 2022 12:26:14 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 2148
Redirect Chain
  • https://sync.aralego.com/idSync/?ucf_nid=par-BE7E7ADB8D34EE2BF7BBD2899BB62A77&gdpr=0&redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fucfunnel%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DUCFUID
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sun, 04 Sep 2022 12:26:15 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Connection
close
Content-Length
246
Content-Type
text/html; charset=utf-8
Date
Sun, 04 Sep 2022 12:26:15 GMT
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Vary
Accept, Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 5C12 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=atx4xsU7Or6R0PaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sun, 04 Sep 2022 12:26:14 GMT
server
33XP005
x-33x-status
2000208
usermatch
ssum-sec.casalemedia.com/ Frame 3265 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3D
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/f9918f7e-cf87-41a8-8cb0-dc1814248f26.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
009c099dad8b3ac084ed5761c1e8f162ff7ec8b3331bd92dbecfc025e4fd2ec9

Request headers

Referer
https://themorningtribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7456b6637ab59273-FRA
content-encoding
br
content-type
text/html
date
Sun, 04 Sep 2022 12:26:14 GMT
dropped-udsids
230|241|39|46|47|130|5|57
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FNucMfauUHfEvRvVx0QfB7%2BvWuhfvUFuHkxMkBLm7auFwZyC3LkA0qFYk1uE2QyaiZd%2B0T%2FhncFLwpk105ksEvKADqWUy96sRSA%2BrwoaJ9O7rZyn0KvdoBSI%2FirhQaICOAHo9%2FPVdYjkg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
async_usersync
ib.adnxs.com/ Frame DFFF 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:14 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
add14568-202f-4cde-9baa-0f3fb6d85128
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame A4CF 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19390
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Sun, 04 Sep 2022 17:49:24 GMT
pixel
cm.g.doubleclick.net/ Frame 3265 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YxSZZAiE3u4nycGt74TO-wAAFAUAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 3265
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxSZZAiE3u4nycGt74TO-wAAFAUAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxSZZAiE3u4nycGt74TO-wAAFAUAAAAB&dcc=t
43 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxSZZAiE3u4nycGt74TO-wAAFAUAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3D
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:15 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
80VFTN6V6X036R7Q3NVD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:15 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
8G0QDEWBQPRCFSBXZVE2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YxSZZAiE3u4nycGt74TO-wAAFAUAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 3265 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
getuid
secure.adnxs.com/ Frame 3265 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 3265
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ckaokUkO1OuOHB5&gdpr=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ckaokUkO1OuOHB5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
7456b66458a0bba1-FRA
pragma
no-cache
date
Sun, 04 Sep 2022 12:26:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjSZtPAb6J5oXmbgJAopHMyQwSWqFY1KgJUYHBgN2kTU7omB8XzZeIIzOQjWYMwOuRpGjuknsgyZcEVhNqrwKuy83Zf0UWm80mBxspCpGw2tVSi%2F%2FSZpmClZdAWCsoUHfCA1tMe9d3YvxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:14 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0b4514da13a8bc28c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ckaokUkO1OuOHB5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3265
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACFl07GKTMAAA7Mxp7-QQ&expiration=1663503975&gdpr=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACFl07GKTMAAA7Mxp7-QQ&expiration=1663503975&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
7456b664e98ebba1-FRA
pragma
no-cache
date
Sun, 04 Sep 2022 12:26:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNxmQUXjUHK7KAtqvvtZMnQ7h09gJy5pP%2B4O0D8277onGT2YVqFWczeNOI2WeHZoUBaehwL2qQBZsD8nlFVd95uUPEqzrUkWeN9mIeSeUXRuKAgloO2x56LjIyqDURd3P9r0SCKIyLLLAg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACFl07GKTMAAA7Mxp7-QQ&expiration=1663503975&gdpr=1
Date
Sun, 04 Sep 2022 12:26:15 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
ix
ad4m.at/ad/sim/ Frame 3265 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 3265
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455422170144337
43 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455422170144337
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray
7456b66509bebba1-FRA
pragma
no-cache
date
Sun, 04 Sep 2022 12:26:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utSNKzcv7ADCQuaiIKaqZ2ZxLSdepiALRZdltgxkpB1f%2FSYoZlqmVB%2BEtaAUR3JgzYoxgEQquGeEVA4u%2BOLFvl8xlY%2FmX6O%2BKxhcTDtXU%2Bo%2FrjILbTG8LqEf%2B6t1FV2epuqKYk4doDz%2BMg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455422170144337
Date
Sun, 04 Sep 2022 12:26:15 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
13b57556-cc9c-49b2-b25e-8a581b41af61
ex.ingage.tech/v1/sync/ix/ Frame 3265 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/ix/13b57556-cc9c-49b2-b25e-8a581b41af61?uid=YxSZZAiE3u4nycGt74TO-wAAFAUAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2sfs3VCkiS1E14n7YxpZuOGrB%2B%2Fd4C11JR0vVG6qKCXoQHIcQkvzempnhddDpbPHdGcWpz3D55aTM1kEcjyLr0P1xLpXxGA8VX7fpF9TR%2B4mrVT%2B%2BC%2FJD1AO7PJ93k9A0XoPSX%2BPN0LxWaz0w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=604800
access-control-allow-credentials
true
cf-ray
7456b663dea592b3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
usync.html
eus.rubiconproject.com/ Frame 3A60
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Requested by
Host: ex.ingage.tech
URL: https://ex.ingage.tech/v1/syncPage/rubicon?userId=13b57556-cc9c-49b2-b25e-8a581b41af61&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ex.ingage.tech/v1/syncPage/rubicon?userId=13b57556-cc9c-49b2-b25e-8a581b41af61&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 04 Sep 2022 12:26:15 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 04 Sep 2022 12:26:15 GMT
location
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 3A60 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date
Sun, 04 Sep 2022 12:26:15 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Aug 2022 20:46:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19389
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9378
Expires
Sun, 04 Sep 2022 17:49:24 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 3A60 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=insticator&khaos=L7NB5DYM-1T-KWRZ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
c3b5432477546c086cd062707f625a76
Content-Type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022083101&jk=1236502681305917&bg=!5uWl5aHNAAZTikH4c4o7ACkAdvg8WoVOrjGpCStqPSwRh8WnCAAGOMJXzX6S525nxnFS2uCigZiGTwIAAABWUgAAAAJoAQcKAJRkY-ML2QCzXgbviELDhUPUh3p_sEPlxpoK1yG2Pe6PIbWR36t-ayISYDOMEBvp-ZGk2e7WBMsD6IRo0ajileDayNCAnpjMR5M1ClUUfZJQfC3SwGtMAHK0dOnKV9eLyu0Kz20btpgPOCdefg1j5-1T8BWkct44qhWeb43cEB7UbjFnN2A3jzmbMOGLnw5lpyE5n5jUmQKgSdhLGBhRKnzIhdNAIN3amYLRzzkxTfSvoE2jBn55zLNz6jdktrW_x1tHCot9ItPr5fvt8oO2ncEf507nfbwOeveaTDrGwAng5LnPzD50M-z2T4v7EiE-WX7FdX6HAF0EbSiRyPJRbBANHo7N9EyfoForet4Rry692PY7FSxKIEONN6XdCi-_utrRo6kSAJ63dGcHGfH4WqvzQ9I4piURB6B2mYp6hOaBgGyqam6XNKRlZPkWcFsm2ARdIl_k3FpEo1q0Ej0l4dZUUFeSzdviCFREg3fJVT0wxeOVdLOkt_S0QVb4uwv8P5VyvXLNbqkoCIw5bwiEn_neX3xKzn_5DPJwHFqF_kc0LRd6Nz7ixzyp-Pk6CcbCf4XwMdlmYC3SXnthYcV2N8W2MHclDMd5jeR-6NbSOlZXlBPSRHx-ctc4xMBsT5DFUeXlWvz5E97gV7BguuxcPxGEGqNbSSq83qJ3Cw8vST3cLBhtzKowlW6JoeUnpd5qGSsXU8D881bX1TU5DJLT73y0uCwxIx_JjyjQiD8EzRBZl0hOCm3JnFi-S6t-NnxlddTIxZZS1NFft0q1xtiAmP3dFefp_5F_ejQ0lh3M_16RBcqvo4sMEnLQUMb2XS12ExI1uG97kEAmjLIUgMzCvA6LpR6luKF_MX9hu8g1rf4izLn_BWbIsTdmYfzsUkz7gOhrFpR3fLn90BaiXxruhpw1ZBZ4H_1-SDyQ_ZA2lRrF8SJduP1AClvr_GDpHCAdGjSCIiScdT6Sefrowfg8FEcwlT0Uo8rjejj5PgopE0ribvvikl_dh2YzpMI-3gE4rbSiBa2-r_AvU-ARxaSlxEUJBjLKL9iAQkpjDk2hppA0Gkk0OnMdyF7EB76ZaQ0fjUuFtNSz4h1z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://themorningtribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers
Tuitype-Bold.woff
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame ABAA 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/Tuitype-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72ac9945714b5daef7842be8a7245a5dab9a30392a342935f0c4d81643635206
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/fonts.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 17:40:20 GMT
x-content-type-options
nosniff
age
326755
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33164
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 17:40:20 GMT
Tuitype-Regular.woff
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame ABAA 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/Tuitype-Regular.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79a4dcccb7123bdad0763c6dfff95db363b3d1b6c3b5958756a4b0a04e1805da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/fonts.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 17:40:20 GMT
x-content-type-options
nosniff
age
326755
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32792
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 17:40:20 GMT
async_usersync
ib.adnxs.com/ Frame DFFF 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:15 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
49b0d7d1-232e-451c-b770-e701d7434659
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=themorningtribune.com&rs=themorningtribune.com&sid=58605&t=1662294371&cip=138.199.38.132&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=640&he=361&app=&AV_PUBLISHERID=5d8ccec528a0617cae5a0755&test=&aafaid=&proto=https&uid=1662294371581-968203717226-007167-003-004163&cha=0.7&stagid=62ea643a05e77f1a0c00c9b4&stplid=62ea5e3167828879e326ddc8&d35=&d36=6.2.52&cb=32400943911&d39=&d65=&apppkg=&d9=1000&prbdres=UndisclosedClassification&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=640&AV_HEIGHT=361
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.189.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-189-122.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://themorningtribune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 04 Sep 2022 12:26:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 27C3 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60153239&p=95054&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7146113c73a9556f1cb564d504611e85bdc3e2ee544e9285ea4e641542ef69e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:17 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 0FE1 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=980BF6E1-35D9-43AF-9055-82975AFA1B0D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 04 Sep 2022 12:26:17 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 8E97
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2568382642028142239
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2568382642028142239
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 04 Sep 2022 12:26:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2568382642028142239
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame B064
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cf506314-9966-4000-924b-7c61a18c43d0&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cf506314-9966-4000-924b-7c61a18c43d0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 04 Sep 2022 12:26:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 04 Sep 2022 12:26:17 GMT
Expires
Sun, 04 Sep 2022 12:26:16 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4505 5b23575 master cdg-pixel-x16 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cf506314-9966-4000-924b-7c61a18c43d0&gdpr=0&gdpr_consent=
usersync.aspx
dis.criteo.com/dis/ Frame 80A8 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sun, 04 Sep 2022 12:26:17 GMT
expires
Sun, 04 Sep 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
671247
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7744
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7139499989835511955
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7139499989835511955
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 04 Sep 2022 12:26:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sun, 04 Sep 2022 12:26:18 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7139499989835511955
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame E858
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YxSZZQALafPligBC&gdpr=0&gdpr_consent=
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YxSZZQALafPligBC&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 04 Sep 2022 12:26:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 04 Sep 2022 12:26:17 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YxSZZQALafPligBC&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4077-HHN
x-timer
S1662294378.990971,VS0,VE0
redir
rtb-csync.smartadserver.com/ Frame B426
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDRmwwN0dLVE1BQUE3TXhwNy1RUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACFl07GKTMAAA7Mxp7-QQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACFl07GKTMAAA7Mxp7-QQ&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACFl07GKTMAAA7Mxp7-QQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACFl07GKTMAAA7Mxp7-QQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Sun, 04 Sep 2022 12:26:17 GMT
transfer-encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 04 Sep 2022 12:26:18 GMT
Server
nginx
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACFl07GKTMAAA7Mxp7-QQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame D119
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=2tUeh4OaRS1R_USFIX-Ux4rHJoQ
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=2tUeh4OaRS1R_USFIX-Ux4rHJoQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 04 Sep 2022 12:26:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Sun, 04 Sep 2022 12:26:18 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=2tUeh4OaRS1R_USFIX-Ux4rHJoQ
Pug
simage2.pubmatic.com/AdServer/ Frame EF73
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 04 Sep 2022 12:26:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7456b676a91d914d-FRA
content-length
0
date
Sun, 04 Sep 2022 12:26:18 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server
cloudflare
pub
matching.truffle.bid/sync/ Frame A25C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Sun, 04 Sep 2022 12:26:18 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
i.match
a.tribalfusion.com/ Frame 3593 		43 B
626 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7456b6768bc69be6-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 04 Sep 2022 12:26:18 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
generic
match.adsrvr.org/track/cmf/ Frame F2E2
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2189658939
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2189658939
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sun, 04 Sep 2022 12:26:18 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 04 Sep 2022 12:26:18 GMT
etag
RXcce006bb9f5d4719819334f2dab4951d003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2189658939
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
bridge
cm.adgrx.com/ Frame D027 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-delivery-4.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 04 Sep 2022 12:26:18 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
ams-delivery-1
server
Cowboy
cookiesync
core.iprom.net/ Frame 4FB9 		43 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 04 Sep 2022 12:26:18 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-9e2476388054@version_1.524
X-core-time
0ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame 3B41
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D%26redirect%3Dhttps%253A%252F%252Fimage2...
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D%26redirect%3Dhttps%253A%252F%252Fimage2...
  • https://pixel-eu.onaudience.com/?partner=161&icm&cver&mapped=60378f2919936a4d6b5f161bc2720b74&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQ...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbhMTbVaMQbXRhXbU
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbhMTbVaMQbXRhXbU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 03 Sep 2022 22:40:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NOvcHvPGbhMTbVaMQbXRhXbU
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame B05A
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1356955d-1060-4915-a47d-febefac6130b-tucta0e1eea&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1356955d-1060-4915-a47d-febefac6130b-tucta0e1eea&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Sun, 04 Sep 2022 12:26:18 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4069-HHN
x-timer
S1662294378.162666,VS0,VE48

Redirect headers

accept-ranges
bytes
content-length
0
date
Sun, 04 Sep 2022 12:26:18 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=1356955d-1060-4915-a47d-febefac6130b-tucta0e1eea&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4077-HHN
x-timer
S1662294378.030571,VS0,VE9
x-vcl-time-ms
9
13b57556-cc9c-49b2-b25e-8a581b41af61
ex.ingage.tech/v1/sync/pubmatic/ Frame 2ECD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/sync/pubmatic/13b57556-cc9c-49b2-b25e-8a581b41af61?uid=980BF6E1-35D9-43AF-9055-82975AFA1B0D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F13b57556-cc9c-49b2-b25e-8a581b41af61%3Fuid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=1296000
cf-cache-status
DYNAMIC
cf-ray
7456b6768bbe92b3-FRA
date
Sun, 04 Sep 2022 12:26:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dO2%2BmhvcTMgz13nFveT%2Ffr8lIicdSFEvB7InPoXPzHxZ4Lt8vmLhyYO0U1JLDLFXYo8oKbdv6NvFv4fB7ZGL%2F6wAs5ZFRGNBmmBD81j9vjEdpmLwVvuC7GlVmmCBNP1vBMmlNWtgZJ8GAXFT4w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 27C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mAv24TXZQ6-QVYKXWvobDQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Protocol
H2
Server
2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-184-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:18 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=42502
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Mon, 05 Sep 2022 00:14:40 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 27C3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cf506314-9966-4000-924b-7c61a18c43d0
0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cf506314-9966-4000-924b-7c61a18c43d0
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 04 Sep 2022 12:26:18 GMT
Server
MT3 4505 5b23575 master cdg-pixel-x32 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=cf506314-9966-4000-924b-7c61a18c43d0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 04 Sep 2022 12:26:17 GMT
generic
match.adsrvr.org/track/cmf/ Frame 27C3
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=980BF6E1-35D9-43AF-9055-82975AFA1B0D
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=1bf7150fd129b216/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=1bf7150fd129b216/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 27C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTgwQkY2RTEtMzVEOS00M0FGLTkwNTUtODI5NzVBRkExQjBE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 23:06:39 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 27C3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOwk6jvkbkhF75_rk0YAT70&google_cver=1
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOwk6jvkbkhF75_rk0YAT70&google_cver=1
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 01:05:09 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOwk6jvkbkhF75_rk0YAT70&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 27C3 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:18 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 03 Sep 2022 12:26:18 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 27C3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8174943454314404028
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8174943454314404028
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:18 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:18 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8174943454314404028
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 27C3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 27C3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=852107461385127267&gdpr=0&gdpr_consent=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=852107461385127267&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:16 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:18 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
fb0d1397-e9d2-4270-840a-c7000678f5b4
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=852107461385127267&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 27C3
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OZ-sdTaVqyAinPl2OJywdTeV-Xgin650a58HEBx7
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OZ-sdTaVqyAinPl2OJywdTeV-Xgin650a58HEBx7
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:18 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OZ-sdTaVqyAinPl2OJywdTeV-Xgin650a58HEBx7
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 27C3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=647d1bdf-a720-4da0-8d16-410888e82683&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=11b7601e-04fd-4b20-bd4f-81271fafc11d&gdpr=&gdpr_consent=&gdpr_pd=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=11b7601e-04fd-4b20-bd4f-81271fafc11d&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:18 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=11b7601e-04fd-4b20-bd4f-81271fafc11d&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sun, 04 Sep 2022 12:26:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
980BF6E1-35D9-43AF-9055-82975AFA1B0D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 27C3 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/980BF6E1-35D9-43AF-9055-82975AFA1B0D?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:b498:ffee:4964:ac12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 27C3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=980BF6E1-35D9-43AF-9055-82975AFA1B0D&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-TEwGmPpE2uVyg1B7HVP_O3BR3Hg07Nc-~A&gdpr=0&gdpr_consent=
0
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-TEwGmPpE2uVyg1B7HVP_O3BR3Hg07Nc-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-TEwGmPpE2uVyg1B7HVP_O3BR3Hg07Nc-~A&gdpr=0&gdpr_consent=
date
Sun, 04 Sep 2022 12:26:18 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
current
pubmatic-match.dotomi.com/match/bounce/ Frame 27C3 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=980BF6E1-35D9-43AF-9055-82975AFA1B0D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:18 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 27C3
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:152c4ceb-3e88-440f-bb56-08a93ac50ead&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:152c4ceb-3e88-440f-bb56-08a93ac50ead&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:18 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:152c4ceb-3e88-440f-bb56-08a93ac50ead&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 04 Sep 2022 12:26:18 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 27C3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2773526996025606427&gdpr=0&gdpr_consent=&us_privacy=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2773526996025606427&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:18 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2773526996025606427&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 04 Sep 2022 12:26:17 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 27C3
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8c60c216-c99a-4a5c-b93e-8cfb26b77b27-63149966-5858&gdpr=0&gdpr_consent=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8c60c216-c99a-4a5c-b93e-8cfb26b77b27-63149966-5858&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:17 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Sun, 04 Sep 2022 12:26:17 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8c60c216-c99a-4a5c-b93e-8cfb26b77b27-63149966-5858&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 27C3
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=852107461385127267
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=852107461385127267
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 12:26:18 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Sun, 04 Sep 2022 12:26:18 GMT
X-Proxy-Origin
138.199.38.132; 138.199.38.132; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
7672ab01-dd10-4de2-8353-dc85cd7e8d33
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=852107461385127267
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESELVdBYqGvYi9-HH-ileYVOg&google_cver=1&google_push=AehlK4BhJ-o221LywncUgPfI8dHz9gFgDlXIXEw0yIdMRI44EXLbULbNiDrxB9bDnxa-iLRaU51kOLJd-WpeN3WQSo7LJAEyRbZ7
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=88
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESELVdBYqGvYi9-HH-ileYVOg&google_cver=1&google_push=AehlK4Ci75q5oqUM2CCBuYvdcEkGf-UdJmQ6Ex4nXsHPeJD15RWBZYQM3ze2_uRq1J2X9xtWIiL88KTl719jZZ_oLAapLiNhlB6G

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _wpemojiSettings object| Insticator function| gtag object| dataLayer function| _0x2867af function| _0x2d1c9b function| _0x691594 function| correctCaptcha string| message function| rtclickcheck function| _0x3f21 function| _0x45e3 object| googletag object| sidr object| twemoji object| wp object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| ggeac object| google_js_reporting_queue function| onYouTubeIframeAPIReady object| gaGlobal object| recaptcha object| closure_lm_528053 object| gaplugins object| gaData undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| aniplayerPos object| com function| _avcp object| $jscomp function| $jscomp$lookupPolyfilledValue object| InsticatorApp string| insticatorHeaderCodeVersion object| __webpack_exports__ object| instBid object| aax object| ads_list object| embeds_list boolean| isPageviewSent object| federatedObj object| confiant object| InsticatorXmess object| storageAni function| instBidChunk object| google_reactive_ads_global_state object| google_image_requests object| GoogleGcLKhOms

117 Cookies

Domain/Path Name / Value
xpshort.com/ Name: AppSession
Value: dc37f60ed609ac814e02bca590687836
xpshort.com/ Name: refAnjaliAroraMMSVideo
Value: NDM2MTFlMjYyM2U3MzI1YmMyNjZiMmRkNGNkYWZlYmY3ZjQ3Y2I2MzYwNWY1MjgwZWQ5NmMwN2ZkOTJjMzJmM7loEmMIjOE4TQoBpRLDmfJE6qOY3w%2FAsvSLD59v0lHY
themorningtribune.com/ Name: cap_y
Value: 10
themorningtribune.com/ Name: JSON_fetch
Value: AnjaliAroraMMSVideo
.google.com/ Name: __Secure-ENID
Value: 6.SE=CeROwscRXkqIJuZaaEBob5-eqJZEZRo_9BXZq8k0VHosveICrWnx-YtfwGCiHIyoOVpl6ZpHLyPYiPLfkMfG2Lbnwz1XhvgKOr6TZeMZLuVAAAATDo66Czyo47qLWJCZpU1Xj3hQWqVgt3uK8CcHqYLByqXQc008KZj6aS3E1rk
.google.com/ Name: CONSENT
Value: PENDING+850
.themorningtribune.com/ Name: _ga_1WV9GB5460
Value: GS1.1.1662294370.1.0.1662294370.0.0.0
.themorningtribune.com/ Name: _ga
Value: GA1.2.1762745442.1662294371
.themorningtribune.com/ Name: _gid
Value: GA1.2.777972241.1662294371
.themorningtribune.com/ Name: _gat_gtag_UA_135892861_1
Value: 1
.themorningtribune.com/ Name: InstiSession
Value: eyJpZCI6IjQ5NTA3N2IzLTJlMTItNGRlYi1hMWZkLWM5YjhjOWIzMmQ2OCIsInJlZmVycmVyIjoid3d3Lmdvb2dsZS5jb20iLCJjYW1wYWlnbiI6eyJzb3VyY2UiOm51bGwsIm1lZGl1bSI6bnVsbCwiY2FtcGFpZ24iOm51bGwsInRlcm0iOm51bGwsImNvbnRlbnQiOm51bGx9fQ==
themorningtribune.com/ Name: aasd
Value: 1%7C1662294371337
themorningtribune.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
themorningtribune.com/ Name: hb_insticator_uid
Value: 13b57556-cc9c-49b2-b25e-8a581b41af61
.doubleclick.net/ Name: IDE
Value: AHWqTUk_A-5F-1yC3rcgKDYAxfEiIg0tZUTIwVTKHFi8bnnnlYnD_SUa0P-8sowp
themorningtribune.com/ Name: __aaxsc
Value: 2
themorningtribune.com/ Name: visitorGeo
Value: DE
themorningtribune.com/ Name: visitorCity
Value: Frankfurt am Main
themorningtribune.com/ Name: visitorIP
Value: 138.199.38.132
.prebid.a-mo.net/ Name: __amc
Value: 1_1662294371_1662294371
.rubiconproject.com/ Name: khaos
Value: L7NB5DYM-1T-KWRZ
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrupO8308U0Xnjc0/aJelRdbjRFtGIHH0u7I8FWAH9sueMusIWTdAVyutDkMe0T1l1yDSSYioFkdnKY++jymV4/EsFpRVO/kNU4PysTDXAX/Q==
.360yield.com/ Name: tuuid
Value: f3c331e2-7642-4baa-ace4-b3e656ff74ad
.360yield.com/ Name: tuuid_lu
Value: 1662294371
.adnxs.com/ Name: uuid2
Value: 852107461385127267
themorningtribune.com/ Name: ucf_uid
Value: 53a91582-f0be-42a1-87d7-0295c9eda3ba
.adnxs.com/ Name: icu
Value: ChgIr-x4EAoYASABKAEw47LSmAY4AUABSAEKGQjck4QBEAoYASABKAEw47LSmAY4AUABSAEQ47LSmAYYAQ..
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.aniview.com/ Name: aniC
Value: 1662294371581-968203717226-007167-003-004163
.themorningtribune.com/ Name: _pubcid
Value: 8f312246-694d-499b-85f4-98c677e84349
.yahoo.com/ Name: A3
Value: d=AQABBGSZFGMCEDkE37Y0_mPRNQZ_iuRylW8FEgEBAQHqFWMeYwAAAAAA_eMAAA&S=AQAAAn1DbkSzkSs7joS6BCfEQvA
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 33a74fb84e4157ae
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&8b8ec8fc-aa84-4a77-8573-1c3f13bdc203"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjIyOTQzNzI7MjswMjGlM6204ktdiZ2daTHSe2fv7plIz2lSM+gJ4KgsNorVGA==
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2707:u=1:x=1:i=1662294372:t=1662380772:v=2:sig=AQGJzEqVn-NlnN-WMsbGqhV-BDn90XAR"
.aniview.com/ Name: 2_C_10
Value: gBBWA5FNuFSZ
sync.aniview.com/ Name: 2_C_10
Value: gBBWA5FNuFSZ
.themorningtribune.com/ Name: __gads
Value: ID=fbd37a599277c704:T=1662294370:S=ALNI_MYuTNXbcOzhEtzkX1jZuC8DWJqNhA
.casalemedia.com/ Name: CMID
Value: YxSZZAiE3u4nycGt74TO.wAA
.casalemedia.com/ Name: CMPS
Value: 5125
.casalemedia.com/ Name: CMPRO
Value: 5125
.amazon-adsystem.com/ Name: ad-id
Value: A91-Hq-PtEQcjo8ryPap-jU
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.3lift.com/ Name: tluid
Value: 862708884863076843788
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 8174943454314404028
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?_q(v$l!]tcB8i_iqf!oN/@E'zz<*Z0QcLBKzjA?Gt5o`Bh4[/-2I)v-Hx*r:fVpHwsTD._*PlZ[C[-kX-<Fmtn
.aralego.com/ Name: sspid
Value: f192b9d2-4404-381a-9804-43b3213d40e0
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2269B96E05-49C7-4339-A0BB-6AF0BCA76308%22%7D
.simpli.fi/ Name: suid
Value: 684E4E10DCF44ABBBDAD423F15344769
.ctnsnet.com/ Name: gid_CAESEE59SkskPYLFBe1bSrp7wCQ
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 980BF6E1-35D9-43AF-9055-82975AFA1B0D
.media.net/ Name: visitor-id
Value: 3052959730733231000V10
.media.net/ Name: data-g
Value: CAESEOdPSRNCw3XzuHaDeYx_W6U~~3
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YxSZZQALafPligBC
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-cce006bb-9f5d-4719-8193-34f2dab4951d-003%22%7D
.mathtag.com/ Name: uuid
Value: cf506314-9966-4000-924b-7c61a18c43d0
.mathtag.com/ Name: mt_mop
Value: 4:1662294374
.ctnsnet.com/ Name: cid
Value: 9e1b1a5ff6c949ecabf41359f314b0aa
.sitescout.com/ Name: ssi
Value: 8c60c216-c99a-4a5c-b93e-8cfb26b77b27#1662294374078
themorningtribune.com/ Name: _lr_retry_request
Value: true
themorningtribune.com/ Name: _lr_env_src_ats
Value: false
.lijit.com/ Name: ljt_reader
Value: FQoKqGZH0TR4l0ffSF6RYN5n
.themorningtribune.com/ Name: panoramaId_expiry
Value: 1662380774298
.de17a.com/ Name: guid
Value: 1.2568382642028142239
.themorningtribune.com/ Name: cto_bundle
Value: zmwlKV9VJTJGMlQ5NWVIaE5hQ1ZDOEl6WWlrNGlzZnVSZTdiZGd2NUhMaFNXTmFqcmclMkIlMkZvWmFaSlhMYVhHc3JmNWJ1VHBraEtvJTJCSk1IeG9mQW4zakVvM1RZNk44VXAwczFQaTRONlpObmVqTFVYeGt5SiUyRk9qSzhuVFY4aE53Y3lIa29qcmQ
.themorningtribune.com/ Name: cto_bidid
Value: cfxjvl8lMkJqMFpYSW9BdnVKQUtHZ3RWQzJSUVVtakZWdklUYlhzQzhwMTFFNVFmcVNpQmNpNWZwYmtPTWN4cGNrNVFua2tXVVFvWGhTZ1NUb1llUnY3MVl0TXZJY01xOUt3U3RlRUdGbzdxWU90ajNBJTNE
.turn.com/ Name: uid
Value: 2773526996025606427
.aaxads.com/ Name: aax-vsid
Value: 3052959740733241000V10
themorningtribune.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-04T12%3A26%3A15%22%7D
.casalemedia.com/ Name: CMRUM3
Value: 8263149966a8c0&2d6314996505a0CAESENAYjBGzG7-ieXtZoyC5K9s&2f6314996605a0&2e6314996605a0&f16314996605a0&056314996605a0&27631499660b40&396314996605a0&e6631499662760
.casalemedia.com/ Name: CMST
Value: YxSZZmMUmWYA
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 489f821d-4769-52f7-8f7b-3e0aec6fa76d
.betweendigital.com/ Name: ss
Value: 1
ex.ingage.tech/ Name: instUid
Value: 13b57556-cc9c-49b2-b25e-8a581b41af61
.betweendigital.com/ Name: ut
Value: YxSZZwAASjht56ODmL9vDUJBuMpxQHA5dLZGGQ==
.w55c.net/ Name: wfivefivec
Value: ckaokUkO1OuOHB5
.w55c.net/ Name: matchcasale
Value: 5
.bidr.io/ Name: bito
Value: AACFl07GKTMAAA7Mxp7-QQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjI0NzA0MTE2NhfiM9SNMIx3dHcMTXSzDCoHAMUknFolAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjI0NzA0MTE2NhfiM9SNMIx3dHcMTXSzDCoHAMUknFolAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZmZkZGlibG5qaGkIAFFKMPIQAAAA
.aralego.com/ Name: gdpr
Value: 0
.casalemedia.com/ Name: CMTS
Value: 1115
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 95054:4
.pubmatic.com/ Name: DPSync3
Value: 1663459200%3A201_197_219%7C1662336000%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1663459200%3A3_176_13_161_54_243_7_233_55_99_238_166_204_81_220_21_8_234_88_22_222_56_71_165%7C1663545600%3A35%7C1663113600%3A63%7C1664841600%3A203%7C1662854400%3A15_223_2
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~26z0:18z8~26z0"
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY2MjI5NDM3ODAxMH0
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-cce006bb-9f5d-4719-8193-34f2dab4951d-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.adfarm1.adition.com/ Name: UserID1
Value: 7139499989835511955
.onaudience.com/ Name: cookie
Value: 1bf7150fd129b216
.onaudience.com/ Name: done_redirects104
Value: 1
.csync.loopme.me/ Name: viewer_token
Value: 26ffac07-92c1-483c-b7e8-ae75a0f8f05c
.quantserve.com/ Name: d
Value: EOUBCwGCJ_ijAA
.quantserve.com/ Name: mc
Value: 6314996a-0d770-489d9-335d3
.bidswitch.net/ Name: tuuid
Value: 11b7601e-04fd-4b20-bd4f-81271fafc11d
.bidswitch.net/ Name: c
Value: 1662294378
.bidswitch.net/ Name: tuuid_lu
Value: 1662294378
ads.playground.xyz/ Name: connect.sid
Value: s%3AfQWPar1T1fj3ATS5Y2B9h-ZNcT2aZePd.G2pEhWuIgaZcD2Kq84iHCwMVab9CLU6YeGuMUlV%2F%2Bco
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.onaudience.com/ Name: done_redirects161
Value: 1
.onaudience.com/ Name: done_redirects147
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: 152c4ceb-3e88-440f-bb56-08a93ac50ead.431508378
.tribalfusion.com/ Name: ANON_ID
Value: atnvBNriItgP3PTReFi4V7XIjuOMfZak3lmyEjLeakTxfUyP8Fi4ceMZaFUkF80BRBDZaRZdc4FUMRowZbglMZaba3N3pOOBOvSbo3WPeOFuMUMOvaCOsV9oMf
.sportradarserving.com/ Name: zuuid
Value: 647d1bdf-a720-4da0-8d16-410888e82683
.sportradarserving.com/ Name: c
Value: 1662294378
.sportradarserving.com/ Name: zuuid_lu
Value: 1662294378
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1662294378
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-dad51e87-839a-452d-51fd-4485217f94c7.Fdw5UkEjxMJOsXqcSHKmdspoqIFk1pu7vZXtw0e8eJM
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A2tUeh4OaRS1R_USFIX-Ux4rHJoQ.dbRL6QdbWnzRFkpPPSlNB%2FA9VDC6CHHT3z3f8FY%2BtgU

3 Console Messages

Source Level URL
Text
javascript error URL: https://themorningtribune.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=88' from origin 'https://themorningtribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=88
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7ef7a420138c5b85239c14fa3114d43f.safeframe.googlesyndication.com
a.sportradarserving.com
a.tribalfusion.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.travelaudience.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.rlcdn.com
auth.instiengage.com
bh.contextweb.com
bid.g.doubleclick.net
c.aaxads.com
c1.adform.net
c21lg-d.media.net
cdn.aralego.net
cdn.flashtalking.com
cm.adgrx.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
core.iprom.net
cs.media.net
csi.gstatic.com
csync.loopme.me
d2f0uviei09pxb.cloudfront.net
d2nr2jos5slco1.cloudfront.net
d5p.de17a.com
dclk-match.dotomi.com
df80k0z3fi8zg.cloudfront.net
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
embedproduction.s3.amazonaws.com
eua.instiengage.com
eus.rubiconproject.com
event.insticator.com
ex.ingage.tech
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
gcm.ctnsnet.com
geoip.insticator.com
go1.aniview.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gum.criteo.com
hb.aralego.com
hb.yellowblue.io
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
insticator-d.openx.net
l3.aaxads.com
loada.exelator.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
mug.criteo.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
player.aniview.com
player.avplayer.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prg.smartadserver.com
protected-by.clarium.io
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.turn.com
r3---sn-4g5e6nsk.c.2mdn.net
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s.w.org
s0.2mdn.net
s2s.aniview.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
simage2.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.aralego.com
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
techymozo.com
themorningtribune.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
video-ads.rubiconproject.com
www.aaxdetect.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
xpshort.com
api.rlcdn.com
google2waycm.netmng.com
104.103.89.41
104.18.18.126
104.18.19.126
13.248.245.213
132.226.63.138
139.162.27.15
141.94.171.214
141.94.242.204
141.95.98.65
142.250.185.162
142.250.185.194
146.59.148.16
147.75.85.234
151.101.129.108
151.101.193.44
151.101.2.49
151.101.65.194
162.210.196.208
169.50.137.182
173.231.180.197
178.250.0.163
178.250.2.146
178.62.202.251
18.195.44.243
18.203.72.119
185.29.134.248
185.64.189.110
185.64.190.78
185.64.190.80
185.86.137.110
185.86.139.58
185.86.139.93
185.89.210.101
185.89.210.153
188.42.191.196
192.0.77.48
192.96.200.41
193.0.160.128
195.5.165.20
198.148.27.140
198.47.127.20
2.21.184.200
2.21.184.22
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
209.197.3.19
213.155.156.181
213.19.147.44
23.205.235.133
23.205.239.15
23.35.228.23
23.35.228.47
23.35.237.56
23.75.240.210
2600:1f18:1aca:4281:1513:7870:1516:401d
2600:9000:211a:c600:1:4a30:d840:21
2600:9000:223d:2a00:9:78a:e540:93a1
2600:9000:223e:2e00:3:f434:dfc0:21
2600:9000:223f:400:1b:5138:8a40:93a1
2600:9000:223f:9600:8:48e:53c0:93a1
2600:9000:2366:ea00:10:3422:3f00:21
2602:803:c003:200::61
2606:4700:20::681a:567
2606:4700:20::681a:bd1
2606:4700:3031::6815:3844
2606:4700:3031::ac43:98b5
2606:4700:3036::ac43:c951
2606:4700:4400::ac40:98f5
2606:4700::6813:ac6c
2607:f8b0:4003:c13::5e
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1288:80:807::2
2a00:1450:4001:62::8
2a00:1450:4001:800::2006
2a00:1450:4001:803::2003
2a00:1450:4001:803::200a
2a00:1450:4001:803::200e
2a00:1450:4001:806::2001
2a00:1450:4001:80f::2001
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2002
2a02:2638:1::13
2a02:26f0:3500:c::5c7b:6837
2a02:26f0:ea:4a5::2c79
2a02:fa8:8806:13::1400
2a04:4e42:400::300
2a05:d018:d29:3601:b498:ffee:4964:ac12
3.122.15.154
3.126.56.137
3.229.81.87
34.102.253.54
34.149.20.76
34.200.163.91
34.254.143.3
34.98.64.218
35.158.200.182
35.172.84.50
35.186.193.173
35.190.0.66
35.227.252.103
37.157.4.25
44.193.192.96
5.161.47.120
51.89.9.251
52.1.249.45
52.200.144.123
52.205.189.122
52.211.77.239
52.223.40.198
52.29.153.117
52.29.158.178
52.46.130.91
52.50.170.21
52.54.46.88
52.87.80.187
54.231.201.177
54.93.60.116
64.233.184.155
66.155.71.25
67.202.105.24
69.173.144.138
69.173.144.165
69.173.151.100
72.251.249.13
85.114.159.118
009c099dad8b3ac084ed5761c1e8f162ff7ec8b3331bd92dbecfc025e4fd2ec9
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
054c480b41dbb8bb1a0db0dd51f85a18dafa9679cd1988d4824f9da3f8aa1215
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
074442d7bd5fd3a2dad1f2e00d70b730c82cd875a9b443216ff837070706ee32
07c6e0667798b1c8059b960ad7633c4a0a5f99ef83a4393695caf8f5a7be6ab7
0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78
085327e7c84123af45c60636421105c9822b6060823ca5049f261c01adc69b69
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
0a4b39eb8db270a2b57bfc1f9d3e8a57bd9f2a78522683f1fdce948cf21140e8
0b3df30dee710242201af86fc792f61b8acf0ed86b60a8391d00514f5837ba32
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bdb2688dc9058242e29544463f658e20782201dea252fe7e7b8ab2d2642f410
0cd49f5f5bf39969438ba8096f45fcecc554cad9bfc854eefb31c491c0f6c26b
0e16d841b1486b5bd9c69a543084e0f558463ad9bd7ffd8791301367f8a849a6
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
11e26dec596142c21e667ba0ac19e731f6f65f2a5151f6f7515486bba9eacc6a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12e12f9ff19083a49ba3edd7ee045b0642c9497ffd1d0b731d0bca3f5965dc31
19224a7a57346c84e045ffa4d33ace67e09b9369b22f26c5521b3fe1f9623800
1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2010a67c304bdc5501811f6b9750087607b9860202f848437da7a072bd352dc3
21016cbf3ec7cd76b1de47ec4f39eea9889f4ec5bdaafc2cd21d917bca77fc6e
21763a2b6c1fb1dc7fbb01a616585697b96f9245f83534c97cefa30eefbf5ee3
22c5f0e93057e0fcad61db8352f169febdf92dbeea3561ece9dd03de1e1bf247
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23eb999f5846b6a745d534f054d1e29dd4c61fd652190b7f3a1e031b66db6f09
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86
253d9f8f590d4a7587f9ea63e6a1ec9a58800359dfb311dbf9d793bcfd46b128
265688c7497ecaf5df0160573afd162e8644792b02b8ed3aa78338111f4e70a9
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27f35250bb878747b818e2264255e07ec6d3bb732f367a76769154f072fc4af8
2818e59b774d92a3693a31dc0432ecfeb2d003c423d48e89902b289202690067
2c961539bdea05629dbcd160e681e5b4490386aeb13c22bd36d905dbf3c545bf
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30f634e5cee1ff5942cb19c0667435e895c64969f3c9dbab99b06b83d218a924
310b1292105c91fd94ec1f3f8985ee3f806fbd6094f3a56328f222231d4e844d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32dcb7b5d0e79583353a56225e4d8097e004103102d584e245d1b96547f9948d
33ae8ef5379aedf4c07d48ddb72a150d607e3eb241831edf1eefafa959f68e28
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3444cd05f786fc062fcb5c164604566935c9c5b25706eeab6189b3a0f37d058d
35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8
36a65f58c51aeb98905d2508e11b2a5c6b5ce8f8eb5c3aca23d4f2f95b52c34a
3c0b71db9ba69d2911827d13d1e05166c5e8f22276290c69a15926854e2b2d2f
3c2285e57a84e6536aabd3b30f96955a5ef0add57c594ff37961dab95395a2fa
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d
3d339d8964a7cbfedf6d7bede292d224a5fe885ee37ffc9ee1a9220851a1ee4e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e4abde89ddd1ad61c34e94a03b74f4af472e32d35b1489771ea5aa6c14de2e4
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
3f2a8ca1705a3d8e66979c8df98e647b51d96906c013b6a047fa55eca49e813c
3f2b8c73c0c6b771e190015dd0d67112a1d456b3b3883bac6522ce8a6edacf34
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d
403222a6df8e667b965352ff18004eed9f7deb7c6ec0d9d275d342138d7c61a2
4108f012d20a4a5db9771b21831ccdb8680dce8a8b0c066ceccb376307c7f91d
41214ea16ddef32ccfcdaf1eb885d511b2691221dc266954f2a05a856548cc3b
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
446c680cd560e8e6110720159efecf879087dd126674cb3714f5b5b7b1e13f7e
44c5d1c14f1685bd38adfe9a418c800339ea356687ba6e1da9514be0a7df9955
45ee2725c6ebd544d4d82397d7013f0d2e64d9ded813843fa9b4df7c31700a93
45f76e06a4f9e2cf17c0a5369b5431deecf8a3e3663968b1697ba3036d5d614e
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
47a278025cea905349e975bf082b6d027e22a536a4b3d370afeb04d8fc5b2ca4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c
4a9f99689e64455b029e6dbe9dc4395e3ea0ec04d8c20d0034d5ab3f4c145a01
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454
4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6d5cbec4fa0435b5307accc162df34fff6f4eb29050eaf1bc2ce28e2c4cdf3
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
524c55c8d2300cce448d346b995650dc7fcd703ab0c3734c057147b5c69d3773
53c4a84d181d986474d76c4b33c971fa6237af62e1644ab37219e497d4360fbc
5528cede3254230bed79bb66408ffb76f9c474a0f747518a2d6a13a4f5f064a0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56438c19f21a6f2e4fe98a34200e13ceff72502706c6549ef2c903c5b18d34d6
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57a18b6c18cc1cb382fc80abd6302ee9c092d472b15d257fd911d942e6def986
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5968deed67db36c17098f115d0fd4318e4ef3616b6c3541da921599e64689040
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1
5d92cfa4b9d994bd8c3ea734df43518c328641ae88f570608081f9dd0b398e27
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64ab062a2a4d62d22170dd14c4a3a566632d1ebf476ab80d27c7c81901209e36
65415c10eca74a417e80cad783b8298cd1c3170954541e38cfe4780fab9cabe8
65b6379f1016ab70afbabc691e325db440129f6413ac7adf468bad16c5184d2d
65feceacb04f597834fb80b25e72b122e8a467ed8d73b61206a61004cde683d7
661f646e3fb2ed704f9d98bdc5a964e0d82ebd4ad621d1a3adf31b24fadcb23f
6631c10dc7b2fba952f23d54018c776acfeccc1313c974a417f2594fbdcb38ae
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
69baa42b5243c9fad39140cd27772eb779a829f93bbc325e2e695fd8b74f4371
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cba897d646547818a576acc765f386685cdc7d7c947c4bef07b3344efbe66b1
6d38edfdaff5a3e6cfcccd26f9eed468207f91adf8833e2dd28e8660035492ba
6d6b4e3715b628457d40f2bf6e62b661d2bb36d85296d08a0bca4858dd617f7d
6f5d18b1769507b97d8718a598fcecd3bc9e270bc11a520d769b2d06452418f6
7041206683c7b5da4188ef7ed1523815102ac13af21f55c4b04b5fbbe4514ae5
7146113c73a9556f1cb564d504611e85bdc3e2ee544e9285ea4e641542ef69e4
72ac9945714b5daef7842be8a7245a5dab9a30392a342935f0c4d81643635206
72b91e5f107c26ffaeb13d05378bc60f27f2579848aac263163abb8c6d3ef6d2
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7310148aef9b5a6415c86ad58145e45ca053cb4dd04ee071a3840355f955966b
732117ac92a33b760d9290a33f1541762ee9449dc417ea249b5a0df50738ad16
737ecccfd5058eeb7a46e5ea9616822be78a60668342b22f2fcfae3130f7d8c1
7401e53b32c0a5833974745e89e440d10c16b36c198052a2df147952104d01b1
75accb62acfb84c7df1e0e2f1b9909e4ed8f15c6756cb9efa675cecae85da09e
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79a4dcccb7123bdad0763c6dfff95db363b3d1b6c3b5958756a4b0a04e1805da
7a4cd86f5095c8acd3619ec7f98146027af925e4c6d8e4157cffe0a936867553
7a5a84e98d7dd2e4090fb5f006854d1df497956cc9ffb5419011c9b16d1b8cc7
7a7dfd2734ca75fc47845a64852c3ec5869642c6680a400baf9b2f651144d8f9
7bbc0a1a176faba3ab4ef9aebd61fbc1fd8afc56ce0ed7f7183d8256a57bb024
7c409f494ee43633c5e2caaeac201b20d165c0bf295d05133ceaf9ac385cab97
7cc5e5e369e6d7bc2c00aa361cab436bcb50b65f112e6552066af702837a3e47
7e01cca9f55d03fc38e339504ead5a7ae838aa05192a0a6256edfbe55f53259b
802a0ac9c835c0add64067c222d71b52bff0f5cfaafe4b673b1875a68ffaabb4
829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840ad1e1c79cd5a60ae29c3237dda4ef279ca8cbe1fa600234ec2916593ad583
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
88d4f2dd0c7d1d91f98411acb6ce7b12afbe8019f2730e71b05653a67b4f5314
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a9c266791581841e888ecf9a1f46a831f821e3cc1ba7d15e1d5997013647ea7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8ae05b21516547099fd39ee4b2336cbfb1be997c5f5fc8c83e17b3d47cfbd434
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f286cc197ff13c59948bd43178964c3da6df9d38522b0a888e2c940cf513d9c
90b0327fcf2727eca2d0e6fb654a7ab2ec2ec20b01c7559a8f3708423b22392a
90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81
910f5b3ccfcd92e728ed7e5f154c59a1ef6a37e507653fc2c975a37a3ae1dd92
9384b83d0217ed2aa98aaa86e39ffc0d7a682907f4113601eeec99ac48579b1e
944ab259cd530aae5297cb47f32500602472d60bb30a2c2e1ca25782c7c9c820
94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
96528311a7ca94ea4f44e16eb9d6ce2be7ac047c7e49b970b050723247e18e7e
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
986a0b3e763c03e19e57834096d93462efb28177ad702b2ec5fe84889936004b
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9944a3d660078ebf819612ee6b0c35040a5321075253f57704653641586482af
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f93b59e460574ea6f93317f0f3b49aa69354a696022673a2b1a4ec6b35221fe
9fce620efedb3a0ab107c356a4980ebff44cb931313fa31fd201b2e28121cfae
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1c6322df9c8ca3d8fcc320d90e5740d14eac6f5c2a82005a665b7b798df4dd7
a2041c7780dcb51eb3a3318ba9ad92f69e5dcf1ee0af75bda2b430353a2133d1
a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7b9f24a8dec9b21915215bc54d458cd8ff7f0b501f17c2e32f2de8e0cd82f81
a8f4944d570d6826ec39e25a63dbeaa322b2e7e8390148183804bb4c8f563446
a9b0d7c0ecb660bfe4de7e5593a85b00553c991af7bbb3b577ca2b70cace0d93
ac94be5d386b8ebdbfc6c8a34573850e9041482111f9b5c95da88af3c9152755
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1929a1a67ac8637b03a412182ab9919f60bed969d608f2b2fd0ee23c0c29ed0
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44
b29257e2d73ac9475d2e96137962bdfdf6925eb38f15cb5050158ad48df09a9b
b3d58bcf272258d6dde92e0123d8bd16f3caf1c4a025147c5964fe778e064e6a
b7733207cffdf30a54d5243350f4d55e696721a83a3022df349ce7ee17cbd3c2
b7b2df62536f84a85e2812da8b375b62724a66472b91144ddbacbeee52a6722f
b7d6728628ef211d3b30f62aae45ab63fd79dc5ab17ad2dcf6f1bbce1268700d
b8b6c690aa55fd20f4b27d68ba0bc7ebfca15d0ad3bb1a78ddf40385a3671072
ba779091c1cf9857fdf168168e75323bcfde25f1e3eef3b6f9f681c782fd18e6
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd56a7cf8387fb93e395fcf3fc4cc743d9dd0097b612a931e13f7aebc4cb5b1c
bdb836038c8f75a258010a01f6afbea1ca01b9eb3addfb7f0605475e68c3ab02
c1316c59ebb7ebf3879a5d7f1fb1644a34769bcaa22e24ce93d7b2e9c43fa0db
c1a93d02455c4b35fa2fc63b4cdb4034988248e0df443e248beb1e01b9557ff3
c20d83f4400f6412e87aad214cca99d79d7cb6a38654286e0e0b32f6b3ec19a9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3a572859712e29d256079cf43667752eefdb18ec15072d217b1e0bd76fd7f89
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
cbea10abc6a4fb6c6db32f7ff91d4e53f496579268f4f28e4e15f14c76cdd088
cc7154e7e7fdd3d5dbc82764f1a95a5ed863553b8981324adc409172e2e90184
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfea3cc65b2e1e3800e7e4d0ab98ef2b9295ee989eeeba105e2d15d2ea71e632
d07a81032ceeeb3aad2bb744cfdbb82f9f7b08dc52912f0fc16f50c1d8f30583
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23
d44ad22ec2d377c2fbf5ea484ff9dc9de9c9c2951bd60e439f48bf1933136102
d4adc0d7fbfc331663f6ad035e13aae0af63b6eaab1cc7d14ced20a3ff16fb44
d4b829542d11c7b72ba3232130db9e75124395fb6a8452ffca58a1d4532f637e
d4e6e5c8177a7a4eb68a34cc357578c6eedba44d39075a29e9b7c0f2bdb76b79
d5486bd604ac6d924dd969a196ef9b9439b6d0e274befcf8dd4f1375fca99541
d66055eaf222d4d2b4dd6db0b58a832472e92a7fe324299b5071feb936b9723a
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c
d8295848601a45fc6ff78a90ac4d35396851ea4411b76a06feeb357ec99a37bc
d8c2580defe30b3c580e86b00aa3b9e7faab8150d936b2fc773e8b3a93facd80
d93cf4fc76991056b5028a886b79facc695d726e8c139936d4ad8a153fb97540
da9bd6293cfe80c6e8430c383e324251b8a480f5f37c22749908dcb4007dfb01
ddca021f6bc25038942e6af3deb4bf545c70ec6fb0e72a8990f6dd3fd1e3867e
deb8237504c89676bea6de8c9995746c9b150c0a7ba958372aea28d3874a7358
dfe8853b2397a43e20d55fd377aafeed785c7ae335ed07b4986997b9780f48a2
e1785cd16abf8a5b653b566a70daae72ddda696445bd3b40b810d65137e23985
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6e080e881e29a77d25b2707d3d130d52bf039080f439ffe7618ed9ebe5c0d8e
e717a645581874f187745e175a04a6a3b2aca4217c1fb7071e1e2d89ef1c673b
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
e8e212e1358bb7afb4915583367bd85f8749c65708714153c45c3d1443e20d76
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed53f9e05f2bde9f023a19cd474153a7d3544de2d1328cae6da849f746b6c915
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3c26d7b80540c3c6e5b9fa581f3b501ba1805675074a6861fccf4afe040903
f13bc08411a45add285949483ee8ab65001f6d7ebaddcfc83d5b2df50a4cde0b
f2f577dd30717fb56374c9bcca678502cb87aaf55e5e48168f89839d67c4ce51
f3788564f7a924d1a979c8a304966e21bf746f0ccbf57657122704f9402b905a
f3cece78973668b50c0fa355e7ec2e74650487062c5231c4aada5ca0cd9ab00f
f43aac1d05f628013e1dfbe944e0b66a2af6677e8dc16019dba33d7e7c801220
f534b7b1961a07619a8e1466ee3ac41144e416a276b521ba453ed7b5416ca53e
f5ac6348585afe084ad84bb4b456717fd946101219e1f3c16f266745dc80b0d4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f66986ed99ca7b82ec8446a38595ef4ec79ce47da50e59ea9b12c5248a8aebb8
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f78574d63243e74b5ab3a146a9e8af93d2deac45955097e9ebf4e4cc09b85d2d
f83dccda0f23005e073046554fcb6f70e6cc5c6d5a31482d8cbf00c3cae72a69
f9170bffba7bbd872604d24ae99a02270b64c1abece5134aa5b704efa919769e
f9ff7c4755b869306aa56116dac5780193c9838937884a09979d404aac5f613f
fb2bbef60f172e5315cad8c254f0f55a8e3599b8eba951963bb85c31088f7c9f
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fcb83e23059a13e2f411db9fbbc047bb49a24b96fec61fdb008410b76ce4d395
ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3