newsvidex.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://videx.slidetext.xyz/?id=Zi9BNTljS1ErRGtHa25zUHZ1Z21oTC9CTDgxdGJpRVl0cldrMEVnOWFITFR4TDV5N241L2I0WWxndjE0NnkvYWh2cVVQ...
Effective URL:
https://newsvidex.com/
Submission: On August 15 via api (August 15th 2023, 10:28:58 am UTC) from US — Scanned from DE

Summary HTTP 226 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 49 IPs in 8 countries across 32 domains to perform 226 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is newsvidex.com.
TLS certificate: Issued by E1 on July 22nd 2023. Valid for: 3 months.

This is the only time newsvidex.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::ac43:911b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1 12	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.122.92 18.66.122.92	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
3 6	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:4000:a:e047:753:6381	() ()
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.18.24.112 104.18.24.112	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	52.48.185.171 52.48.185.171	16509 (AMAZON-02) (AMAZON-02)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
2 4	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	52.18.159.223 52.18.159.223	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	52.222.239.116 52.222.239.116	16509 (AMAZON-02) (AMAZON-02)
43	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
6 8	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3 7	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
30	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
6	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.229.80.150 54.229.80.150	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	2800:3f0:4001... 2800:3f0:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ed6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:16::a	15169 (GOOGLE) (GOOGLE)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223f:0:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:1f13:800... 2600:1f13:800:7780:7b33:7507:38f7:f5c1	16509 (AMAZON-02) (AMAZON-02)
226	49

1 2606:4700:3033::ac43:911b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

videx.slidetext.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

newsvidex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-92.fra60.r.cloudfront.net

scripts.kiosked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.172.123 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:4000:a:e047:753:6381 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.24.112 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4c7273966160223132d25434d861315e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.185.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-185-171.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.18.159.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-159-223.eu-west-1.compute.amazonaws.com

events.kiosked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.239.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-239-116.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.130 (Grosse Pointe, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.66 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.80.150 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-80-150.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2800:3f0:4001:82a::2003 (São Paulo, Brazil)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ed6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:16::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r5---sn-4g5ednd7.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:0:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f13:800:7780:7b33:7507:38f7:f5c1 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	googlesyndication.com 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 151 4c7273966160223132d25434d861315e.safeframe.googlesyndication.com	455 KB
33	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 206 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 239 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 366	515 KB
30	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 318	1 MB
21	newsvidex.com newsvidex.com	289 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 974 static.adsafeprotected.com — Cisco Umbrella Rank: 644 dt.adsafeprotected.com — Cisco Umbrella Rank: 585	101 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	316 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 623	5 KB
7	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 772 gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2553	15 KB
6	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 221	5 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 357 aax.amazon-adsystem.com — Cisco Umbrella Rank: 441	64 KB
4	kiosked.com scripts.kiosked.com — Cisco Umbrella Rank: 35601 events.kiosked.com — Cisco Umbrella Rank: 44166	178 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	170 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1497 google-bidout-d.openx.net — Cisco Umbrella Rank: 1496	671 B
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 617	72 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54 region1.google-analytics.com — Cisco Umbrella Rank: 2069	21 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 150
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 3684 r5---sn-4g5ednd7.gvt1.com	603 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1034 bcp.crwdcntrl.net — Cisco Umbrella Rank: 886	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 887 id5-sync.com — Cisco Umbrella Rank: 423	26 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	142 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	2 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1423	63 KB
1	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 396	33 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 245	21 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1378	9 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1617	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1676	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1539	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 356	1 KB
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 572	864 B
1	slidetext.xyz 1 redirects videx.slidetext.xyz	572 B
226	32

	Domain	Requested by
43	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net 4c7273966160223132d25434d861315e.safeframe.googlesyndication.com s0.2mdn.net www.googletagservices.com
30	s0.2mdn.net	newsvidex.com s0.2mdn.net 4c7273966160223132d25434d861315e.safeframe.googlesyndication.com 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
25	tpc.googlesyndication.com	0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com newsvidex.com 4c7273966160223132d25434d861315e.safeframe.googlesyndication.com s0.2mdn.net googleads.g.doubleclick.net
21	newsvidex.com	newsvidex.com
12	securepubads.g.doubleclick.net	1 redirects newsvidex.com securepubads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	dt.adsafeprotected.com	0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com pagead2.googlesyndication.com 4c7273966160223132d25434d861315e.safeframe.googlesyndication.com
6	googleads4.g.doubleclick.net	newsvidex.com googleads.g.doubleclick.net
6	ib.adnxs.com	3 redirects scripts.kiosked.com googleads.g.doubleclick.net
5	0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com	securepubads.g.doubleclick.net 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
4	gum.criteo.com	2 redirects static.criteo.net
4	www.gstatic.com	www.google.com 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
4	www.google.com	newsvidex.com tpc.googlesyndication.com 4c7273966160223132d25434d861315e.safeframe.googlesyndication.com
3	www.googletagservices.com	0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com 4c7273966160223132d25434d861315e.safeframe.googlesyndication.com
3	events.kiosked.com	scripts.kiosked.com
3	c.amazon-adsystem.com	newsvidex.com c.amazon-adsystem.com
3	static.criteo.net	securepubads.g.doubleclick.net scripts.kiosked.com static.criteo.net
2	static.adsafeprotected.com	0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
2	www.googleadservices.com	0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
2	csi.gstatic.com	www.gstatic.com
2	fw.adsafeprotected.com	1 redirects newsvidex.com
2	4c7273966160223132d25434d861315e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	mug.criteo.com
2	oajs.openx.net	1 redirects newsvidex.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	newsvidex.com www.googletagmanager.com
2	fonts.googleapis.com	newsvidex.com 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
1	r5---sn-4g5ednd7.gvt1.com	0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
1	redirector.gvt1.com	1 redirects
1	code.createjs.com	s0.2mdn.net
1	cdn.ampproject.org	0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
1	cdnjs.cloudflare.com	s0.2mdn.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	fastlane.rubiconproject.com	scripts.kiosked.com
1	bidder.criteo.com	scripts.kiosked.com
1	scripts.kiosked.com	newsvidex.com
1	videx.slidetext.xyz	1 redirects
226	51

This site contains links to these domains. Also see Links.

Domain
wordpress.org

Subject Issuer	Validity	Valid
newsvidex.com E1	`2023-07-22` - `2023-10-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.kiosked.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-09-30` - `2023-10-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-07-27` - `2023-10-25`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://newsvidex.com/
Frame ID: 719D61CEA3FADC9FAF382D88444624EB
Requests: 60 HTTP requests in this frame

Frame: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FC20AC6F2C6CA3C4F3E58F43FA766667
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 0F74D76EAAD75DE8D46ABAEA8D5904B5
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=newsvidex.com
Frame ID: A718BE97014E274336466E782ED03B90
Requests: 2 HTTP requests in this frame

Frame: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 05EC082F8B3FE782468F04FCA9DA9ECF
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRCtuLuWAxjVwI_zATAB&v=APEucNV2VBpLO3sGCK3wxtuFYY58zJLgr79ss9OeKRraYe9_HqerL-moqXYLRjN___eBIq8j59wOvn9d2bCOfTFzDxwnDKRWz9VT8mFqQxuuD1zfN3ILeH3TfrlQ7v9IlKjj1hCelcJjkYEHMhAPmngF-aTQuCOm1h1CQlC1z8dInA-z0VuvJl0
Frame ID: C8C40ABBD9EB7B6836FF20845D4D1CA4
Requests: 5 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 218C0ED5D8808624C5126A3D0B04ADCB
Requests: 1 HTTP requests in this frame

Frame: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5FF58CA4F0573D3E9A86244D7E7D2793
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 648D8B965145F0B72BBF97657AAEA06A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0A45BB0AE5298DB6B7838102D8B7E7B5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3FCADB84FAFA21C81944CE96ACBE1F2F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 71E935F4C0BF698E501EBF9D0385FDEF
Requests: 2 HTTP requests in this frame

Frame: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 322333C5DE4C7C283B5EEBD61DE81596
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJ7or-kBMAE&v=APEucNV-xp8jVy-TOZxcM8vFexxAjedNPniEGRND1V1TEnhIyHhe_ImMrjSzAQdiA6sIGqqqyIXk0sfs0x5nU9_qdT-rd-jeHZF7jUMJtuy_h_CID4a6LzwOrJLPxf6p8byQ07wr8c0LFN4yjfjh7ib2ZyVy_oKuPCIrokay75D1FQe0si0XLJw
Frame ID: CAA868D3E65D5CF55CF597EF035B6CA7
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 091AF3E4C455123D3C92A4903A563B9F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250
Frame ID: 9286B5B52AFF301F0185FFD071FA8293
Requests: 26 HTTP requests in this frame

Frame: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4F9CC381554B3C617EE874C253472393
Requests: 21 HTTP requests in this frame

Frame: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 80B3795D3057BC180684F2E0F57CBB0A
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLqlkwEQsZGUARigz4PeATAB&v=APEucNU2xehNyC30TtvFjxZmqItDkcFVwIsh5W09zb_UVLVONj_WLj4Q7bR3NJ-uxS_Q_4vENJW4hIu1F56rJrkU5_HhwmMopA
Frame ID: 5E6ADF8F6CB7A91E0454BCDD679E9A3A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F6F3984259606C02F1C9F1F633D82E37
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15666339272179623673/index.html?ev=01_250
Frame ID: 10C121E99808069217C3AAD9E42195F3
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 9EE0CDAECCA1D44C692449E9952BBE29
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js
Frame ID: B464A2EA669D1726A27FD52844FF315C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 54A301E0AAB8F3747E1CBE01BB7D0685
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=newsvidex.com
Frame ID: D08585F39EE5A4DECD20F7B686E728EB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NewsVidex - Regular News and Tips Provider

Page URL History Show full URLs

https://videx.slidetext.xyz/?id=Zi9BNTljS1ErRGtHa25zUHZ1Z21oTC9CTDgxdGJpRVl0cldrMEVnOWFITFR4TDV5N241L2I0... HTTP 301
https://newsvidex.com/?id=Zi9BNTljS1ErRGtHa25zUHZ1Z21oTC9CTDgxdGJpRVl0cldrMEVnOWFITFR4TDV5N241L2I0... Page URL
https://newsvidex.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

226
Requests

94 %
HTTPS

62 %
IPv6

32
Domains

51
Subdomains

49
IPs

8
Countries

4319 kB
Transfer

9556 kB
Size

21
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://videx.slidetext.xyz/?id=Zi9BNTljS1ErRGtHa25zUHZ1Z21oTC9CTDgxdGJpRVl0cldrMEVnOWFITFR4TDV5N241L2I0WWxndjE0NnkvYWh2cVVQTDBub2xWQzR5L1lGczB3emFTUDJCM21nckh1eU1waUFZTkdmSnM9 HTTP 301
https://newsvidex.com/?id=Zi9BNTljS1ErRGtHa25zUHZ1Z21oTC9CTDgxdGJpRVl0cldrMEVnOWFITFR4TDV5N241L2I0WWxndjE0NnkvYWh2cVVQTDBub2xWQzR5L1lGczB3emFTUDJCM21nckh1eU1waUFZTkdmSnM9 Page URL
https://newsvidex.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://videx.slidetext.xyz/?id=Zi9BNTljS1ErRGtHa25zUHZ1Z21oTC9CTDgxdGJpRVl0cldrMEVnOWFITFR4TDV5N241L2I0WWxndjE0NnkvYWh2cVVQTDBub2xWQzR5L1lGczB3emFTUDJCM21nckh1eU1waUFZTkdmSnM9 HTTP 301
https://newsvidex.com/?id=Zi9BNTljS1ErRGtHa25zUHZ1Z21oTC9CTDgxdGJpRVl0cldrMEVnOWFITFR4TDV5N241L2I0WWxndjE0NnkvYWh2cVVQTDBub2xWQzR5L1lGczB3emFTUDJCM21nckh1eU1waUFZTkdmSnM9

Request Chain 52

https://oajs.openx.net/esp?url=https%3A%2F%2Fnewsvidex.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fnewsvidex.com%2F&rid=esp&cc=1

Request Chain 59

https://gum.criteo.com/sid/json?origin=publishertagids&domain=newsvidex.com&sn=ChromeSyncframe&so=0&topUrl=newsvidex.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=GHtEtXxHVEFEcDBBRktHdjNLNVd5SHdTTHBaV292YmNBVW92Mk4rMFFhb2xMaGZ6UDlCaWxQY080M1hxaHJVMENQRStPYzZDSTRORlBWTGFCUHFvRWlmTlZGajc0cnV4ZFdoYk1UeVpzaHIrWWg4bE43bTZFbjE5aHd2RVJDZkI5RG04b28rY0t4TFZpU1R1TEF5SjAvdkdUNEFpZjJCZmowNThad0JDWnhpdWhPQm9XbHYvSDVGUzEwMWpxT2lkYlNmbEpuZitWWTk1WFA5OFJPM0lHdGRicndNUFB6YkV4VWQ1OXRXcUN6RmFqRWRLd3VqZWlKTS9DRDVINnVOQ2g4TEs4bjFSM3lFRlZYK2VxZ2JRaG9uTlU2UT09fA&cppv=2

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC2Na4KbLDIwuyLBsF7s_WE&google_cver=1

Request Chain 77

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNtTZOrjm7PLALKB1.yTNQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC2Na4KbLDIwuyLBsF7s_WE&google_cver=1&google_hm=2

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEE57nlwdaUVrSB8aXO5VmbA&google_cver=1

Request Chain 79

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcxNjEzNTg4Njg5MzU2MjI0OA%3D%3D

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC2Na4KbLDIwuyLBsF7s_WE&google_cver=1

Request Chain 109

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNtTZOrjm7PLALKB1.yTNQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC2Na4KbLDIwuyLBsF7s_WE&google_cver=1&google_hm=2

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEE57nlwdaUVrSB8aXO5VmbA&google_cver=1

Request Chain 111

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcxNjEzNTg4Njg5MzU2MjI0OA%3D%3D

Request Chain 158

https://redirector.gvt1.com/videoplayback?id=9c4299299f20c90c&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1692102532&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=49FF01758371FCB28263CC07D2227013452D9BD3.04047C620DF6CB09616F6430012C43935E6F97D0&key=ck2 HTTP 302
https://r5---sn-4g5ednd7.gvt1.com/videoplayback?id=9c4299299f20c90c&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1692102532&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=111F1ED612B81234FAEC7843743F51404AD66807.3368F5A675A3653AC7BBEA79FA5973F3643E7EDF&key=cms1&cms_redirect=yes&mh=I3&mip=2001:1b60:2:240:3247::11&mm=28&mn=sn-4g5ednd7&ms=nvh&mt=1692094652&mv=u&mvi=5&pl=29

Request Chain 167

https://securepubads.g.doubleclick.net/pagead/adview?ai=Cz0vLZFPbZNrHFcWS1wa66oLoBZ2m8NNxibihposR6Kq2lYsDEAEg_77uLGCVgoCAsAegAZzvgMICyAEJqQK5q2-bweNJPuACAKgDAcgDCqoE7AFP0JZLsGZ9NFIFOqLNEWGQtaO2nC6SgRY7A1mwjsZWDzNuR7DFFZTYOrM7sccgKWBQqaYFNOy_HqCGmlD_3sLiOhJA9iyJ32I4iwdHIXa6EGzZu19vhUjb_RMjimRD7vJLPZWyVXAuLSdGukhodWEHcc4F2IHM2sLfMr9qn6Vm-2-LcW9i7AGkx5PT-tuloP8i3G1rYpZSbMLFFMqF9w2A0wpow2IZSsic0I6LW5hVi6aSmF2oagrd3n7d0jgwt-ZftK96EZxbZ9lVAas_fKBSc9FCRnpb6fZDwIee8aUln11-aEXWTdlCsJpPtcAEqImGscQE4AQBkgUECAQYAZIFBAgFGASgBi6AB8yQ_70BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ5-BD0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJdmh0dHBzOi8vd3d3Lm1hbmFnZWVuZ2luZS5jb20vcHJvZHVjdHMvYWN0aXZlLWRpcmVjdG9yeS1hdWRpdC9zZW0vd2luZG93cy1hZC11c2VyLWFjY291bnQta2VlcHMtZ2V0dGluZy1sb2NrZWQtb3V0Lmh0bWyACgPICwG4E5wb2BMC0BUBgBcBshceChwIABIUcHViLTE5NDYzNzc2OTUzNjcwMzcY__kd&sigh=lbDDTsNQxFE&uach_m=[UACH]&ase=2&cid=CAQSTABpAlJWvl-Dn21vI-yb1XEkxW-3HQKg1blpH4KonC1ISatBnfpeyqPVOU3_ZWAa2kxf2_aV6DCyfKcMW3U65BSvBIjZJRkLgwboH-sYAQ&template_id=3484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227875343041317998722%22,%22debug_reporting%22:true,%22destination%22:%22https://manageengine.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22675297180%22],%224%22:[%2208-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213924244359166064337%22}&andc=true

Request Chain 169

https://fw.adsafeprotected.com/rfw/st/1475223/71249285/4.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-3423085545296231&ias_chanId=1&ias_placementId=20111337730&bidurl=https://newsvidex.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iJIfoUwTrAlP8XbGfWR4B9&adContainerId=brand_safety_ZFPbZIr9LbODjuwPh_-V2AM&cbFunctionName=goog_wrapCb_ZFPbZIr9LbODjuwPh_-V2AM&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fnewsvidex.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fnewsvidex.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:276d3798-5fe8-c6ad-52e5-25c0c7456048,c:lmgdgT,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-6f8fd47874-gk96f,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tMZRzJu+11%7C121%7C122%7C123%7C1241%7C13%7C141%7C142%7C143%7C15%7C16%7C17%7C18*.1475223-71249285%7C181%7C182%7C183%7C19,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:20,oid:87fbdb2c-3b56-11ee-b72f-8687b0c87bab,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_ZFPbZIr9LbODjuwPh_-V2AM&cbFunctionName=goog_wrapCb_ZFPbZIr9LbODjuwPh_-V2AM&true_pb=

Request Chain 216

https://gum.criteo.com/sid/json?origin=publishertag&domain=newsvidex.com&sn=ChromeSyncframe&so=3&topUrl=newsvidex.com&bundle=bnKPml9uMGFHdW9kdyUyRm5tajhmWVNwYk92c0MlMkZ4bTdrMXNPM0t1NzZaQVZHUEl2eEJEcmNXdEZZNDR0UFpWeUZWY3NIU3p5OHN1REpCNkpVUkJkRTZ4TGRPelEzcHdUVm56WjVGWEtoZ0lQWlVUYVVtJTJGWlhIMTgza2lPekF6cWtqSkRIS1NpU3pRJTJGREJ5WEF2Ujg4NGk3SmJ6dyUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=q8WfZXwyaTk0VGhLM2NwcWdyS3pHY2E4K2tkejh6aE11dTUxZ3R1ZTBmK1M5V3AvNHZlM0Nwd293bFJhVEJjSmkzRnRKMUtac2FuVjVHY2JKaThmR2s3QWxXR2FyK05lbmxNSTMvZldhSFd6OWwxS3B0ZUNzT0p3OWYwME9FZ3dTcmg2N29INitCeGRMaVBFMHNZMDgxM1hoRkNOblB5SytPcGlrN3hGMXRFZkpFc2o2S1NOSnh4UDhxTWVqVldMU0NEeUQvM0o5Q3VlaDJFWFdyZ1FiRHp3VzBNU05Ic0lCWDhvRU9EeUFIOVVoUzQrNDRabWxacEVWZ3d1anBQR3pDdHBTekxnN3VVTnRkenNpa0ZTVTRKNUVnYUlMeFhmMEM4NG9yMnJSRGt6VktSRT18&cppv=2

226 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
newsvidex.com/
Redirect Chain

https://videx.slidetext.xyz/?id=Zi9BNTljS1ErRGtHa25zUHZ1Z21oTC9CTDgxdGJpRVl0cldrMEVnOWFITFR4TDV5N241L2I0WWxndjE0NnkvYWh2cVVQTDBub2xWQzR5L1lGczB3emFTUDJCM21nckh1eU1waUFZTkdmSnM9
https://newsvidex.com/?id=Zi9BNTljS1ErRGtHa25zUHZ1Z21oTC9CTDgxdGJpRVl0cldrMEVnOWFITFR4TDV5N241L2I0WWxndjE0NnkvYWh2cVVQTDBub2xWQzR5L1lGczB3emFTUDJCM21nckh1eU1waUFZTkdmSnM9

2 KB
1 KB

714ms
653ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsvidex.com/?id=Zi9BNTljS1ErRGtHa25zUHZ1Z21oTC9CTDgxdGJpRVl0cldrMEVnOWFITFR4TDV5N241L2I0WWxndjE0NnkvYWh2cVVQTDBub2xWQzR5L1lGczB3emFTUDJCM21nckh1eU1waUFZTkdmSnM9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eff5fc69ec853b87373b67d2f9542236a8019ef425151dea24e9862e172448e5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f70c0c5b8369a30-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 15 Aug 2023 10:28:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tb7MmDwes%2Bfd32nwgkbFP3p2muWhx0s4dcgex2VmosVhd6W5fIHWL6dz%2Fl9tEV7u%2F6j9Gpi599ic07PpSjknUJHgPe8rkVP7lTbPDnAoUZsRKzTSjWPOkgr4KkBDvb2pC7NCQlt3zSUxEw%2BY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 7f70c0c52e342be6-FRA
date: Tue, 15 Aug 2023 10:28:50 GMT
expires: Tue, 15 Aug 2023 11:28:50 GMT
location: https://newsvidex.com/?id=Zi9BNTljS1ErRGtHa25zUHZ1Z21oTC9CTDgxdGJpRVl0cldrMEVnOWFITFR4TDV5N241L2I0WWxndjE0NnkvYWh2cVVQTDBub2xWQzR5L1lGczB3emFTUDJCM21nckh1eU1waUFZTkdmSnM9
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2JCrWzDKWzaO6bGfh6aYKhYDjed6t4dv1xj0NKPKXphXCR22ysI7jJvUelvc8pWiGLqN%2F%2BhuQvvNnrjnDSQQwxIaeyrNZlOC66VGO%2Bvhp%2B69tdeDC2VFawFuc2BmZLCnwSsklE4bcRVxO9YYYTf3W2z"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Primary Request / Show response
newsvidex.com/ 155 KB
45 KB 214ms
213ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsvidex.com/
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/?id=Zi9BNTljS1ErRGtHa25zUHZ1Z21oTC9CTDgxdGJpRVl0cldrMEVnOWFITFR4TDV5N241L2I0WWxndjE0NnkvYWh2cVVQTDBub2xWQzR5L1lGczB3emFTUDJCM21nckh1eU1waUFZTkdmSnM9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c1c540adba2efa0a227e1bf95106a4ba172a700c7b186533b4ab2a901b5ad91

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f70c0c9fd099a30-FRA
content-encoding: br
content-type: text/html
date: Tue, 15 Aug 2023 10:28:51 GMT
expires: Mon, 29 Oct 1923 20:30:00 GMT
last-modified: Tue, 15 Aug 2023 03:46:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYBP%2Bwa09cgrv6K0W8t0S6i10xVVXDNrxrrLteLEDAf4s8tT4qCwKER1%2BaGrg0UkCq6Zn7ovlusXcjrEeoXL7EO%2FY0I7uzkmjO99ED%2FiWHgNhlAIOtNtDgsEYEvZudKFrGw6Z1r7vRWbK7CF"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 o6rs.css
newsvidex.com/wp-content/cache/wpfc-minified/deeb6vg3/ 102 KB
14 KB 53ms
53ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsvidex.com/wp-content/cache/wpfc-minified/deeb6vg3/o6rs.css
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c43375572e1e71864c01267c2f3d4bea1413bd7978af273509757575319eff02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2023 03:46:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24149
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DciEcdLgwh0YZgvtvgm5Phrz%2B9KZCVev3cjmuwlCBWbkluQwjip9VDnOrYrWwRyx9HaaAMoxSpGgQZ%2F9m9qQUHjzDTXw0wbc8k3nHIZyMnCEftdJsNa9DR%2B5wGqbJkrrrUvnfUxLtLMEFlQo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7f70c0cb592a3a86-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 22 Aug 2023 03:46:22 GMT

GET
H3 200 o6rs.css
newsvidex.com/wp-content/cache/wpfc-minified/77gx5uxb/ 6 KB
2 KB 30ms
29ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsvidex.com/wp-content/cache/wpfc-minified/77gx5uxb/o6rs.css
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64d8b90f5b453ad0e19e7ee11724f05a2e2343cf9c8f5ffba9f55b8e79f24781

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2023 03:46:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24149
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCx0nSFw36duU7PLYubRRpS4u0GSt%2FUaM5yvY491HUcz7faBis45ffzjaYQZ1Cgy4RoDGk265RoWbveolVEmD%2BfjzpthSvWGTNeiJImJzTD%2FZEMEbc4%2FUqACBuQfZy6ZwQfKJ2JlfCfS5ziN"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7f70c0cb592c3a86-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 22 Aug 2023 03:46:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1008 B 74ms
28ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C300%26subset%3Dlatin%2C

Requested by

Host: newsvidex.com
URL: https://newsvidex.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d376e780bcc5c6dd54272d535a39e4346ac241d12870b555cd85b4ad734ea40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Aug 2023 10:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 10:28:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Aug 2023 10:28:51 GMT

GET
H3 200 o6rs.css
newsvidex.com/wp-content/cache/wpfc-minified/fr4b2ohk/ 60 KB
14 KB 30ms
30ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsvidex.com/wp-content/cache/wpfc-minified/fr4b2ohk/o6rs.css
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 364a5c27d2ac8b5f566046597a12ab16fcb1bacc833561b04ea9ea7837ff4cd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2023 03:46:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24149
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nk9ED5KWWd%2BqTv24I7GHGsQeWx7k1XVCr6YwTPkqJ9iU9fzL6ug6XORIZPX7L99bGqsp4j1d5ZrSy8ndAIY%2FgwmG0Yzaf5bxsLcsUkuEtw38P1%2FwetmnuKzZIHmXT0AgS0FArKM3hdRcOhYp"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7f70c0cb592e3a86-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 22 Aug 2023 03:46:22 GMT

GET
H3 200 o6rs.css
newsvidex.com/wp-content/cache/wpfc-minified/mlzc3b16/ 346 B
658 B 125ms
124ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsvidex.com/wp-content/cache/wpfc-minified/mlzc3b16/o6rs.css
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2902e5c19fbbe4b0c6bcbfb1ef627bf4a75df212eed136d0aa260d4913b9e2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2023 03:46:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24149
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkyhWw%2F%2FslxTMOv7VUZleXbuPAf2TVBl9S7CiDpqm3H8XmpSzP300L%2Fv77GZHJZO%2BLGYYmxBlQAk%2FLu3LkP7ZJutb35a2mBXUrbEYFVvdnS4cVZjw0MVRr5eTxPYSwG5Ks8oBO%2BD7xKbnEdh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 7f70c0cb59303a86-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 22 Aug 2023 03:46:22 GMT

GET
H3 200 o6rs.js Show response
newsvidex.com/wp-content/cache/wpfc-minified/8jlfsfv9/ 99 KB
35 KB 68ms
67ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsvidex.com/wp-content/cache/wpfc-minified/8jlfsfv9/o6rs.js
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76af7cb8cd3b202e502d3abd8b661f6e8126503c84b83d80bd2922c9cc40b9fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2023 03:46:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24154
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BehB8KsHM5A0Bo2DcB0s7QZPVgLO%2FtqunN2i9gFzeWsZbDS2Xeprrqz3r36xVQHvG4LUtA7n4F%2FGTqle0ao8UE0bc%2Bu30Z27jkHWJTIlqvz2q3gsci2YfpeW0iRC9Xy%2BNS0W4%2Fr1OuyX7jIJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7f70c0cb59313a86-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 22 Aug 2023 03:46:17 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
875 B 74ms
28ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: newsvidex.com
URL: https://newsvidex.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5c522f9116ea6ea47e03ca9f70125e37edc03ca979cee71d7e9a8c844d4de537

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 555
x-xss-protection: 1; mode=block
expires: Tue, 15 Aug 2023 10:28:51 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 86 KB
29 KB 159ms
111ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: newsvidex.com
URL: https://newsvidex.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3078a5b6033cf95732e2e123f82136c30b09a3b213b1d2065de3fb6abf085bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28708
x-xss-protection: 0
server: cafe
etag: 883 / 19584 / 31076972 / config-hash: 5625847931497644913
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 10:28:51 GMT

GET
H/1.1 200
OK kiosked-loader.js Show response
scripts.kiosked.com/loader/ 573 KB
177 KB 92ms
24ms Script
application/javascript 18.66.122.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.kiosked.com/loader/kiosked-loader.js?site=17805
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-92.fra60.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: 00243e1acb1e0ee5e5de905ce388340295cccc0b3fc6d18bb843344424f0b7c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 15 Aug 2023 10:25:16 GMT
Content-Encoding: gzip
Via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 215
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
P3P: CP="KIOSKED"
Connection: keep-alive
Pragma: no-cache
Server: nginx/1.14.2
ETag: W/"00243e1acb1e0ee5e5de905ce388340295cccc0b3fc6d18bb843344424f0b7c5"
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=0, must-revalidate, no-cache
Timing-Allow-Origin: *
X-Amz-Cf-Id: bOLy8eE29U1PIBSLY8eQW-bPmKfzl1bTo3oMHFKpBLJtqUVwG2btqQ==
Expires: 0

GET
H3 200 Please-Wait.png
newsvidex.com/wp-content/uploads/2023/05/ 805 B
1 KB 38ms
37ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsvidex.com/wp-content/uploads/2023/05/Please-Wait.png
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6458f6ab36bab1309374c9f6213a9e962c5a2ca3f572faf474a2b0780b07797b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 16:46:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24064
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcJStQYlzqr2692wL6CpuHBTOe6H%2B4ywtKx%2FGekKltw8FEMe3Cb%2FAoLaIdnxdf1BcGmaoJETqi4NAzsRU26WE%2FBIhnpYjByKMAqo0m6L96fy52Nxf6aByjOGI9lKxn7cL4JmDvnpchX98e3J"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f70c0cc3a733a86-FRA
alt-svc: h3=":443"; ma=86400
content-length: 805
expires: Tue, 22 Aug 2023 03:47:47 GMT

GET
H3 200 Human-Verification.png
newsvidex.com/wp-content/uploads/2023/05/ 824 B
1 KB 28ms
26ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsvidex.com/wp-content/uploads/2023/05/Human-Verification.png
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d3d3e006fed403fe21adad67236246365b16a1b00baca471bfa3f9552424146

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 16:46:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24064
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8UU9TWhhHWct93VFb1wkGwp0i0QQ5VL10x77LCqBDe%2FhKolEFsaka%2F116YWK4gyYYENURdFCdAISDW9voMtl%2FCfnYhJbMa3%2BWnQJ12syyfgOpsM4mgEw9pgHJemoEYYaeWSG5uxJmYOXxBa1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f70c0cc3a753a86-FRA
alt-svc: h3=":443"; ma=86400
content-length: 824
expires: Tue, 22 Aug 2023 03:47:47 GMT

GET
H3 200 5-Fundamental-Reasons-Why-Your-Company-Needs-A-Mobile-Apps-200x135.jpg
newsvidex.com/wp-content/uploads/2022/07/ 8 KB
8 KB 29ms
27ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsvidex.com/wp-content/uploads/2022/07/5-Fundamental-Reasons-Why-Your-Company-Needs-A-Mobile-Apps-200x135.jpg
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0868f8864edf2b3ce1a92817e3a85110b916f7879056733374b77ced7dbcfb31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 16:26:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24153
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnW9rwFGI0YJRr08aQG5pZW96ja25oe4ihpWKgetXtDOK6uik7lHzHLA%2BYurfgoJsh%2FfPGGtYW9xPVdunF2nThoBVJGXHM%2FhmrlOxnXIA4DGREpndgkkwF2fOxMBIt5eL4Cm6o%2FyuNtLWvyF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f70c0cc3a763a86-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7773
expires: Tue, 22 Aug 2023 03:46:18 GMT

GET
H3 200 Trending-Development-Of-Metaverse-NFT-Marketplaces-For-Property-200x135.jpg
newsvidex.com/wp-content/uploads/2022/07/ 4 KB
4 KB 31ms
29ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsvidex.com/wp-content/uploads/2022/07/Trending-Development-Of-Metaverse-NFT-Marketplaces-For-Property-200x135.jpg
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb66df48bdc2630ccb6f47302d9e5a51d470997900efe61de374f323473902d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 16:26:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24153
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJCl2BwWYGg74piQWq9F7cXimrd%2F43ImjpMntz8Bk8SgFt5eGDZd7yXyNua89QS0t%2FDIkXWaGGbwoo%2BUVzezJJZoakWRq7i%2FhItPhdEzkohBSrRWgWynydBsLGv3NZzvNkgWeMTRNajgEYxS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f70c0cc3a773a86-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3830
expires: Tue, 22 Aug 2023 03:46:18 GMT

GET
H3 200 What-Advantages-Does-Artificial-Intelligence-Provide-For-Customer-Service-200x135.jpg
newsvidex.com/wp-content/uploads/2022/07/ 7 KB
7 KB 32ms
31ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsvidex.com/wp-content/uploads/2022/07/What-Advantages-Does-Artificial-Intelligence-Provide-For-Customer-Service-200x135.jpg
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92a9645446378844b9f2622be5f3a02607f8e4bfd8c793fc92e5b2d569eccffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 16:26:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24153
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRb%2FQKCv0Hv50mr0PqKoKAtos8mxnjdWJIo19UNygebBZvsy9u5DPwLREnOLgJ96ufaX9q3kJRcfxp89%2BmZSkRTPspiDB%2BegfiwiijKCjEhxtv1IY27tTLmpDvLe%2Fc%2F8yLc5%2BO7BfGjl70dj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f70c0cc3a793a86-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6992
expires: Tue, 22 Aug 2023 03:46:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 79ms
32ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-247050099-1

Requested by

Host: newsvidex.com
URL: https://newsvidex.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c2f00d8171be05c2ea9b2dd91b4f7ad9cd21429375508ad9e54a8a0a4b77fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66608
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Aug 2023 10:28:51 GMT

GET
H3 200 jquery.sidr.min.js Show response
newsvidex.com/wp-content/themes/superfast/js/ 7 KB
3 KB 32ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsvidex.com/wp-content/themes/superfast/js/jquery.sidr.min.js?ver=6.3
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a65a90d45e96a839c51c415245fdd88b0bebcdf8b4dc7faafd4d914b82cde215

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 15:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24153
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jp%2BpDcsD7Ky7VDsv61cQrQ6jTHqe%2B3mzxfq%2FybWBuMK%2B%2B8rrr%2Bhp08tv5opJAY8d9tbsnLfWT63vkCpoUjkNBh5DjxGYOyC3iAmUJWXwEw%2F9oRXn24cU8ZYiEERsw5E2c43aO328YoNJk42E"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7f70c0cbfa073a86-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 22 Aug 2023 03:46:18 GMT

GET
H3 200 customscript.js Show response
newsvidex.com/wp-content/themes/superfast/js/ 3 KB
1 KB 28ms
28ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsvidex.com/wp-content/themes/superfast/js/customscript.js?ver=6.3
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be06ffb2cd06a02216ca9a5e16cecf8009507b74105774aedd0617ddaa8b8cbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 15:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24153
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Ak0asKAcwcOVyz5tUZtck6x6IfapQ2lYKTj0h3sKexja5La3HvJRevwNA%2BpvPXz5yI73oNZxn1fPhog%2BFIuhErqGLVSJX7MFM0Ps3t0GUCkugUqL6ylPRZZUFRanZ3%2BFR4hR0LI7FnYbSuI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7f70c0cc2a573a86-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 22 Aug 2023 03:46:18 GMT

GET
H3 200 frontend.min.js Show response
newsvidex.com/wp-content/plugins/q2w3-fixed-widget/js/ 23 KB
6 KB 31ms
31ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsvidex.com/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.2.3
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 16:10:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24153
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvVCJlV%2BW3v1QzvBvGwkR2jJYNHAYrAJ7y%2Bt8hwxvauubTvNOCNoR0Voy9Tb6wSaPkS8hXA5VjAth%2Fkob8h2B8lOkYrMwbSOEV%2BFvAIt0xyuJNr6c1a3qy60oWf0umufskZTsKbVh3CxMMSO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 7f70c0cc2a593a86-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 22 Aug 2023 03:46:18 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 86 KB
28 KB 261ms
214ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: newsvidex.com
URL: https://newsvidex.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a0222cc8d589e0592f678c0cfc0da93023dcfee170ae6807f3a9a6d12008d2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28695
x-xss-protection: 0
server: cafe
etag: 34 / 19584 / m202308080102 / config-hash: 5625847931497644913
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 10:28:51 GMT

GET
H3 200 /
newsvidex.com/ 55 KB
55 KB 213ms
213ms Image
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsvidex.com/
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 15 Aug 2023 03:46:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iEqLy9Ef76Q6XUqk8Onc6b%2BBfPIyhKhjNxzRgp1pXETdZ9tqo%2Bf2O6NCe5GycQDYsbGHX5meeE7t5HMotVjfqncZUS5zb9RZ6gzop2HQflhArX7VLI%2BalDiVdsdxCzmRyostDIWEHoLqvi2M"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 7f70c0cc4a7c3a86-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 29 Oct 1923 20:30:00 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ 35 KB
36 KB 65ms
18ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C300%26subset%3Dlatin%2C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://newsvidex.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 22:38:10 GMT
x-content-type-options: nosniff
age: 301841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35904
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Aug 2024 22:38:10 GMT

GET
H3 200 ElegantIcons.woff
newsvidex.com/wp-content/themes/superfast/fonts/ 62 KB
63 KB 28ms
28ms Font
x-font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsvidex.com/wp-content/themes/superfast/fonts/ElegantIcons.woff
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/wp-content/cache/wpfc-minified/fr4b2ohk/o6rs.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae

Request headers

Referer: https://newsvidex.com/wp-content/cache/wpfc-minified/fr4b2ohk/o6rs.css
Origin: https://newsvidex.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 15:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2546
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ykiWDbfvxdXtqw5WWmn5QWudU7eljjWm3bzU34oHZXi3n7%2Fn70sfmcu948MnhLeUF04x%2BJC1UNNA38YiOWDfx8GpynBNc7gOrBHBruXr3Dr4xmFNteg0ytEfLevdVjb8XgAhSk%2Bj5jdgz7A7"}],"group":"cf-nel","max_age":604800}
content-type: x-font/woff
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 7f70c0cc4a883a86-FRA
alt-svc: h3=":443"; ma=86400
content-length: 63664

GET
H3 200 What-Is-IP-Spoofing-And-How-Do-You-Deal-With-It-200x135.jpg
newsvidex.com/wp-content/uploads/2022/07/ 6 KB
6 KB 33ms
32ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsvidex.com/wp-content/uploads/2022/07/What-Is-IP-Spoofing-And-How-Do-You-Deal-With-It-200x135.jpg
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c32520c4061f2dc531744ba5384035ae123532861644782333cee1f5b2a1cbfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 16:26:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24153
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwBhKvmDCLEBVGzp3afgfPRjzLCxmbjalPtWkiolAm%2Fztxm3ImWgNvaR9zFWShOnYrsb6OBCr79soKrlnroo7Y%2FfEgTeJ%2Bx2qU8uPZld2ty6S9%2BpxrIolqGZqkt5TLTc%2BGQiCg%2B9Zma1K5KZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f70c0cc6aa73a86-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6119
expires: Tue, 22 Aug 2023 03:46:18 GMT

GET
H3 200 Where-Can-I-Get-The-Most-Reliable-Free-Forex-Trading-Tools-200x135.jpg
newsvidex.com/wp-content/uploads/2023/01/ 7 KB
7 KB 34ms
33ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsvidex.com/wp-content/uploads/2023/01/Where-Can-I-Get-The-Most-Reliable-Free-Forex-Trading-Tools-200x135.jpg
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ea3074d44427095db8c43247c0ae10f1d707938bec563391959de4b1ac1e061

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 16:26:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24150
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZNUJllTQkOMNnY2fQxOYlceYvTjPpSNnU6AyVJvBxDTdlpX6A0luhw1x7CN2SMG%2Bxgg9EDlYE3heL8%2Br%2FMIYfpjSROxNVBTr%2FfTTSZyVPnPTwWWmDzw6tcS15VEb6MCLgcft%2FIHvQCgbRfN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f70c0cc6aa93a86-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6972
expires: Tue, 22 Aug 2023 03:46:21 GMT

GET
H3 200 The-Most-Effective-Uses-Of-The-Digital-Twin-In-Real-Estate-200x135.jpg
newsvidex.com/wp-content/uploads/2023/01/ 6 KB
6 KB 37ms
36ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsvidex.com/wp-content/uploads/2023/01/The-Most-Effective-Uses-Of-The-Digital-Twin-In-Real-Estate-200x135.jpg
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35f391b57644dbac2bbd29c21e0bee372b26f6cca8252a33d9e00c3605a1a5b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 16:26:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24149
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHhd%2F0NRWJHFL%2FDU%2FRCrOUi4wk9VjIABCyUR1iygldz9zXVP05cq3w%2BWHN0%2BLhEiBrsGpbzny%2FX5iSLySzSnoYn52AaQTvwM1Ng9Tt24Hbhsk5iKS8xoOGbYXYBY4Nv98Per7FLAblnCiAnJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f70c0cc6aaa3a86-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5891
expires: Tue, 22 Aug 2023 03:46:22 GMT

GET
H3 200 The-Best-Outdoor-Lights-That-Dont-Get-Wet-In-Perth-200x135.jpg
newsvidex.com/wp-content/uploads/2023/01/ 7 KB
8 KB 38ms
38ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsvidex.com/wp-content/uploads/2023/01/The-Best-Outdoor-Lights-That-Dont-Get-Wet-In-Perth-200x135.jpg
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba2002d3607e865976666cf35ed91dce6a71d44649e885afd3fcc4adc3320943

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
cf-cache-status: HIT
last-modified: Wed, 24 May 2023 16:26:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24149
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wa0sJWrhIheFH5vkEQbtfN2tXO7A6WC9nQWh8tyz4Cgn7JdcM6BV1PigUx7UPU4n7EN7axVubOyZFd4rpdnoMjOdb8PjpJ3qU7vuJgk600STo1PRHdj2Ekmoqqb3zbI%2BB9g0kxjIMiilgJaf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 7f70c0cc6aab3a86-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7253
expires: Tue, 22 Aug 2023 03:46:22 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ 441 KB
178 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d005e54c557c7b45e4dbbe2abb05bf33bb52631faed17189da60940b07c25ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsvidex.com/
Origin: https://newsvidex.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:08:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 181564
x-xss-protection: 0
last-modified: Sun, 06 Aug 2023 12:02:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 14:08:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J2YRJREY02&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-247050099-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd13d385a728fc6b4cc9407f2c74d8a7f99ed322ea745e30be360aadacdfdf2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78352
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 15 Aug 2023 10:28:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 70ms
19ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-247050099-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 15 Aug 2023 09:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2348
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 15 Aug 2023 11:49:43 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 151ms
45ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.30.0&cb=23703414906&lsavail=1

Requested by

Host: scripts.kiosked.com
URL: https://scripts.kiosked.com/loader/kiosked-loader.js?site=17805

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://newsvidex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://newsvidex.com
date: Tue, 15 Aug 2023 10:28:51 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 351 B
864 B 292ms
183ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17558&site_id=491450&zone_id=2916152&size_id=2&rp_schain=1.0,1!kiosked.com,12353,1,,,&eid_pubcid.org=b2b405ab-d2a1-466f-b8ea-797dfcc5e8a8%5E1&rf=https%3A%2F%2Fnewsvidex.com%2F&tg_i.page=https%3A%2F%2Fnewsvidex.com%2F&tg_i.domain=newsvidex.com&tg_i.pbadslot=12353_089f848f33668ef55ae137a3d2c49d90&tk_flint=pbjs_lite_v7.30.0&x_source.tid=ff0c8c38-fee6-4c73-bbbc-0f14b8398585&l_pb_bid_id=42ef9caa64e01a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=12353_089f848f33668ef55ae137a3d2c49d90&slots=1&rand=0.6178022261117311
Requested by: Host: scripts.kiosked.com
URL: https://scripts.kiosked.com/loader/kiosked-loader.js?site=17805
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 250952b26f354268e84a0ef38b4c47a99bf545d42fc36a27bba740601fdc009e

Request headers

Referer: https://newsvidex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:51 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://newsvidex.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 351
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 137 B
700 B 85ms
25ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: scripts.kiosked.com
URL: https://scripts.kiosked.com/loader/kiosked-loader.js?site=17805

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b7125c5e6f452041b3cb773a2eb3e5315c99d975bcc8f894a15d37aae2aaae59

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://newsvidex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:51 GMT
an-x-request-uuid: 729aa666-5567-4d7f-8b3a-26621cbb0841
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://newsvidex.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.29; 217.114.218.29; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 137
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/ 400 KB
126 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 20:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51664
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129087
x-xss-protection: 0
server: cafe
etag: 2193028555055074692
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 13 Aug 2024 20:07:47 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 71ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-J2YRJREY02&gtm=45je3890&_p=1238931755&cid=1511824296.1692095332&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1692095331&sct=1&seg=0&dl=https%3A%2F%2Fnewsvidex.com%2F&dt=NewsVidex%20-%20Regular%20News%20and%20Tips%20Provider&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J2YRJREY02&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newsvidex.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 27ms
26ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1238931755&t=pageview&_s=1&dl=https%3A%2F%2Fnewsvidex.com%2F&ul=en-us&de=UTF-8&dt=NewsVidex%20-%20Regular%20News%20and%20Tips%20Provider&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1835986801&gjid=1386601540&cid=1511824296.1692095332&tid=UA-247050099-1&_gid=420844085.1692095332&_r=1&gtm=457e3890&jsscut=1&z=1810726995

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://newsvidex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newsvidex.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 133ms
43ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6557
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4568-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jptgVUDVGvfMJnwY%2Ftgdykck89lr7nUKd7qwthen0wWP9NcG2Z9iyhRfISgiRWit9KudVGyG%2FRSQnbJZ7vuqTm%2F15Bzr6xITH147R5Ouj90%2Fj16pCUeyVuEiQT1j6GYYkEwdn4dC0M1qTSIHffw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7f70c0cf4fa5924d-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 112 KB
26 KB 133ms
44ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Aug 2023 11:32:19 GMT
server: cloudflare
x-amz-request-id: WYJ03SF4665EXAPH
age: 1488
etag: W/"25c6f4638264ba52fb77e06351d38d61"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7f70c0cf4d209bcb-FRA
x-amz-id-2: IPw2zshTMOj9qvNKrCCoXTp8KGLaJ7ukJIc7DUBXDzOYxd3zAxkJWp25yM6/kBpV8aLA1H1DBkstusOQ1eZ41A==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 135ms
45ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: ba36f6d4b4c753579caad036d7466c84
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 110ms
21ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 12:15:10 GMT
content-encoding: gzip
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 80022
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: ElflWhyr5grR89V0REwqUmjESscsmMnKoqOXQvq-294zqhFfYycltw==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 107ms
18ms Script
text/javascript 2600:9000:2250:4000:a:e047:753:6381

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4000:a:e047:753:6381 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: null
Date: Tue, 15 Aug 2023 05:08:18 GMT
Via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 19234
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: 4T4BwCc9aHI7_bTt8NTtCOe_0ATzbq48JpCIHddISy-ri7Vt3429_A==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 109ms
20ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 02:29:26 GMT
content-encoding: gzip
age: 1583965
x-guploader-uploadid: ADPycdtgQcQ5-IXNGnj-bizVFPypnO5rWXUHHepVnzEiAeMz7KZUZ57OqZuzfW-lDA7aFwUvM3c09LWW8P8XbazHPZIusw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 27 Jul 2024 02:29:26 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 157ms
68ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-aa04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 16 Aug 2023 10:28:51 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 40 KB
9 KB 114ms
26ms Script
application/javascript 104.18.24.112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.112 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 04 Aug 2023 18:38:49 GMT
server: cloudflare
age: 410061
etag: W/"64cd45b9-a13f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7f70c0cf4e5535e1-FRA
expires: Fri, 18 Aug 2023 10:28:51 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 721 B
377 B 438ms
435ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3889811211081171&correlator=2329224692648975&eid=31076625%2C31076972%2C31068367&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=339263271%3A22733957189%2Cgam_newsvidex.com_responsivehorizontal&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C320x50%7C468x60&ifi=1&didk=597121984&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1692095331607&lmt=1692063960&adxs=550&adys=20&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fnewsvidex.com%2F&frm=20&vis=1&psz=730x50&msz=730x50&fws=0&ohw=0&ga_vid=1511824296.1692095332&ga_sid=1692095332&ga_hid=1238931755&ga_fc=true&dlt=1692095331078&idt=489&adks=522944739

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7557f17dc371a05fb02dbd250123e79a9a505eb2f4854b53af47599f6c756c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 346
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newsvidex.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 390ms
388ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3889811211081171&correlator=2329224692648975&eid=31076625%2C31076972%2C31068367&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=22673182584%2Cnewsvidex-mango.mp%2Cnewsvidex_banner_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=2&didk=899365211&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1692095331617&lmt=1692063960&adxs=305&adys=174&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fnewsvidex.com%2F&frm=20&vis=1&psz=990x250&msz=990x250&fws=0&ohw=0&ga_vid=1511824296.1692095332&ga_sid=1692095332&ga_hid=1238931755&ga_fc=true&dlt=1692095331078&idt=489&adks=843571903

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4baf7bb464a8911b3875c0910cdbdce6d84ad6cdfe4c8887a2de655034ea9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9711
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newsvidex.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 786ms
784ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3889811211081171&correlator=2329224692648975&eid=31076625%2C31076972%2C31068367&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=339263271%3A22733957189%2Cgam_newsvidex.com_display&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=3&didk=1825126795&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1692095331623&lmt=1692063960&adxs=980&adys=545&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fnewsvidex.com%2F&frm=20&vis=1&psz=300x600&msz=300x600&fws=0&ohw=0&ga_vid=1511824296.1692095332&ga_sid=1692095332&ga_hid=1238931755&ga_fc=true&dlt=1692095331078&idt=489&adks=2792757711

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c143b6f39022be1afa16adc565a3bba2f68f3427e76ffb7e148dbc2ee231bdfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9693
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newsvidex.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 112 KB
31 KB 1130ms
1128ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3889811211081171&correlator=2329224692648975&eid=31076625%2C31076972%2C31068367&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=339263271%3A22733957189%2Cgam_newsvidex.com_display&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=4&didk=1464942920&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1692095331627&lmt=1692063960&adxs=980&adys=1917&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fnewsvidex.com%2F&frm=20&vis=1&psz=300x600&msz=300x600&fws=0&ohw=0&ga_vid=1511824296.1692095332&ga_sid=1692095332&ga_hid=1238931755&ga_fc=true&dlt=1692095331078&idt=489&adks=3611877616

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dafe80f47a31afee1a28891aec84618e73595f7acad8421ae9c999d9a61458a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32209
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newsvidex.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FC20 6 KB
3 KB 132ms
26ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsvidex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 10:28:51 GMT
expires: Wed, 14 Aug 2024 10:28:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
333 B 359ms
47ms XHR
application/json 52.48.185.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.185.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-185-171.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f5876d3e4aeb48a0c4fce444bd738d17309c159a0ae8f66d44f06a4b8df1ce1d

Request headers

Referer: https://newsvidex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://newsvidex.com
cache-control: no-cache
x-server: 10.45.29.36
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0F74 86 KB
28 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: newsvidex.com
URL: https://newsvidex.com/?id=Zi9BNTljS1ErRGtHa25zUHZ1Z21oTC9CTDgxdGJpRVl0cldrMEVnOWFITFR4TDV5N241L2I0WWxndjE0NnkvYWh2cVVQTDBub2xWQzR5L1lGczB3emFTUDJCM21nckh1eU1waUFZTkdmSnM9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40d4a6129a7d8ae7843464eccf026d9c15271e774fb695d38e8458cf64137ca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28699
x-xss-protection: 0
server: cafe
etag: 570 / 19584 / 31076943 / config-hash: 5625847931497644913
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 10:28:51 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 0F74 246 KB
60 KB 97ms
23ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/?id=Zi9BNTljS1ErRGtHa25zUHZ1Z21oTC9CTDgxdGJpRVl0cldrMEVnOWFITFR4TDV5N241L2I0WWxndjE0NnkvYWh2cVVQTDBub2xWQzR5L1lGczB3emFTUDJCM21nckh1eU1waUFZTkdmSnM9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 09:49:34 GMT
content-encoding: gzip
via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront), 1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
last-modified: Thu, 10 Aug 2023 21:28:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2358
x-amz-server-side-encryption: AES256
etag: W/"a7247ead77dd201b1e56acf0e565194b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: EjQIiICJ4JvUsZRlznnKKgd-04oWgrdrsnCpU_Ck0E6GFx8k2amFcg==

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fnewsvidex.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fnewsvidex.com%2F&rid=esp&cc=1

85 B
203 B

133ms
132ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fnewsvidex.com%2F&rid=esp&cc=1
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: e35753e5bd7e5ed48ee5b5fbb44909718d9c4c971a3eae0fda1d95831c9da9a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:52 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-ERrPZ/uqKddNFZsDBcB6MZTnP74"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://newsvidex.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Tue, 15 Aug 2023 10:28:51 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://newsvidex.com
location: /esp?url=https%3A%2F%2Fnewsvidex.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
322 B 99ms
29ms XHR
text/plain 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://newsvidex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://newsvidex.com
date: Tue, 15 Aug 2023 10:28:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A718 15 KB
6 KB 127ms
39ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=newsvidex.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://newsvidex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 10:28:51 GMT
server: Kestrel
server-processing-duration-in-ticks: 327294
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/ Frame 0F74 400 KB
126 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js?cb=31076943

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e1d11e09ae5619685a66e50267d80bc6b716e2a3d9377b922ead3c32cba527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:21:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22052
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129236
x-xss-protection: 0
server: cafe
etag: 3196626984536983108
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 14 Aug 2024 04:21:19 GMT

POST
H/1.1 200
OK u Show response
events.kiosked.com/ 95 B
458 B 256ms
98ms XHR
image/png 52.18.159.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.kiosked.com/u
Requested by: Host: scripts.kiosked.com
URL: https://scripts.kiosked.com/loader/kiosked-loader.js?site=17805
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.159.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-159-223.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: ac554a4ea8b34bbb80db013e14be195ebc986f82f24e5b18b0ea9032ef561f57

Request headers

Referer: https://newsvidex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 10:28:52 GMT
Server: nginx/1.4.6 (Ubuntu)
P3P: CP="KIOSKED"
Access-Control-Allow-Origin: https://newsvidex.com
Content-Type: image/png; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 95
Expires: 0

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 0F74 0
310 B 26ms
24ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnewsvidex.com&pubid=0aa5f97c-34d0-438e-a448-1fd311575d67
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 07:03:21 GMT
via: 1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 12330
x-cache: Hit from cloudfront
access-control-allow-origin: https://newsvidex.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: vCYoB_as4QXkBxTC9PxQO_NPdrKwoNNYs0z35bbrHRiwlo1CyZLGAg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 0F74 6 KB
3 KB 66ms
21ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
date: Tue, 15 Aug 2023 03:11:49 GMT
x-amz-cf-pop: FRA56-P6
age: 26223
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: gvLcXoeNXdDL7D-Qjg2qrLBok_9kQrUto3DAzpQTlKQ9NsRW_48hgw==

GET
H2

200

sid Show response
mug.criteo.com/ Frame A718
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=newsvidex.com&sn=ChromeSyncframe&so=0&topUrl=newsvidex.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=GHtEtXxHVEFEcDBBRktHdjNLNVd5SHdTTHBaV292YmNBVW92Mk4rMFFhb2xMaGZ6UDlCaWxQY080M1hxaHJVMENQRStPYzZDSTRORlBWTGFCUHFvRWlmTlZGajc0cnV4ZFdoYk1UeVpzaHIrWWg4bE43bTZFbjE5aHd2RV...

431 B
655 B

125ms
36ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=GHtEtXxHVEFEcDBBRktHdjNLNVd5SHdTTHBaV292YmNBVW92Mk4rMFFhb2xMaGZ6UDlCaWxQY080M1hxaHJVMENQRStPYzZDSTRORlBWTGFCUHFvRWlmTlZGajc0cnV4ZFdoYk1UeVpzaHIrWWg4bE43bTZFbjE5aHd2RVJDZkI5RG04b28rY0t4TFZpU1R1TEF5SjAvdkdUNEFpZjJCZmowNThad0JDWnhpdWhPQm9XbHYvSDVGUzEwMWpxT2lkYlNmbEpuZitWWTk1WFA5OFJPM0lHdGRicndNUFB6YkV4VWQ1OXRXcUN6RmFqRWRLd3VqZWlKTS9DRDVINnVOQ2g4TEs4bjFSM3lFRlZYK2VxZ2JRaG9uTlU2UT09fA&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

25f4c396468d408a71ef0916d7f25c010987ce9c8694fb13e4317bfed8b32e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5009556
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:51 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=GHtEtXxHVEFEcDBBRktHdjNLNVd5SHdTTHBaV292YmNBVW92Mk4rMFFhb2xMaGZ6UDlCaWxQY080M1hxaHJVMENQRStPYzZDSTRORlBWTGFCUHFvRWlmTlZGajc0cnV4ZFdoYk1UeVpzaHIrWWg4bE43bTZFbjE5aHd2RVJDZkI5RG04b28rY0t4TFZpU1R1TEF5SjAvdkdUNEFpZjJCZmowNThad0JDWnhpdWhPQm9XbHYvSDVGUzEwMWpxT2lkYlNmbEpuZitWWTk1WFA5OFJPM0lHdGRicndNUFB6YkV4VWQ1OXRXcUN6RmFqRWRLd3VqZWlKTS9DRDVINnVOQ2g4TEs4bjFSM3lFRlZYK2VxZ2JRaG9uTlU2UT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 255029
content-length: 0
expires: 0

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%220aa5f97c-34d0-438e-a448-1fd311575d67%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar... Show response
aax.amazon-adsystem.com/x/px/p/PH/ Frame 0F74 43 B
417 B 136ms
50ms Fetch
image/gif 52.222.239.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%220aa5f97c-34d0-438e-a448-1fd311575d67%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidError%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fnewsvidex.com%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.239.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-239-116.fra56.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P4
x-amz-rid: Y6PSMT23WRKJ12B38ZKT
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: -Jx5BAEwyaYEYELDivfP11PKLzCc4Ywjaqbb_KZ28HJfdmw3Z68TTg==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 0F74 23 B
461 B 143ms
64ms XHR
text/javascript 52.222.239.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnewsvidex.com%2F&pid=EguN8NBS4giyI&cb=0&ws=728x90&v=23.725.1446&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-01h7wbvf2cwbh695j2a97dnyxn-z2d89e6701bc52f168f127cec1d00b99c-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F208190592%2C22733957189%2Fda%2F12353%2FDA_newsvidex.com_inscreen_desktop_728x90%22%7D%5D&schain=1.0%2C1!kiosked.com%2C12353%2C1%2C%2C%2C&pubid=0aa5f97c-34d0-438e-a448-1fd311575d67&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.239.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-239-116.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:52 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P4
x-amz-rid: RCX3KX7630V3RRNHM59P
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://newsvidex.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: RA038O8HqP92i5RORJCm0m3nhE4f0wnqmd1WvRz9iHOWt3pgkBL4FA==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 121ms
73ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308100101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

071a1a692b351fcf6b1f05c964d06c1c4dc2ccba265b4a94f80f2fbfed393a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11760
x-xss-protection: 0

GET
H2 200 container.html Show response
0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 05EC 6 KB
3 KB 22ms
20ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsvidex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 10:28:51 GMT
expires: Wed, 14 Aug 2024 10:28:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C8C4 624 B
827 B 115ms
61ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRCtuLuWAxjVwI_zATAB&v=APEucNV2VBpLO3sGCK3wxtuFYY58zJLgr79ss9OeKRraYe9_HqerL-moqXYLRjN___eBIq8j59wOvn9d2bCOfTFzDxwnDKRWz9VT8mFqQxuuD1zfN3ILeH3TfrlQ7v9IlKjj1hCelcJjkYEHMhAPmngF-aTQuCOm1h1CQlC1z8dInA-z0VuvJl0

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 10:28:52 GMT
expires: Tue, 15 Aug 2023 10:28:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 05EC 86 KB
30 KB 132ms
81ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 10:28:52 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 05EC 42 B
110 B 173ms
122ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DFxMAJhiLvPjj9-eGz6VrpAk224xkdz0FknmGRvQnE9jcPDUcjRFhNaKhaYAyzKtx1g_UFqcYegM21NC7fF3Hs-bvnpceypMJuzgEqYHQIKb7_fOI

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 05EC 0
121 B 172ms
122ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=211577310376958625&x=1&ct=76

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 05EC 3 KB
1 KB 69ms
21ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:16:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:16:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 05EC 20 KB
8 KB 67ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:16:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7957
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:16:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 05EC 180 KB
57 KB 85ms
33ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 10:28:52 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 10:28:52 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 218C 0
176 B 98ms
37ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newsvidex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Tue, 15 Aug 2023 10:28:52 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0F74 20 KB
9 KB 571ms
571ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2615014209965235&correlator=315306257538819&eid=31072020%2C31076769%2C31076943%2C31068367%2C31070233&output=ldjh&gdfp_req=1&vrg=202308080102&ptt=17&impl=fifs&npa=1&iu_parts=208190592%3A22733957189%2Cda%2C12353%2CDA_newsvidex.com_inscreen_desktop_728x90&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=1&didk=1789885607&sfv=1-0-40&eri=5&sc=1&cookie=ID%3D00dcb5d83e37f814%3AT%3D1692095331%3ART%3D1692095331%3AS%3DALNI_MbjCU3S5yn5TbuEdI5kK1VteIvr5A&gpic=UID%3D00000c86d491cabb%3AT%3D1692095331%3ART%3D1692095331%3AS%3DALNI_MYY2Pi2yoeFvVXJadvU3XxZgKn-BA&abxe=1&dt=1692095332188&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=ag5tpebmienv&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fnewsvidex.com%2F&top=newsvidex.com&frm=23&vis=1&psz=728x90&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1511824296.1692095332&ga_sid=1692095332&ga_hid=1567629345&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYlPr2xZ8xSABSAghkEhkKCnB1YmNpZC5vcmcY3vv2xZ8xSABSAghqEhcKCHJ0YmhvdXNlGO_79sWfMUgAUgIIahIZCgp1aWRhcGkuY29tGJT69sWfMUgAUgIIZBIUCgVvcGVueBiU-vbFnzFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YlPr2xZ8xSABSAghkEhsKDGlkNS1zeW5jLmNvbRjS_PbFnzFIAFICCGo.&dlt=1692095331786&idt=203&prev_scp=hb_pb_kiosked%3D0.01%26hb_size_kiosked%3D728x90%26hb_plctype_kiosked%3Din-screen%26hb_medver_kiosked%3D1%26hb_device_kiosked%3Ddesktop%26hb_outcome_kiosked%3Df%26personalization%3Dnon-personalized%26data-proc-restricted%3Dunrestricted%26amznbid%3D2%26amznp%3D2&cust_params=amznbid%3D0%26amznp%3D0&adks=1243402238

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js?cb=31076943

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59f20a3efda076a98cc6c12c39229ec1cb2ddb13d500badbafaa841dd5f25f89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9369
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newsvidex.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0F74 15 KB
11 KB 73ms
72ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308080102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js?cb=31076943

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35a108cc6447cce609282afe9f42c0f0f1a8371b6f3bcb73dd9d877b27c1ed58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11669
x-xss-protection: 0

GET
H2 200 container.html Show response
4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5FF5 6 KB
3 KB 72ms
26ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js?cb=31076943

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsvidex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 10:28:52 GMT
expires: Wed, 14 Aug 2024 10:28:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C8C4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC2Na4KbLDIwuyLBsF7s_WE&google_cver=1

43 B
766 B

37ms
19ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC2Na4KbLDIwuyLBsF7s_WE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRCtuLuWAxjVwI_zATAB&v=APEucNV2VBpLO3sGCK3wxtuFYY58zJLgr79ss9OeKRraYe9_HqerL-moqXYLRjN___eBIq8j59wOvn9d2bCOfTFzDxwnDKRWz9VT8mFqQxuuD1zfN3ILeH3TfrlQ7v9IlKjj1hCelcJjkYEHMhAPmngF-aTQuCOm1h1CQlC1z8dInA-z0VuvJl0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 10:28:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC2Na4KbLDIwuyLBsF7s_WE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C8C4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNtTZOrjm7PLALKB1.yTNQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC2Na4KbLDIwuyLBsF7s_WE&google_cver=1&google_hm=2

43 B
766 B

19ms
18ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC2Na4KbLDIwuyLBsF7s_WE&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRCtuLuWAxjVwI_zATAB&v=APEucNV2VBpLO3sGCK3wxtuFYY58zJLgr79ss9OeKRraYe9_HqerL-moqXYLRjN___eBIq8j59wOvn9d2bCOfTFzDxwnDKRWz9VT8mFqQxuuD1zfN3ILeH3TfrlQ7v9IlKjj1hCelcJjkYEHMhAPmngF-aTQuCOm1h1CQlC1z8dInA-z0VuvJl0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 10:28:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC2Na4KbLDIwuyLBsF7s_WE&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame C8C4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEE57nlwdaUVrSB8aXO5VmbA&google_cver=1

43 B
841 B

27ms
27ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEE57nlwdaUVrSB8aXO5VmbA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDdGRCtuLuWAxjVwI_zATAB&v=APEucNV2VBpLO3sGCK3wxtuFYY58zJLgr79ss9OeKRraYe9_HqerL-moqXYLRjN___eBIq8j59wOvn9d2bCOfTFzDxwnDKRWz9VT8mFqQxuuD1zfN3ILeH3TfrlQ7v9IlKjj1hCelcJjkYEHMhAPmngF-aTQuCOm1h1CQlC1z8dInA-z0VuvJl0

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
an-x-request-uuid: fce2f09f-67fd-40ed-9d2f-79d60864cde0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.29; 217.114.218.29; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEE57nlwdaUVrSB8aXO5VmbA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C8C4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcxNjEzNTg4Njg5MzU2MjI0OA%3D%3D

170 B
243 B

32ms
31ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcxNjEzNTg4Njg5MzU2MjI0OA%3D%3D

Requested by

Protocol

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
an-x-request-uuid: 97e50836-112c-4396-967a-44d35431d5a7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcxNjEzNTg4Njg5MzU2MjI0OA%3D%3D
x-proxy-origin: 217.114.218.29; 217.114.218.29; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 648D 13 KB
5 KB 20ms
18ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsvidex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 08:52:08 GMT
expires: Wed, 14 Aug 2024 08:52:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0A45 831 B
938 B 33ms
32ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

327b8d4fd0cf37311dec0a709e5afdc892e29a047e879671b7b9191ca313fe27

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FUHqTeEVzvjuGo-jA4ib5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsvidex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 533
content-security-policy: script-src 'report-sample' 'nonce-FUHqTeEVzvjuGo-jA4ib5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 10:28:52 GMT
expires: Tue, 15 Aug 2023 10:28:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 05EC 0
56 B 193ms
191ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6596079223734&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 05EC 0
56 B 189ms
188ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6596079223734&version=m202307240101&ct=76&x=1&cor=211577310376958620

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 05EC 89 KB
37 KB 145ms
145ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CnNVFgVR_EvXPI4pxU5X7YwMyFXNL0iff4G0uVQWNo5-Vu1C3L1lJ1-uG2KRxczIFb_eAjNU4NWoTUPB_DaxH9u8W7Q3aw3Mk0Lf6QGFFUdrgARWNxai46G2emmdiCECuvxz4w8qnjKtTOFEzfQZvKKf3_1WC3W9VvRfA5TW0cmPielJg&dbm_d=AKAmf-BarIthXFto2_n62Ukw-KfnV3E3jSEYnGaHQJqxTIn85ItIt_9FA_IYPFo4VJtj2l6j4DA6huv9juRfNq8ck9R_FFK8qsCrEWA3UJ2YUkbALJqt-OHXf7tRzP9O8AgGG5tx2aPPK-i8tLsmBAwyqRa_e8BDE_bweWeRcnNh0z3NhiRZUWSCc07KiZzVcG8zLAAwMF7RV4bP8Rt3PkKeJIJAGiFiMPlbYxis8euz861d32VbP1SG9IH0FgM-pHT2XTGiRaXnm7MXGl2v11bAMV5Qcld9cJ0jAQ2kmd2q3DkmZ8zLJBOMv_uGZ17FS0xwjxRTlQUzkq_53qRpVlDP4jNOOHyQ3Ylc-uVIqEKdZbiBgvTlAqceIags7X7F1ZQUsMpm_PT1uSXsCBIxaRKALLg2yLzYNNO_iV9A9V3x1APWX5ja_VcCsjXLpvItcLQIaMrNLlMRpMBMg5bR3nYMVc4Id8uHVnowtLOLWjrlFF20MvXNg55ZtYY5RDYZ1INCP6XjbOG6ESQKRiPphHsZQtxF0EAkOA3kfB6fJQhnniHTq3wo2NRseztd_86K2ziwGM7mKZlSowABskvqaXCB6r-vRkgHSqpDOAfoIrr6zE0Ji_gTftq8JcgBxKVELq4SkhcT32YVvgHNrLY-b8KlPVy_aeuRPuZsL1GXciF6bcUA5cx_3K0uj4qHdJsvCM1V0CfqadxZbHtjDivRDwcjow04ID8eoV2H50Cd1s7_pk0PMzGyIAWf-omGHFCVCSjm2xcynH0RHSxBeWJBZCNxtG_tj1ZX-JwzIcyaBr6NXX5nX3dqAN0OukJAWwBzY-YGu6w4VGocYoUSjNXLBRVJi3h_YcT1gFsJBYsmN2CZnBoWMfvjDrAUuG3SVweu0kJH_jXnXyxLc81avHZ5hWeM9qqVr9w8f5eYLmfSAt3JTayfKj1XjNFYdbTyXKiBw4nvcTPhcAdrgqpq-LykXS6bJOUGRDEa6CYY8GuaAd5omZ1t9DXtUCvhUQ5gfs8RbCpDzQyA6UXNjoH8-_NUxW86E7Zm1Jwtb4a_E91XAOro76Fke8NRuVJVTVuaHxJRjMnD6_xYPqEXu0TcA18WhuaDMyvbeqVAjmOMkK2pORoZmjVc4dUsvtP0RbDuR9YGDOG18vH_25a9Q1pc1JmrlgIieCGIjb-NP4meg8g3_rt74v-fVt86SfaKhbCzycAAKG5qumQ1qxfR29SCCCRL80V-MDPFphxoVvMo7a-D-uDy2EkF-_GG_BEym92On0SdfpDeRS6NLKQMiMNILY40Xnz-0LfxPwvSjuvIkvlVOzQTEAl7P1JX0YMlGGLCXQDLIHSJ-CnNZW7rdYRVVMp5yyr4rqHe6Cm7PxV4sqWKpEPrwFF1sQnx4R8yHAMoSewruP4ulGNeakMPKTx-PQKE6hIqW6QDax6zEGy0pG-y_5v2yvs5ogRDwnqByZEAC8FDHaGURFsrGP6pDexk35K1vJ9IS45DVJZdZWOYPY0zsGxCEPaY6_iiv_4XgL0mtdQ01-UdHRB3wrawsVvzpNuWJjp5AhkYdgR_FKHrp0GBf6RnLgpgQDYwvsO-RdZ1hOP2Sv1kv7h17ApCNBgFzSdwO_3h0YX-VSN6FavmUNP0oQx4lyBEq0mpmEpDoFtKQihDZkD87QNv7s1uCXY9tbdSjgbZPrcijoIYq0zA-ZsvB_UoImu78J-zDtjHW5gmLA6STXVMSXXozmXrHP0qnM8QSmLkgnjAv_ZeVWKj3QrXbLoHh6hh2uhCZzoKr26YDyl6tnzaGJHGTlY15p6lxGOM5_XFdCCZELZMTkMkNbiEtFxQGun6pTs-3mGTGbEatsagLv_TcpghEXpqH31ZP6y_IYSAVVXDjanu3bbxsJ5Eu0FiX33-mJiPZsJDqZfsxPCIIRO7EWMUtOt0mx4P4Y7LciWWxVjyDVaHapBhi9DTnLfCiIy-efQts_6_toU7rVvt4WqUhDQwVe-bVIzOVqKRceNoSbOJFEZYAMzix4-AaQnLurMdIUgF5jJAd3rEX0YN4Zm74bOLC2VxX5DJp6g6qW9l6D2fs8IbIpTSF1S3FphagGZArc_rDexlpaTPVSLXZvFauwnzPjt1IkRurr1dOLXZLq-75p0wZ2j5grV_lXfmrs8jgzvZVmRug3Qwkkgp0oWtxbR6PW6NV0A_rO0R2-5eFcx6lHiQ0be7bTPVn11AJpRI7l9gi7zQtlcmK_0ac__ARJ80nCg5vOJpW_yI2uFKzlslcX-B8pXUFHo-H77Y7hQc-yVJFF_LXPoIgnIv3aQ3g8GFebXHnbJP67zfQoDntHIIKevB4H6JxvFjLn6QPclZWGvf1IMCG5BgX_YJwsouCcqI0G6-kApe6-776YZvm6da_W4646YK-96sdbYahNdUP_7xHSNFSmG2iBHjmI1g6ulSw-SfPS2VFYKU5-TFOYNbGr7DuFLnL0bJ_fR1nw6MkGMsV2UpDXwRMs2OH6hpj2JM8sgQMT07e5IKjkJfqmEEPLKRfBr9q0DEPER-V0-ZBy1LbaFSRwQ4kAOJps5WTCassJc5jlxWElEO6kZsXFuSukCZBnIjAu2OwQMklS8Qgw6bDDIVMR36TeXNPg_Xp-6NHOE1f1e2Q2uyM7gdQMVWvO11_4DIMjbWQ8GBWIrL2YoDGVtkU5lTmbKdmx-pautDfOLh--aTLHy7vkPOGEuDmWTQ69hYuvfl4nYEG_GkjjJDDrnI_kS1QDuJMiUxQnBRAKDkoPjegmjyXeeXrjx2DDW0ApnnudQEWrqsy2TRRlvEwTIPR0vFqz1PjCDKKGugVw3tYd3j66sF-mpzfsOPCOkfyu7EN5k2-d7k6yZPyM7seKpykCEufqYmTir2uDysCn9bo8tNelG_BgBYWc1_IDFFPkRBRtFrxTN7V4_rdha0bI1b4F26M1ngdVItI9QxJJPr8dtXknXLa-V41BQKQpNMfn5reMm2a3dQUPGbr6kdZoi36AgTzjyTrUXPgAkvRlkRF47RQxc-Pc0GsDboMPneHjGniCn9pigoO55S2QDsj8Oj5liHVQ5lJUxXhWA6Z3VCKRwbTS2fwLjIdKDjwVKeEJxnaVlT-M_JQFpd37blkNsiEwSNyb1zxAIZkrz63ZwuKKsZr2Aw33f3ufahHE_b7yVAzcKu1oN0aSgiQIeYNLvZxtWBjFGe7YwIqQCVSrunBc3Xgm8Knsgq4hK4EAcpjYfVPBQJGe4JvxEdki1Qzxhf5wrlEx2MT2NkCiJko6My6H-5WIWta4ZQ0kZnus1BsrmgEKX2CdetU7YpiVq6EtBC2jSXPjGgjgRpUDkYcDbeeA6Zcfxua59qiOveFCokIqaGM3ofK81YsXKamhTTX9kD8vZFBEhxKKv2WxTbpLnoMhqyFxUxI_UBMwS1lSNxiLpPvAPP2jBodQP2ixzhGqUJH0-YiEmC_Zw00smotEnMETp0DcWEq2bsQnZCXvRk4931PV5SZ8gXwVByvKPsLJbDjKqT_G0TiFjidY0d7fvn6VAqJYnfbrdnEy2G13cw9yOKaZMkM3z-H9jTf5OrvpvTswdfa7iQb4_W2pvJN5Mvx5zB7eAdhdmG3Pk-MrbEb-ZVkHxN1bWEuTS2zAggn4BmZqZ2jRSPpiJHV1BW43TsGhFCitpCQ5--9p97k-Qwb0R2ptjMVpJNDtwlXw9526NysDB62fyVcGfFa9d5UE3VtNvKRyoPxNLr2lmau-qLlQ&cid=CAQSTABpAlJWXfq5Axz46UNGRqGN5bRAWsMi8lE77z8wixuT5MQSJof2QG3e6VO6ydm9dcodeGqwD4tSIPVziVcwPnAGG79rIcMv26blKhgYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fnewsvidex.com%2F&ds=l&xdt=1&iif=1&cor=211577310376958620&adk=250412560&idt=169&cac=0&dtd=28

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ec390175d170ecdc54a60a8a0816ef240b0af875fbd32611ac15bb8375e3cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37937
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0F74 17 KB
6 KB 126ms
126ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js?cb=31076943

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 10:28:52 GMT

GET
H3 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame 648D 37 KB
14 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 08:52:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0A45 0
0 183ms
182ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308100101&jk=3889811211081171&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3FCA 13 KB
5 KB 23ms
18ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsvidex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 08:52:08 GMT
expires: Wed, 14 Aug 2024 08:52:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 71E9 831 B
556 B 29ms
27ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f933b32b5f78fa23efb9facccf12ae09be764fc115f6c464996cb095a5a45cca

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G5VvZ8ru6TRg2AQI4o3caA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newsvidex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 534
content-security-policy: script-src 'report-sample' 'nonce-G5VvZ8ru6TRg2AQI4o3caA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 10:28:52 GMT
expires: Tue, 15 Aug 2023 10:28:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3223 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsvidex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 10:28:51 GMT
expires: Wed, 14 Aug 2024 10:28:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 05EC 172 KB
61 KB 64ms
18ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
Origin: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 09:29:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3590
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Aug 2023 09:29:02 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/ Frame 05EC 11 KB
4 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CnNVFgVR_EvXPI4pxU5X7YwMyFXNL0iff4G0uVQWNo5-Vu1C3L1lJ1-uG2KRxczIFb_eAjNU4NWoTUPB_DaxH9u8W7Q3aw3Mk0Lf6QGFFUdrgARWNxai46G2emmdiCECuvxz4w8qnjKtTOFEzfQZvKKf3_1WC3W9VvRfA5TW0cmPielJg&dbm_d=AKAmf-BarIthXFto2_n62Ukw-KfnV3E3jSEYnGaHQJqxTIn85ItIt_9FA_IYPFo4VJtj2l6j4DA6huv9juRfNq8ck9R_FFK8qsCrEWA3UJ2YUkbALJqt-OHXf7tRzP9O8AgGG5tx2aPPK-i8tLsmBAwyqRa_e8BDE_bweWeRcnNh0z3NhiRZUWSCc07KiZzVcG8zLAAwMF7RV4bP8Rt3PkKeJIJAGiFiMPlbYxis8euz861d32VbP1SG9IH0FgM-pHT2XTGiRaXnm7MXGl2v11bAMV5Qcld9cJ0jAQ2kmd2q3DkmZ8zLJBOMv_uGZ17FS0xwjxRTlQUzkq_53qRpVlDP4jNOOHyQ3Ylc-uVIqEKdZbiBgvTlAqceIags7X7F1ZQUsMpm_PT1uSXsCBIxaRKALLg2yLzYNNO_iV9A9V3x1APWX5ja_VcCsjXLpvItcLQIaMrNLlMRpMBMg5bR3nYMVc4Id8uHVnowtLOLWjrlFF20MvXNg55ZtYY5RDYZ1INCP6XjbOG6ESQKRiPphHsZQtxF0EAkOA3kfB6fJQhnniHTq3wo2NRseztd_86K2ziwGM7mKZlSowABskvqaXCB6r-vRkgHSqpDOAfoIrr6zE0Ji_gTftq8JcgBxKVELq4SkhcT32YVvgHNrLY-b8KlPVy_aeuRPuZsL1GXciF6bcUA5cx_3K0uj4qHdJsvCM1V0CfqadxZbHtjDivRDwcjow04ID8eoV2H50Cd1s7_pk0PMzGyIAWf-omGHFCVCSjm2xcynH0RHSxBeWJBZCNxtG_tj1ZX-JwzIcyaBr6NXX5nX3dqAN0OukJAWwBzY-YGu6w4VGocYoUSjNXLBRVJi3h_YcT1gFsJBYsmN2CZnBoWMfvjDrAUuG3SVweu0kJH_jXnXyxLc81avHZ5hWeM9qqVr9w8f5eYLmfSAt3JTayfKj1XjNFYdbTyXKiBw4nvcTPhcAdrgqpq-LykXS6bJOUGRDEa6CYY8GuaAd5omZ1t9DXtUCvhUQ5gfs8RbCpDzQyA6UXNjoH8-_NUxW86E7Zm1Jwtb4a_E91XAOro76Fke8NRuVJVTVuaHxJRjMnD6_xYPqEXu0TcA18WhuaDMyvbeqVAjmOMkK2pORoZmjVc4dUsvtP0RbDuR9YGDOG18vH_25a9Q1pc1JmrlgIieCGIjb-NP4meg8g3_rt74v-fVt86SfaKhbCzycAAKG5qumQ1qxfR29SCCCRL80V-MDPFphxoVvMo7a-D-uDy2EkF-_GG_BEym92On0SdfpDeRS6NLKQMiMNILY40Xnz-0LfxPwvSjuvIkvlVOzQTEAl7P1JX0YMlGGLCXQDLIHSJ-CnNZW7rdYRVVMp5yyr4rqHe6Cm7PxV4sqWKpEPrwFF1sQnx4R8yHAMoSewruP4ulGNeakMPKTx-PQKE6hIqW6QDax6zEGy0pG-y_5v2yvs5ogRDwnqByZEAC8FDHaGURFsrGP6pDexk35K1vJ9IS45DVJZdZWOYPY0zsGxCEPaY6_iiv_4XgL0mtdQ01-UdHRB3wrawsVvzpNuWJjp5AhkYdgR_FKHrp0GBf6RnLgpgQDYwvsO-RdZ1hOP2Sv1kv7h17ApCNBgFzSdwO_3h0YX-VSN6FavmUNP0oQx4lyBEq0mpmEpDoFtKQihDZkD87QNv7s1uCXY9tbdSjgbZPrcijoIYq0zA-ZsvB_UoImu78J-zDtjHW5gmLA6STXVMSXXozmXrHP0qnM8QSmLkgnjAv_ZeVWKj3QrXbLoHh6hh2uhCZzoKr26YDyl6tnzaGJHGTlY15p6lxGOM5_XFdCCZELZMTkMkNbiEtFxQGun6pTs-3mGTGbEatsagLv_TcpghEXpqH31ZP6y_IYSAVVXDjanu3bbxsJ5Eu0FiX33-mJiPZsJDqZfsxPCIIRO7EWMUtOt0mx4P4Y7LciWWxVjyDVaHapBhi9DTnLfCiIy-efQts_6_toU7rVvt4WqUhDQwVe-bVIzOVqKRceNoSbOJFEZYAMzix4-AaQnLurMdIUgF5jJAd3rEX0YN4Zm74bOLC2VxX5DJp6g6qW9l6D2fs8IbIpTSF1S3FphagGZArc_rDexlpaTPVSLXZvFauwnzPjt1IkRurr1dOLXZLq-75p0wZ2j5grV_lXfmrs8jgzvZVmRug3Qwkkgp0oWtxbR6PW6NV0A_rO0R2-5eFcx6lHiQ0be7bTPVn11AJpRI7l9gi7zQtlcmK_0ac__ARJ80nCg5vOJpW_yI2uFKzlslcX-B8pXUFHo-H77Y7hQc-yVJFF_LXPoIgnIv3aQ3g8GFebXHnbJP67zfQoDntHIIKevB4H6JxvFjLn6QPclZWGvf1IMCG5BgX_YJwsouCcqI0G6-kApe6-776YZvm6da_W4646YK-96sdbYahNdUP_7xHSNFSmG2iBHjmI1g6ulSw-SfPS2VFYKU5-TFOYNbGr7DuFLnL0bJ_fR1nw6MkGMsV2UpDXwRMs2OH6hpj2JM8sgQMT07e5IKjkJfqmEEPLKRfBr9q0DEPER-V0-ZBy1LbaFSRwQ4kAOJps5WTCassJc5jlxWElEO6kZsXFuSukCZBnIjAu2OwQMklS8Qgw6bDDIVMR36TeXNPg_Xp-6NHOE1f1e2Q2uyM7gdQMVWvO11_4DIMjbWQ8GBWIrL2YoDGVtkU5lTmbKdmx-pautDfOLh--aTLHy7vkPOGEuDmWTQ69hYuvfl4nYEG_GkjjJDDrnI_kS1QDuJMiUxQnBRAKDkoPjegmjyXeeXrjx2DDW0ApnnudQEWrqsy2TRRlvEwTIPR0vFqz1PjCDKKGugVw3tYd3j66sF-mpzfsOPCOkfyu7EN5k2-d7k6yZPyM7seKpykCEufqYmTir2uDysCn9bo8tNelG_BgBYWc1_IDFFPkRBRtFrxTN7V4_rdha0bI1b4F26M1ngdVItI9QxJJPr8dtXknXLa-V41BQKQpNMfn5reMm2a3dQUPGbr6kdZoi36AgTzjyTrUXPgAkvRlkRF47RQxc-Pc0GsDboMPneHjGniCn9pigoO55S2QDsj8Oj5liHVQ5lJUxXhWA6Z3VCKRwbTS2fwLjIdKDjwVKeEJxnaVlT-M_JQFpd37blkNsiEwSNyb1zxAIZkrz63ZwuKKsZr2Aw33f3ufahHE_b7yVAzcKu1oN0aSgiQIeYNLvZxtWBjFGe7YwIqQCVSrunBc3Xgm8Knsgq4hK4EAcpjYfVPBQJGe4JvxEdki1Qzxhf5wrlEx2MT2NkCiJko6My6H-5WIWta4ZQ0kZnus1BsrmgEKX2CdetU7YpiVq6EtBC2jSXPjGgjgRpUDkYcDbeeA6Zcfxua59qiOveFCokIqaGM3ofK81YsXKamhTTX9kD8vZFBEhxKKv2WxTbpLnoMhqyFxUxI_UBMwS1lSNxiLpPvAPP2jBodQP2ixzhGqUJH0-YiEmC_Zw00smotEnMETp0DcWEq2bsQnZCXvRk4931PV5SZ8gXwVByvKPsLJbDjKqT_G0TiFjidY0d7fvn6VAqJYnfbrdnEy2G13cw9yOKaZMkM3z-H9jTf5OrvpvTswdfa7iQb4_W2pvJN5Mvx5zB7eAdhdmG3Pk-MrbEb-ZVkHxN1bWEuTS2zAggn4BmZqZ2jRSPpiJHV1BW43TsGhFCitpCQ5--9p97k-Qwb0R2ptjMVpJNDtwlXw9526NysDB62fyVcGfFa9d5UE3VtNvKRyoPxNLr2lmau-qLlQ&cid=CAQSTABpAlJWXfq5Axz46UNGRqGN5bRAWsMi8lE77z8wixuT5MQSJof2QG3e6VO6ydm9dcodeGqwD4tSIPVziVcwPnAGG79rIcMv26blKhgYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fnewsvidex.com%2F&ds=l&xdt=1&iif=1&cor=211577310376958620&adk=250412560&idt=169&cac=0&dtd=28

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:39:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:39:48 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame 05EC 30 KB
11 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d44eef42468aa9860e7e4d534a143260ab1d102607635a2f30483d0c039686f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:39:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11540
x-xss-protection: 0
server: cafe
etag: 10407724091878522853
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:39:48 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 05EC 41 KB
13 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 18:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Aug 2024 18:14:40 GMT

GET
DATA 200
OK truncated
/ Frame 05EC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 516f44a87a093ebee25ce5e3baec74b4044cb8e89fe52de19b4316a51d717c46

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CAA8 624 B
245 B 59ms
58ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJ7or-kBMAE&v=APEucNV-xp8jVy-TOZxcM8vFexxAjedNPniEGRND1V1TEnhIyHhe_ImMrjSzAQdiA6sIGqqqyIXk0sfs0x5nU9_qdT-rd-jeHZF7jUMJtuy_h_CID4a6LzwOrJLPxf6p8byQ07wr8c0LFN4yjfjh7ib2ZyVy_oKuPCIrokay75D1FQe0si0XLJw

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 10:28:52 GMT
expires: Tue, 15 Aug 2023 10:28:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3223 86 KB
29 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 10:28:52 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3223 42 B
63 B 118ms
117ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ATfwj0HqXkJcB47fwWk2GRgr4fw5f2UfK_lZ_RC9MLYlHDeeLL200Y1gqc9VeYCwcPSrjmTk0EbU7kQAKF5pjTl33qYxBQ0dJOBvtPgXiWQ4Hc608

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3223 0
20 B 118ms
117ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3338450261400651490&x=1&ct=76

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 3223 3 KB
1 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:16:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:16:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 3223 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:16:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7957
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:16:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3223 180 KB
56 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 10:28:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 71E9 0
0 118ms
118ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308080102&jk=2615014209965235&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 091A 22 KB
8 KB 19ms
19ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 128921
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 22:40:11 GMT
expires: Mon, 12 Aug 2024 22:40:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3FCA 37 KB
14 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 08:52:09 GMT

GET
H3 200 de-DE_2023_07_Back_to_school_300x250.html Show response
s0.2mdn.net/sadbundle/18437164533219852288/ Frame 9286 2 KB
900 B 83ms
29ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d60b0b7de3c1658a98786988291357b961be9c02db341bd24036e5194962638

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 872
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 10:28:52 GMT
expires: Wed, 14 Aug 2024 10:28:52 GMT
last-modified: Fri, 28 Jul 2023 11:22:10 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 05EC 0
0 148ms
66ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuafCt20oD24IxhDYiX-qBd71gultKhGg6QVAPs-LdAFqdILEAHtdO6Y026b4YKSZHYM4B6ZS4_o69EvxdyybJp5g5UblrjE8KkuKVGg8l2nB0Gh3iL81SH6kuW5bXCKIS6zF9wVnpgEB5W05UW7wO3UwppDHb4_2tkrPbxFZ-cblzqSs6fKb-vml1ZrBE8BULjJumc9KG5GXn_8iVtF3AVggvHHBkrdnY9UHcQ4o4y5liLdvdHccFvaNXGAkyXGkkIHYfIW5L2ZAK-aF9Q75SslCKr3X8MDuAOGk_MaRRZRO_YWC_1ikI5j3JlsiSVrioLXry1aJ9GRPIuFzNtOTsFK5Pgm6ATgKORYjyvG0Pm7flMdNV-XhR5lk_JV_aqcpivibyD4xCh-f2rx0PaoETg5Y8AZJX-58gYNG2UaBjlNqxDzKOl7n2VBD3URWd7m5sjLXPNU0Uf5K-NB-lKmcy_FN5BKB8kgejg_i1qO1vrxign5_wDVOVOC8l0cQifsfzIsMLlrpJ5_WIFFjCp7Q7fEfjzEUluvM_ld_6YaD3mnZZqjQb5-AFqEqBwzlJZerZIa2VEfwa1_knTMGfsNlqBksGa4ylxMFghgI8xIWYrLaPJFjKIKShj7U-kwVEi4ge_nyRaYb5mDope81nqnOArqOQatE8YS-r9oT31WOJ60T8BhRf90yGoMWQsl2KN5JuePHfMlpVaH5SttLDIXVZHFHOWBJQhSyIjbiMd1lwxVNTqQhnJ1c5JkASqzgFrXRWgxRmHUKhW_NBtVaSPzRolQD9kFJLjTOwTlVqnImJkz_NUyO7xNGla8JpPFyed2IOmO5znXp62HPnhfuWs8-R_xtmk7MYF7llSkz-tChDLvFzfwI-QDdKDy0OhxkhjeKzVsKiavHMKQ-o37fL5Yiswpbv5WHKko1PZwqFhHoVGdeg3kgVWxgioYWp_WVRFv3hdFXYUc9mbhXnxNt6hxciQgiMzCrprDwgX6veGNiE0jYC8_l4lGnb0_3Ua3xwoYkImiktOkK_B9YVjm_Ec5grB_qJGBsy3DS0qRJWlp8Bx6PIwua1UhKDb_TyzLbDt7n4SdnEIBR4QZDyQjAOrHzHvt7064obK9NKzEbVS6VY7FiGH9a9uq_l4snrqVkjSJNVc4fK2hHYsaAEYsnTNh_dtqig-1BEU-C219fg1L7yBEh3s_ve8nsShm5wuAcn6Tm4j8Iv09s_Y_izXNjLvOxyYu1dB1Xq2FO-FIoogqVwilWx61HL1hielMCoRLuDDv4m_UkLFgI9DNFiJCEB8xLEOBMiwRj50&sai=AMfl-YRVLDvj0zoJgjfLIUPphT5fsO-jro3aWG2aIt2WixRhBg5qAfXYlh5Y4kBg79tBDf7jIkyVWgm68vCKoPylzCY58Gw4F9hHXBFOyESua6ZZabkhArNBy_4UZcJCF3ZCJsMsOw65nfGW0DE9ngD1lvFsXmD0nt4qtwu2ODMZMtf4QcG7rsjWvzLKnuyL5n9isFpU1ZZOJpQRYbRkXEVnKDWgNLlhgbyaKmJJG_oFQadKgy_CUcK4XIvAtU1oMwMlq93M-yNLt1tqMaYKccDawA0NAHm0PRvh3aZC&sig=Cg0ArKJSzE4A1BIBZVZXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=153&cbvp=1&cstd=140&cisv=r20230810.53257&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 15 Aug 2023 10:28:52 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 15 Aug 2023 10:28:52 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CAA8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC2Na4KbLDIwuyLBsF7s_WE&google_cver=1

43 B
766 B

19ms
18ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC2Na4KbLDIwuyLBsF7s_WE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJ7or-kBMAE&v=APEucNV-xp8jVy-TOZxcM8vFexxAjedNPniEGRND1V1TEnhIyHhe_ImMrjSzAQdiA6sIGqqqyIXk0sfs0x5nU9_qdT-rd-jeHZF7jUMJtuy_h_CID4a6LzwOrJLPxf6p8byQ07wr8c0LFN4yjfjh7ib2ZyVy_oKuPCIrokay75D1FQe0si0XLJw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 10:28:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC2Na4KbLDIwuyLBsF7s_WE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CAA8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNtTZOrjm7PLALKB1.yTNQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC2Na4KbLDIwuyLBsF7s_WE&google_cver=1&google_hm=2

43 B
766 B

18ms
18ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC2Na4KbLDIwuyLBsF7s_WE&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJ7or-kBMAE&v=APEucNV-xp8jVy-TOZxcM8vFexxAjedNPniEGRND1V1TEnhIyHhe_ImMrjSzAQdiA6sIGqqqyIXk0sfs0x5nU9_qdT-rd-jeHZF7jUMJtuy_h_CID4a6LzwOrJLPxf6p8byQ07wr8c0LFN4yjfjh7ib2ZyVy_oKuPCIrokay75D1FQe0si0XLJw
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 10:28:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC2Na4KbLDIwuyLBsF7s_WE&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame CAA8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEE57nlwdaUVrSB8aXO5VmbA&google_cver=1

43 B
841 B

27ms
27ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEE57nlwdaUVrSB8aXO5VmbA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGJ7or-kBMAE&v=APEucNV-xp8jVy-TOZxcM8vFexxAjedNPniEGRND1V1TEnhIyHhe_ImMrjSzAQdiA6sIGqqqyIXk0sfs0x5nU9_qdT-rd-jeHZF7jUMJtuy_h_CID4a6LzwOrJLPxf6p8byQ07wr8c0LFN4yjfjh7ib2ZyVy_oKuPCIrokay75D1FQe0si0XLJw

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
an-x-request-uuid: bdfc8748-99b8-4c02-89f7-1d1c3315e7f9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.29; 217.114.218.29; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEE57nlwdaUVrSB8aXO5VmbA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CAA8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcxNjEzNTg4Njg5MzU2MjI0OA%3D%3D

170 B
188 B

30ms
29ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcxNjEzNTg4Njg5MzU2MjI0OA%3D%3D

Requested by

Protocol

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
an-x-request-uuid: 7b043642-7089-41b0-8f90-9aea07c7bef2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDcxNjEzNTg4Njg5MzU2MjI0OA%3D%3D
x-proxy-origin: 217.114.218.29; 217.114.218.29; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 648D 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qWkD2A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame 091A 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 08:52:09 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3223 0
20 B 116ms
116ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9176939800139&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3223 0
20 B 118ms
117ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9176939800139&version=m202307240101&ct=76&x=1&cor=3338450261400651300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3223 105 KB
40 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUIZKCJVz5abHFC-GTSIWBf03GgOHxcA3CXt3glgih6aUv3-H5OPnTwuk0cbih9xC8KA1J2O7NdFcswAr8_uKtNHLFG7YgQZsfdyHCzGiA6k9sLhF0QS2zNQJKbLBv7oXaARTnHMjzSl3zgV7XoYpKCIG5lSL5Y0zfI0aY43-_pcM-GhU&dbm_d=AKAmf-CZo0eSefY0sin8stTL0GaUIbVm-yrpXUKCOci57EwXr63aPILwBStgCWqbxIOpav00pRI6HEC-qpR_6tIJwQXQzVxrUszCRSxz2A_VQhwtSG-bqsOSOx3FFArk9q-9x1k27FCFXc1UyM4z3phGR3YiQZK0Nz588ve4nbWvfitWwjhtt9f3HKbmnXIo88ylYB37bZSKUUsi2_s-Le1FQ6RiiTEGMBMpHqMx9An32-8YOCxydqWMeBV1hi4kPXWJG8Puv7OKt2kboRJwD0-V5rjP1s7rbAuYg-rATstGU1hAEFE2xs3KLq2Beec6dPgRBJO-vfC0nZ4mqjbegvVIPz-LUp-iYhl37h3Zk9rsVG5RMoUKrw-i6Ql6bnuOyXPfM8ElWhGp3HgOH_TBau2GR11qK0-Tmwvuj1-wQ6-D-3liqRdY6MJph-E2BXFoH4VrGz2oGN9etTgNQsRoKTSUY0PJMXApcM7gAuca6iYUqXNLWGeLwQBAr2F-imPLlFwcCDQoX-fTAXU3ln3YbhB6PSEo0UCZ0ufsIleTJexA_EOyAaoWLWEqANR_zO7GY82AuH8cXcHDceCuUDsC3OnFVcZQHJ6mlE5-4xHVvXJw0k--xyQnLcRwOaHBn87xP0vN5vEK8J9kUOJXQFoXfnr2deX2T8cK98a2RUMWQ8LZtkkmKq9Q-MX8qAsZ4J3b9rrEqtV5Z3TgEHp0f8qu4ECDKa4qK41k_51WsOGv9dI490Uao8RcxEGlACyJY3PcVqs9z6LH-FZigUiD1UkNawU-QePJ7CTSbI7DnbiLT_S2b4B_9UtSTXZ9O_zONWRKOe8DbZHTZcZwg1kzF3eRn1Z8Lp_b9A4lJUq4lqnUktJ0JFUH8e4riRlWJoSBhnbuQ587cQsTDJWLSOhHD6wMIG4e7uAjSofMm08WCct2Xug7Jk_MeC3-j1MDKoYZzRHjOk3FbUbv6bCg3H87sj4n8luk9Xd8c_e5sHnIEK4z6YdCai3rHEbFr3B1SYUofNBbMsFHaK_OaxFLnZYO5hr7GIHwooLJGZaPNG8jgtfVnWlUkM1OHmye7E5GqKymRcG-whRL9Ru949CHPKwGJ-9-pf5bteUOm1iIuWEGlvydeP5LfO3LcqMGA4ZjsBCTp_3m4M5vXiRTu0eAZCT0dbfrNUsjf3PFv7CZue6DRA-h9T5qsQQdAKeu7j5PpuyuwDQ40HiufknHjMfKrRVdAjsclI2zxjH-fT8vhmdAuWvo0QhGZWL_b5gEoCPuDQQqdTK-95bDCQckjyHPD85YXUihFZPHBNF_MzXyGo_rwQG48g3u9dJEu5JM52nm8HFClYuQFFaY2_8dK4ZQUeTlqN89wJTZXbaSsyNZNGIty5KusUu9thI_IeVxGh2Iyhr0gwcmMDsopHi9NzkffbVvTB5GaZZmFGtRBkbWb4pXj9W6Vkl-T2skvMa8GsLsbAOxLNt2Tdty2Nlzw6QMjfuemlwGbqIAKARWixL0ndcEoi6b8-MFOBTo0G1sMmtsNN48NKmqhlpFfOcqezUrcQzw536-HSlK5q7u6F8z7u_dm3nBQCvpV68stS8sii45a14MoUBjEbG2bX0OFDw96r4bRR29gRtUMZStNuE9peZkxU-tENNfEeZT_4u-pcLjlMG-gXT4_70aY-DCDW2FartG0n2X5z_Ze3iJLK63xqU5qY90O9PXZS-2f9uElCuhVUcoZiKT9bgeFh9Bf57zamtADVZAPqoV3Wq7cZSHviCO9agXrZNwhxtXvGpZUO_xZH6n-7X07CTmZwXxxvMkfcVhhRK1U0LpcDcrhxezfjRh4AzJXaSh0FmckEjAsIubHfH5yCuPql0mPTCAU4uDPrjkKhChrj5d3czNYkYrVZX-AkV6slDqWIDdvUTd1I2TetjPys6UHg5JgN12erMAC2bU6Ai9mnxNeULk1QHPFc7i069QZSKLHT0GbC1e36V0qo8vve4ima7lKmdW_jSr1VruQs_W4IrUEYXHz2PxfyQH1wBbCFI1Y2n-AuoptRik5qWUirPBppwkbUgBnivruU4nJ5bOp7ihqPKQmhA_22cq3SWUQYtFTeEdTa7pH32Vzw4l5ALiwT7QYIY2NgvlGrCIErXC6iCtD_IBVc_36MtPNQSv0XxSvPhBrFcunQUajlLAaufCIurWAXKkN8dMUUjz9OkT9Bxozs-qIYFmvjYfsMNZy4YxkLlbEg0ndmagX66xAX5eP2ekOvhw2pWO5OsH0jmhS_EUQjV6YOr1nLs6N-4mdJxSERTFm7kEJkuzJFNYMh-kwne8BmYwnUHlTtd5r0EpyN8FRXCckHhHqd9lSoHKTJ7kD3N_9dUU66Y5kiYh1DXWz-JVGsbezBn7Xws5kAwvnQYi0T5qE42odnjpXfZDBGNtUbyhGusf3_gUB1c1nT359h3_n48mj03SZ4pWKWDwWr4zV8LUmHq47v7QU9azWCbF9p5CWwP72MpXukosLkt90KCdKx9JgcpL2b3RH_uP_5oNVssCz4ieJ3ZzPKhBlNEkCdc5eOVKCogyaVGyk49oBxPKRYIGuhNJ2hKiXo1HCHBevXbCkgLzSIr3SC3oPZpBmZUUAEIU4GIrrihWOaWxOXTCAU7nAY7A4DmvfIhuZPmfR7Z33DWSlwOhrGKEIZ8z5bltI3mhBDcB5487OhH-peEx_l2a2dt3LhtQo_BXV3mhjd0wBpI2boEG0u_PreezSJseh3aE73MijE_bdmko_vbTkNH2NZPW0Gab79Vlo5k2spSKf9S9YjVrEMkD1j0wmtkKvrQmWV7SP0F-HXfx69negA4fRE6qSqKhio8rrZcnQHiAQQaBIhh7XL_FO0g1ToBoEFRYsrfMN-_A3P8wmf4tVIfbo0prKOlzBmgLTYJjk-D4B9HQd-Qmz0kUMo5E810u6RPAf9VlpU5oz0LDpuu5rBD8Rh_SkYGYnsfoQH5iJNfdJ5knqCMuLP2l83Lof6OeEclFrhhdHADPWrq24AiLtlUWUTqKd1Hy2K3SQ1sg186gHNImSYEvnobMODfp2cAAefTDkJu4-F-QqlBEfhK54CzOcA00QR1eabyfs-Ehr1jsLL8Ik-ovIFKLcbz0LtWQBrxrmtGoxg_BHJqbMhCoFhkf-dlaXPyDLNn6IhItIT1HWG1qP7iMr9QPF-HfkGTiByFWl5IJoy3smXGHKGGohoUjk6DBL1KW0thtuFuqxai1WDhX3X0LypozpvP8wC-a2D5oP0cN9Nc-iJGGH1XWmEEyUUttygXlJBG9XAgkmL_LGpTrFC0Ez1noqOQAT9to5AlpC3Yfmnr2yCChpHEXPT67YkNw-jyKJKDAxYXhQjcRaZbpvfVrYdVP3Kdw569dFBCrCWlHb7MaWpKWbe4lAC9vURXPfD4NhTbpiJkh1Vikps4-2I6X0R2Ft0Q1JAqD32Tp8cSS0TQSiG71fZXszHGlog7Er-O1MnsQEgI3DskYJLOuvgyKzzPFkxqkx3vz_HAJvw1SSO-sV04iQ4YDrTdbnky6A6hrWgGWZDUUz1h6c6GhrqYCWYAtJFP1foePatpOgH4mX7N8wlnBKC9w3B5TXrcyjitKQpBnSs_OSP_zoy5SqheKbvOX-EtoFKIxRWpDu41n3sKYbUdQSYWavnKfJwpOcJklMimjlFk8QtAXE8HkmtJq2FYFLwx8OOEVmAdxMCuHIH3BJ2Pr91SL4Dp8_cL2a1dKkK-UXfgO2-t3hH9PLCitHvPXO0zbuU2mBSvJIs8&cid=CAQSSwBpAlJWiqlk0r_orKTbNjoqLWdSdUNm-NsJAo5XrH8gfv2dK7AehfugH8owX_ppI0KDAUrpemrJz7dCEmV_VLQ1rl8lnn3mHSGhIhgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fnewsvidex.com%2F&ds=l&xdt=1&iif=1&cor=3338450261400651300&adk=2857193498&idt=113&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7389b6a13c1e06ad2f0df0b0c874dfff99ea3e00f917d6bd272dd9297a0e58c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40966
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 9286 120 KB
41 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 06:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Aug 2023 06:12:14 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.0.5/ Frame 9286 55 KB
21 KB 64ms
25ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.0.5/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a441c4f1b90c992eacea5aa9ed1f7143c5e0ca315d26edcc3468ce5ea61e03a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1698259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20333
last-modified: Thu, 22 Jun 2023 11:03:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a86-4f6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OirZYMAprPa%2BQmv7PYsdNP3ZMioOa9H5b1Eox67hQVw72tf8OvG9mIjXKBPFsddR1rP5V%2FxCR0obdcNBTl3bEc4BMXmbMOKnbpQKD4CKWNIPJVc4G2fa6mYQo7c3apGrHD%2Byu675wDPVRChw3h0sVAKz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f70c0d5ec381941-FRA
expires: Sun, 04 Aug 2024 10:28:52 GMT

GET
H3 200 container.html Show response
0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4F9C 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076972

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsvidex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 10:28:51 GMT
expires: Wed, 14 Aug 2024 10:28:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 80B3 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308080102/pubads_impl.js?cb=31076943

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newsvidex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 10:28:52 GMT
expires: Wed, 14 Aug 2024 10:28:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1475223/71249285/ Frame 3223 249 KB
75 KB 144ms
48ms Script
application/javascript 54.229.80.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1475223/71249285/skeleton.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-3423085545296231&ias_chanId=1&ias_placementId=20111337730&bidurl=https://newsvidex.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iJIfoUwTrAlP8XbGfWR4B9
Requested by: Host: newsvidex.com
URL: https://newsvidex.com/?id=Zi9BNTljS1ErRGtHa25zUHZ1Z21oTC9CTDgxdGJpRVl0cldrMEVnOWFITFR4TDV5N241L2I0WWxndjE0NnkvYWh2cVVQTDBub2xWQzR5L1lGczB3emFTUDJCM21nckh1eU1waUFZTkdmSnM9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.80.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-80-150.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 06e75ec54c0483f0944a8ace0a48d3fb0d2604b023775daf21b1620304455dea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 3223 111 KB
39 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
Origin: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 18:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 18:51:01 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/ Frame 3223 11 KB
4 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUIZKCJVz5abHFC-GTSIWBf03GgOHxcA3CXt3glgih6aUv3-H5OPnTwuk0cbih9xC8KA1J2O7NdFcswAr8_uKtNHLFG7YgQZsfdyHCzGiA6k9sLhF0QS2zNQJKbLBv7oXaARTnHMjzSl3zgV7XoYpKCIG5lSL5Y0zfI0aY43-_pcM-GhU&dbm_d=AKAmf-CZo0eSefY0sin8stTL0GaUIbVm-yrpXUKCOci57EwXr63aPILwBStgCWqbxIOpav00pRI6HEC-qpR_6tIJwQXQzVxrUszCRSxz2A_VQhwtSG-bqsOSOx3FFArk9q-9x1k27FCFXc1UyM4z3phGR3YiQZK0Nz588ve4nbWvfitWwjhtt9f3HKbmnXIo88ylYB37bZSKUUsi2_s-Le1FQ6RiiTEGMBMpHqMx9An32-8YOCxydqWMeBV1hi4kPXWJG8Puv7OKt2kboRJwD0-V5rjP1s7rbAuYg-rATstGU1hAEFE2xs3KLq2Beec6dPgRBJO-vfC0nZ4mqjbegvVIPz-LUp-iYhl37h3Zk9rsVG5RMoUKrw-i6Ql6bnuOyXPfM8ElWhGp3HgOH_TBau2GR11qK0-Tmwvuj1-wQ6-D-3liqRdY6MJph-E2BXFoH4VrGz2oGN9etTgNQsRoKTSUY0PJMXApcM7gAuca6iYUqXNLWGeLwQBAr2F-imPLlFwcCDQoX-fTAXU3ln3YbhB6PSEo0UCZ0ufsIleTJexA_EOyAaoWLWEqANR_zO7GY82AuH8cXcHDceCuUDsC3OnFVcZQHJ6mlE5-4xHVvXJw0k--xyQnLcRwOaHBn87xP0vN5vEK8J9kUOJXQFoXfnr2deX2T8cK98a2RUMWQ8LZtkkmKq9Q-MX8qAsZ4J3b9rrEqtV5Z3TgEHp0f8qu4ECDKa4qK41k_51WsOGv9dI490Uao8RcxEGlACyJY3PcVqs9z6LH-FZigUiD1UkNawU-QePJ7CTSbI7DnbiLT_S2b4B_9UtSTXZ9O_zONWRKOe8DbZHTZcZwg1kzF3eRn1Z8Lp_b9A4lJUq4lqnUktJ0JFUH8e4riRlWJoSBhnbuQ587cQsTDJWLSOhHD6wMIG4e7uAjSofMm08WCct2Xug7Jk_MeC3-j1MDKoYZzRHjOk3FbUbv6bCg3H87sj4n8luk9Xd8c_e5sHnIEK4z6YdCai3rHEbFr3B1SYUofNBbMsFHaK_OaxFLnZYO5hr7GIHwooLJGZaPNG8jgtfVnWlUkM1OHmye7E5GqKymRcG-whRL9Ru949CHPKwGJ-9-pf5bteUOm1iIuWEGlvydeP5LfO3LcqMGA4ZjsBCTp_3m4M5vXiRTu0eAZCT0dbfrNUsjf3PFv7CZue6DRA-h9T5qsQQdAKeu7j5PpuyuwDQ40HiufknHjMfKrRVdAjsclI2zxjH-fT8vhmdAuWvo0QhGZWL_b5gEoCPuDQQqdTK-95bDCQckjyHPD85YXUihFZPHBNF_MzXyGo_rwQG48g3u9dJEu5JM52nm8HFClYuQFFaY2_8dK4ZQUeTlqN89wJTZXbaSsyNZNGIty5KusUu9thI_IeVxGh2Iyhr0gwcmMDsopHi9NzkffbVvTB5GaZZmFGtRBkbWb4pXj9W6Vkl-T2skvMa8GsLsbAOxLNt2Tdty2Nlzw6QMjfuemlwGbqIAKARWixL0ndcEoi6b8-MFOBTo0G1sMmtsNN48NKmqhlpFfOcqezUrcQzw536-HSlK5q7u6F8z7u_dm3nBQCvpV68stS8sii45a14MoUBjEbG2bX0OFDw96r4bRR29gRtUMZStNuE9peZkxU-tENNfEeZT_4u-pcLjlMG-gXT4_70aY-DCDW2FartG0n2X5z_Ze3iJLK63xqU5qY90O9PXZS-2f9uElCuhVUcoZiKT9bgeFh9Bf57zamtADVZAPqoV3Wq7cZSHviCO9agXrZNwhxtXvGpZUO_xZH6n-7X07CTmZwXxxvMkfcVhhRK1U0LpcDcrhxezfjRh4AzJXaSh0FmckEjAsIubHfH5yCuPql0mPTCAU4uDPrjkKhChrj5d3czNYkYrVZX-AkV6slDqWIDdvUTd1I2TetjPys6UHg5JgN12erMAC2bU6Ai9mnxNeULk1QHPFc7i069QZSKLHT0GbC1e36V0qo8vve4ima7lKmdW_jSr1VruQs_W4IrUEYXHz2PxfyQH1wBbCFI1Y2n-AuoptRik5qWUirPBppwkbUgBnivruU4nJ5bOp7ihqPKQmhA_22cq3SWUQYtFTeEdTa7pH32Vzw4l5ALiwT7QYIY2NgvlGrCIErXC6iCtD_IBVc_36MtPNQSv0XxSvPhBrFcunQUajlLAaufCIurWAXKkN8dMUUjz9OkT9Bxozs-qIYFmvjYfsMNZy4YxkLlbEg0ndmagX66xAX5eP2ekOvhw2pWO5OsH0jmhS_EUQjV6YOr1nLs6N-4mdJxSERTFm7kEJkuzJFNYMh-kwne8BmYwnUHlTtd5r0EpyN8FRXCckHhHqd9lSoHKTJ7kD3N_9dUU66Y5kiYh1DXWz-JVGsbezBn7Xws5kAwvnQYi0T5qE42odnjpXfZDBGNtUbyhGusf3_gUB1c1nT359h3_n48mj03SZ4pWKWDwWr4zV8LUmHq47v7QU9azWCbF9p5CWwP72MpXukosLkt90KCdKx9JgcpL2b3RH_uP_5oNVssCz4ieJ3ZzPKhBlNEkCdc5eOVKCogyaVGyk49oBxPKRYIGuhNJ2hKiXo1HCHBevXbCkgLzSIr3SC3oPZpBmZUUAEIU4GIrrihWOaWxOXTCAU7nAY7A4DmvfIhuZPmfR7Z33DWSlwOhrGKEIZ8z5bltI3mhBDcB5487OhH-peEx_l2a2dt3LhtQo_BXV3mhjd0wBpI2boEG0u_PreezSJseh3aE73MijE_bdmko_vbTkNH2NZPW0Gab79Vlo5k2spSKf9S9YjVrEMkD1j0wmtkKvrQmWV7SP0F-HXfx69negA4fRE6qSqKhio8rrZcnQHiAQQaBIhh7XL_FO0g1ToBoEFRYsrfMN-_A3P8wmf4tVIfbo0prKOlzBmgLTYJjk-D4B9HQd-Qmz0kUMo5E810u6RPAf9VlpU5oz0LDpuu5rBD8Rh_SkYGYnsfoQH5iJNfdJ5knqCMuLP2l83Lof6OeEclFrhhdHADPWrq24AiLtlUWUTqKd1Hy2K3SQ1sg186gHNImSYEvnobMODfp2cAAefTDkJu4-F-QqlBEfhK54CzOcA00QR1eabyfs-Ehr1jsLL8Ik-ovIFKLcbz0LtWQBrxrmtGoxg_BHJqbMhCoFhkf-dlaXPyDLNn6IhItIT1HWG1qP7iMr9QPF-HfkGTiByFWl5IJoy3smXGHKGGohoUjk6DBL1KW0thtuFuqxai1WDhX3X0LypozpvP8wC-a2D5oP0cN9Nc-iJGGH1XWmEEyUUttygXlJBG9XAgkmL_LGpTrFC0Ez1noqOQAT9to5AlpC3Yfmnr2yCChpHEXPT67YkNw-jyKJKDAxYXhQjcRaZbpvfVrYdVP3Kdw569dFBCrCWlHb7MaWpKWbe4lAC9vURXPfD4NhTbpiJkh1Vikps4-2I6X0R2Ft0Q1JAqD32Tp8cSS0TQSiG71fZXszHGlog7Er-O1MnsQEgI3DskYJLOuvgyKzzPFkxqkx3vz_HAJvw1SSO-sV04iQ4YDrTdbnky6A6hrWgGWZDUUz1h6c6GhrqYCWYAtJFP1foePatpOgH4mX7N8wlnBKC9w3B5TXrcyjitKQpBnSs_OSP_zoy5SqheKbvOX-EtoFKIxRWpDu41n3sKYbUdQSYWavnKfJwpOcJklMimjlFk8QtAXE8HkmtJq2FYFLwx8OOEVmAdxMCuHIH3BJ2Pr91SL4Dp8_cL2a1dKkK-UXfgO2-t3hH9PLCitHvPXO0zbuU2mBSvJIs8&cid=CAQSSwBpAlJWiqlk0r_orKTbNjoqLWdSdUNm-NsJAo5XrH8gfv2dK7AehfugH8owX_ppI0KDAUrpemrJz7dCEmV_VLQ1rl8lnn3mHSGhIhgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fnewsvidex.com%2F&ds=l&xdt=1&iif=1&cor=3338450261400651300&adk=2857193498&idt=113&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:39:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:39:48 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame 3223 30 KB
11 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d44eef42468aa9860e7e4d534a143260ab1d102607635a2f30483d0c039686f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:39:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11540
x-xss-protection: 0
server: cafe
etag: 10407724091878522853
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:39:48 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3223 41 KB
13 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 18:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Aug 2024 18:14:40 GMT

GET
H3 200 12e0c0bbc282de0324fc2c716af124fb.js Show response
www.gstatic.com/mysidia/ Frame 4F9C 9 KB
4 KB 63ms
24ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/12e0c0bbc282de0324fc2c716af124fb.js?tag=client_fast_engine_2019

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c1e5469741d286589a094c9fea2c1e5409ac1eca95013c43c65c781d170e2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3920
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 16:01:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Nov 2023 09:28:51 GMT

GET
H3 200 3e881cad55383437c91698a17d09f133.js Show response
www.gstatic.com/mysidia/ Frame 4F9C 140 KB
51 KB 63ms
24ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3e881cad55383437c91698a17d09f133.js?tag=video_mra/web_raspberry_ms_cta_adjustment

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72bce1d8441437e210c0a053e087f0444869afedab4bba9aaa2bcd4d3419da7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 04:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52598
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 16:01:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 Nov 2023 04:55:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4F9C 14 KB
1 KB 29ms
28ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Aug 2023 10:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 09:25:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Aug 2023 10:28:52 GMT

GET
H3 404 rda_video_bg_pattern.png'
0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/'https://googleads.g.doubleclick.net/pagead/images/ Frame 4F9C 2 KB
2 KB 38ms
37ms Image
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/'https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png'

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23b32563a179a81e549d990ac973605a26b42e7002c2cb8699c7f6df999a76ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:53 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1667
x-xss-protection: 0

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ Frame 4F9C 110 KB
33 KB 81ms
34ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

723df3c7d7a3d796cd19b2d214c09340b55cf08e08d26cdf29848731527239ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 15 Aug 2023 10:28:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32235
x-xss-protection: 0
server: sffe
etag: "e3f6ff5fb1ac62c8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Aug 2023 10:28:53 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 4F9C 2 KB
892 B 19ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:16:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:16:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame 4F9C 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite_fy2021.js

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:16:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 8732331910907961498
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:16:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 4F9C 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:16:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7957
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:16:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 4F9C 20 KB
8 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:16:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7957
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:16:15 GMT

GET
H3 200 1ecb17048d796ff7836f25d4dc1a1361.js Show response
www.gstatic.com/mysidia/ Frame 4F9C 33 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1ecb17048d796ff7836f25d4dc1a1361.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 09:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90002
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14130
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 16:01:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Nov 2023 09:28:51 GMT

GET
DATA 200
OK truncated
/ Frame 3223 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b4e644f5023ce44019f5a16ceca4d8b0691e28ed051411a220131dc5f9c6518

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5E6A 0
16 B 63ms
59ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLqlkwEQsZGUARigz4PeATAB&v=APEucNU2xehNyC30TtvFjxZmqItDkcFVwIsh5W09zb_UVLVONj_WLj4Q7bR3NJ-uxS_Q_4vENJW4hIu1F56rJrkU5_HhwmMopA

Requested by

Host: 4c7273966160223132d25434d861315e.safeframe.googlesyndication.com
URL: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 10:28:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 80B3 86 KB
29 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 4c7273966160223132d25434d861315e.safeframe.googlesyndication.com
URL: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 15 Aug 2023 10:28:52 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 80B3 42 B
63 B 118ms
116ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BlMKKHPJ_hwQ4jhKuKiT4IVYAb18WvCcI26dfoyr1Oh75iyIeLHxBxuY1D6l25vBK6XDfE6V7J4OS5rNv15UG_rMTnFlxdr6xzdiXdQ_sKNi68oUw

Requested by

Host: 4c7273966160223132d25434d861315e.safeframe.googlesyndication.com
URL: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 80B3 0
20 B 118ms
116ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4264485767941119963&x=1&ct=76

Requested by

Host: 4c7273966160223132d25434d861315e.safeframe.googlesyndication.com
URL: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 80B3 3 KB
1 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/window_focus_fy2021.js

Requested by

Host: 4c7273966160223132d25434d861315e.safeframe.googlesyndication.com
URL: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:16:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:16:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/ Frame 80B3 20 KB
8 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230810/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 4c7273966160223132d25434d861315e.safeframe.googlesyndication.com
URL: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:16:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7957
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8262
x-xss-protection: 0
server: cafe
etag: 6392178368060142121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 08:16:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 80B3 0
0 39ms
37ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTC5kVEQ7k3bBBKPxADO81O0QNI8cwEERULt2DhWy0-F6L-qYqdkOuFayttBab6ETi_3x5c
Requested by: Host: 4c7273966160223132d25434d861315e.safeframe.googlesyndication.com
URL: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 80B3 180 KB
56 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4c7273966160223132d25434d861315e.safeframe.googlesyndication.com
URL: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57610
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692013115309786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 10:28:52 GMT

GET
H3 200 2023_07_Back_to_school_controller.js Show response
s0.2mdn.net/creatives/assets/4945525/ Frame 9286 14 KB
3 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4945525/2023_07_Back_to_school_controller.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aab40de161061febcc2b8ad6e131fcc712a6f846691e48dd558689b37e596c36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2821
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 13:57:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 10:42:06 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3FCA 0
10 B 29ms
29ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?scNXGQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F6F3 22 KB
8 KB 19ms
18ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 128921
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 22:40:11 GMT
expires: Mon, 12 Aug 2024 22:40:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9286 7 KB
6 KB 63ms
63ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc5f0440a4ba1fe3295b324b649bcc18ebd13629e64808a199e115d38f15048c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5714
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15666339272179623673/ Frame 10C1 6 KB
2 KB 20ms
20ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15666339272179623673/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

815e919eb9f91c295d3209fbd3d5465a2625f83350af90fb12985d4094c60462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 442164
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2167
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Aug 2023 07:39:29 GMT
expires: Fri, 09 Aug 2024 07:39:29 GMT
last-modified: Wed, 28 Jun 2023 11:47:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3223 0
0 72ms
71ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstlIa_vKyd6EKGgOw3cjqOD_q563j2B6frWZGO8xSCcotfItZ1yOO8CZFcTWdRzLZTgzYsuBWIIbeYDllXsrb9C4CJzq9_lRgUrawGHX0ripfsawIBP_RwxrQnvAGMwDRVJqSLgAlKkL2-9BDRUAcpCzGbLSfZFIhX123UPrCsQtGESAkmApU4UHlyvHAw1dxLVS2ylrwjIwNcr-1Lknez3ALaqIRxhfYaisOXQsdRz9h6FzhV-FOwH5DsR1e_0piMfztjikalbFqNkLnbs0g5nSo3KbjBeLZak7jVltxF9t3A_SlhygTlA6gswehVk_aAYEtf9Fitgp_-KfwLB7tCty-YzjdHn2AReT5UJt-p4r4bzJNLhJJvhKeIQOIkJIC--nGhKcfJR6dcY4r8os6tFP9jjKrohLXeie1NTJQDOBjwrWZgyC7fSeEm8T3jMdzTlSFwqGO-v9Y-qiD18qscNEz5e6-7_NZFPlkYY102nhObaC5zhYlFVD1veFzBYO5lJdtOxU8pjAwrzwNdmlAyl0pci3RTjjno_LqGlPUG8LaNAlkmk7bf3H6T4sHUqejrUA-c4DIIGzTOup8x00w0qpDVrkbJ70FUzVCXFrPVR6BiUzgY--4UF4TqKsahvuKjannHEFa3DO1K1lNcctiwUMr_Sq6lwzqETlUclxEfaXWOLtgs1I-jjLwahdohOLMGEt03X4AFykvX1JT49TS-iMK2KtaZcYF3pIcqsNYaUs95Lxft-Jj7lFm76NHnZZkz0-lDNa3Ky3fv_7beJIrTNdkz0gIF_thK9EzQuBeDgHoCYCbjDsdBKx8WZ8yBbKyoFqW2eD3Ig5U2XyYXAuHKm1hQeq8FOKoWfshFHnnO-LoPj2Zt9fi8-LUuboz7z37qnwaJpQbZk0mKsASWKwiHdRQ6fVeK46_B1C4y1Yi_PcqN_NGIJuFUGbY1iZhdYF1Z6nRpLQU-t83G_hXlalqq7SoMqPL522p81qOnaQsqQGxuK4VR_bOKrxGP7SswDd9YQ4z-a1-UslKM17uuraABV1UBcYz321RvGS7VHUyO6p_e-AqjCJywLp2niw_Ze7TXaR9TNHgn7bRzl4MNqUU__eNEJPeJFfJzjCkjD3M5UHKWHWzF5KKisFXXt4x2GdW3UvBNObyH5R58RZf-OumO_MCd3FCB9abEUFtC-4B7gm577QeEg35mFKDJONWiIz2aPUui_NB1LxVix07kOhKVGyckL9rEXLWhJj4oYhFdChApc9MoDr8lDIx7y2mhECNBWbO0fqKx1c8HLVS4c&sai=AMfl-YSExkKV7YN1EVkoTJ7pt_C9VrI9YoVjnUOzTjE_1qsxbbcerAbdmXzLphM0ViKB2iecPO4aQxuqsvaS2OdS0he5xH4vV4BVYU2IPGijM_L-0UFtb40ClkqUNC_O7meXzRGbOvP44kBQp6gBLVh4qwTM4z7JQRa1Bny_k5h0skLxVESKMNpCNgll6-PuqPxCDfUtWyZoMO-L0LaVbB3t2ll4IiiURbBcWTYIpZq8wwD5UEcpk6fjYruzNh4RQiuWsViChg9RlGnb4xmrfkvwJ-Kh4mbTmP_W&sig=Cg0ArKJSzKV9TBCl7GR5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=138&cbvp=1&cstd=135&cisv=r20230810.04252&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 15 Aug 2023 10:28:53 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 15 Aug 2023 10:28:53 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4F9C 0
234 B 775ms
271ms Ping
image/gif 2800:3f0:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~llc5veyy&c=134468866431&slotId=67234433215.5&qqid=CNqJ2Km63oADFUXJ1QodOrUAXQ&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3e881cad55383437c91698a17d09f133.js?tag=video_mra/web_raspberry_ms_cta_adjustment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:82a::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:53 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rda_video_bg_pattern.png
googleads.g.doubleclick.net/pagead/images/ Frame 4F9C 2 KB
2 KB 19ms
18ms Image
image/png 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 07:33:25 GMT
x-content-type-options: nosniff
server: cafe
age: 10528
etag: 9923804599063086578
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2033
x-xss-protection: 0
expires: Wed, 16 Aug 2023 07:33:25 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17822024181240698237/ Frame 4F9C 2 KB
2 KB 20ms
20ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17822024181240698237/14763004658117789537?w=100&h=100

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89bba462c4880cf4a0e49696cc9d3b9e28052e57071ddc4924a4b25515301510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 04:08:43 GMT
x-content-type-options: nosniff
age: 368410
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2379
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 09:19:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Aug 2024 04:08:43 GMT

GET
DATA 200
OK truncated
/ Frame 4F9C 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16919327416143021859/ Frame 4F9C 42 KB
42 KB 19ms
19ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16919327416143021859/14763004658117789537

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a8f0742694ae329458444baf9544a7ff3eecce6c5a78d458778eb93cdf21dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 22:57:06 GMT
x-content-type-options: nosniff
age: 127907
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43270
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 09:56:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 12 Aug 2024 22:57:06 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 10C1 236 KB
63 KB 135ms
48ms Script
text/javascript 2a02:26f0:480:f::213:7ed6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15666339272179623673/index.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:53 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Tue, 15 Aug 2023 10:43:53 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/15666339272179623673/ Frame 10C1 188 KB
34 KB 20ms
20ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15666339272179623673/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15666339272179623673/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8e68ecd193069b7a36b25962c7665b9c9a2af1381649d77c01cbda53bff54a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15666339272179623673/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 17:28:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34660
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 11:47:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Aug 2024 17:28:21 GMT

GET
H3

206

videoplayback
r5---sn-4g5ednd7.gvt1.com/ Frame 4F9C
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=9c4299299f20c90c&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1692102532&sparams=ip,ipbits,expire,id,...
https://r5---sn-4g5ednd7.gvt1.com/videoplayback?id=9c4299299f20c90c&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1692102532&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

602 KB
602 KB

85ms
19ms

Media
video/mp4

2a00:1450:4001:16::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5ednd7.gvt1.com/videoplayback?id=9c4299299f20c90c&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1692102532&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=111F1ED612B81234FAEC7843743F51404AD66807.3368F5A675A3653AC7BBEA79FA5973F3643E7EDF&key=cms1&cms_redirect=yes&mh=I3&mip=2001:1b60:2:240:3247::11&mm=28&mn=sn-4g5ednd7&ms=nvh&mt=1692094652&mv=u&mvi=5&pl=29

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:16::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

3eae3599cc2040f5b82e880c2f044dc06d3c5913019847974a319d6ee6643bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

client-protocol: quic
date: Tue, 15 Aug 2023 10:28:53 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Jun 2023 05:05:30 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-616751/616752
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 616752
expires: Tue, 15 Aug 2023 10:28:53 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:53 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-4g5ednd7.gvt1.com/videoplayback?id=9c4299299f20c90c&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1692102532&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=111F1ED612B81234FAEC7843743F51404AD66807.3368F5A675A3653AC7BBEA79FA5973F3643E7EDF&key=cms1&cms_redirect=yes&mh=I3&mip=2001:1b60:2:240:3247::11&mm=28&mn=sn-4g5ednd7&ms=nvh&mt=1692094652&mv=u&mvi=5&pl=29
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 711
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 4F9C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13ac1c1b7c458edfb370d17f60c016f5133fcf726f02a0d6eea0d62e5eb20d86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cbBdsV2.js Show response
s0.2mdn.net/creatives/assets/3781309/ Frame 9286 25 KB
5 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4945525/2023_07_Back_to_school_controller.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22d77c667d6084c6eb69aa5b1f28bac84df2d473de862e29d060054a84b20106

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 846
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5325
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 08:21:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 10:29:47 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9286 17 KB
6 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 10:28:53 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 05EC 0
0 59ms
58ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuafCt20oD24IxhDYiX-qBd71gultKhGg6QVAPs-LdAFqdILEAHtdO6Y026b4YKSZHYM4B6ZS4_o69EvxdyybJp5g5UblrjE8KkuKVGg8l2nB0Gh3iL81SH6kuW5bXCKIS6zF9wVnpgEB5W05UW7wO3UwppDHb4_2tkrPbxFZ-cblzqSs6fKb-vml1ZrBE8BULjJumc9KG5GXn_8iVtF3AVggvHHBkrdnY9UHcQ4o4y5liLdvdHccFvaNXGAkyXGkkIHYfIW5L2ZAK-aF9Q75SslCKr3X8MDuAOGk_MaRRZRO_YWC_1ikI5j3JlsiSVrioLXry1aJ9GRPIuFzNtOTsFK5Pgm6ATgKORYjyvG0Pm7flMdNV-XhR5lk_JV_aqcpivibyD4xCh-f2rx0PaoETg5Y8AZJX-58gYNG2UaBjlNqxDzKOl7n2VBD3URWd7m5sjLXPNU0Uf5K-NB-lKmcy_FN5BKB8kgejg_i1qO1vrxign5_wDVOVOC8l0cQifsfzIsMLlrpJ5_WIFFjCp7Q7fEfjzEUluvM_ld_6YaD3mnZZqjQb5-AFqEqBwzlJZerZIa2VEfwa1_knTMGfsNlqBksGa4ylxMFghgI8xIWYrLaPJFjKIKShj7U-kwVEi4ge_nyRaYb5mDope81nqnOArqOQatE8YS-r9oT31WOJ60T8BhRf90yGoMWQsl2KN5JuePHfMlpVaH5SttLDIXVZHFHOWBJQhSyIjbiMd1lwxVNTqQhnJ1c5JkASqzgFrXRWgxRmHUKhW_NBtVaSPzRolQD9kFJLjTOwTlVqnImJkz_NUyO7xNGla8JpPFyed2IOmO5znXp62HPnhfuWs8-R_xtmk7MYF7llSkz-tChDLvFzfwI-QDdKDy0OhxkhjeKzVsKiavHMKQ-o37fL5Yiswpbv5WHKko1PZwqFhHoVGdeg3kgVWxgioYWp_WVRFv3hdFXYUc9mbhXnxNt6hxciQgiMzCrprDwgX6veGNiE0jYC8_l4lGnb0_3Ua3xwoYkImiktOkK_B9YVjm_Ec5grB_qJGBsy3DS0qRJWlp8Bx6PIwua1UhKDb_TyzLbDt7n4SdnEIBR4QZDyQjAOrHzHvt7064obK9NKzEbVS6VY7FiGH9a9uq_l4snrqVkjSJNVc4fK2hHYsaAEYsnTNh_dtqig-1BEU-C219fg1L7yBEh3s_ve8nsShm5wuAcn6Tm4j8Iv09s_Y_izXNjLvOxyYu1dB1Xq2FO-FIoogqVwilWx61HL1hielMCoRLuDDv4m_UkLFgI9DNFiJCEB8xLEOBMiwRj50&sai=AMfl-YRVLDvj0zoJgjfLIUPphT5fsO-jro3aWG2aIt2WixRhBg5qAfXYlh5Y4kBg79tBDf7jIkyVWgm68vCKoPylzCY58Gw4F9hHXBFOyESua6ZZabkhArNBy_4UZcJCF3ZCJsMsOw65nfGW0DE9ngD1lvFsXmD0nt4qtwu2ODMZMtf4QcG7rsjWvzLKnuyL5n9isFpU1ZZOJpQRYbRkXEVnKDWgNLlhgbyaKmJJG_oFQadKgy_CUcK4XIvAtU1oMwMlq93M-yNLt1tqMaYKccDawA0NAHm0PRvh3aZC&sig=Cg0ArKJSzE4A1BIBZVZXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=569&vt=11&dtpt=416&dett=3&cstd=140&cisv=r20230810.53257&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Aug 2023 10:28:53 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 80B3 0
20 B 117ms
117ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2376089388695&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 80B3 0
20 B 116ms
116ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2376089388695&version=m202307240101&ct=76&x=1&cor=4264485767941120000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 80B3 77 KB
36 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AncX9R08laAPLeycqUV8Wc4sSh5XXjlAFPNJloHFStTWwEf2NZ70mR3HSM5wKldb-R1QL6LHFqHlihcCHxP7gQrAhXuw&cry=1&dbm_d=AKAmf-CimvbgEzYJ4xDrLyCGwCTFlTwEThtFYDx_ojw3NXBlmaCs2lsAVJGS7TwChD_wotphyuG4qlOO4umB2atViggpCoFEP7Tt6U_f5cnwoj4xXGeByrF9CUe5wZDKyRqJptydVyQayFbhg6wshnbKXk7DBgBiNzy6AZQ2l54ravfGK77dW0QoNGW0tXv_UbLMrtBawBguxAL4HGJzobgKUexc6ZDU-kUHQIqOTaOven04_FURBcnOVpN6Cgtr_UADaqTHrSQwlepaQ33-qWWevdeGa2t6PS3nuWIBB-87puXsZIU5LQkRjGIfdcaphy__fiJkrmorT2SJ2blEhPc248KTjF88ACGnn1FCJcF2NBY4RNFb0WgoWnGBZZq3uk-h_r9G4rMgU2aqP5HMDu8zK2nPRfJrvDuuPjpeQ-0ivaugmhyqkNeWUlTxQfs8gQUMXHx03bSsnVHTmF8xfJLRWeR4wztFdq8bDNqZ-yk3NX_P5QM19rix8CJkyb_9sFvXG0vKU1Y4qXEo1-_u843aDGKPaz-OXgUYHguOFpXZcZYRKUJjQhNy2foScTjiljqtOq_MRz3Htgo_2EtBgebvcHXgM4hPngxWAGdeSPGs40Lzqw0UjYQY3RR2-xvUekzjfoPB1YHui4WAYkiY6R3gK1USnj_u3NZ-heeiOw_KABAk6bGs1B0F48xpNUIM5zvyKxrsuArHwiAvEDF0wGPOa1Afp-mVBs5mUKuQm_GICQvkZMBepeDg9NIO3DLpSbnw5xV06ZhTT2HGHmi4ZRTA7XdjP50zJAR_TrCbrxob22h9zbLgv47ivtzb7UqgtS5vP2chgZM4HSTpQuQ0eYncPkfdIUtxfdHDixiwPXMK1wKJdkyrXq-sjbA2NdENUbtRK3MLz68UhDZIdon_Azj8BWUzfRmfNi3gyz5fo8yAl1axEftwIwGAdTjgqST-tTpFHDu2RNH9ciXmVZ0ZY28N-53X-sn70eJF5C8CwqRNP1wfXHFiY7SQZ5A3mdQmdZ0Qj8h2T_CU7j5e32zSH0l19Xe_OOZIrg1Glhv6LO0-_dP31AqQOPsFpW8mpHnWbBYQjZn0vYEhBRrP-pATcApy5C15bFzte3tHbD4KgoIkqrGdRYbcynvIM_16Ia3MHMr1z1OCaRbUhkHJiGHtGamVpRLwVTFFWQSpt5nL89BVZgZpkdz2eVy9jQc68Qirc8m0vGo3caub64KQAX6BtoFWdblmoq60Q9K35v17GbZDsYRRJd3I21X6CzINS-KcriTI9O7t7u5Nb4oHdyZwAMZ2U-x5dr_1Fw5tH_KXnhGtBn-IwhnJhfHAufBc2YDYVXKI4b_tjybJ4BPvI50AY54U220x9gBoFxqlS46Liipf-3cHT_3f-xGIEhTSKUdEqKNExVnM6rvOskPJ0cUT_ayRv6SCyY3DAUpejMGQNVqL0rJAViDwym-ADaL7z3RcgmGaVHi3yk8l_UBOkpPb1932Xwai211JsnkjKjV-9DVAf0Vo--Ar0Ka8t58MoQ-AWtk3a-I8FfIne73xdx666i2A1Yae95wZcBRbrQNM_jVXHhpy4BpFk-jaS-2fQvUyyfVAqTXMupg41inwhyKom25HryrpzavJWcXJlYMhjw7PZT7s55LMHvMf431BAY5PkKna8rAIGvTXRywwajkL_TUa8fVORsDhfp3cfQ5LANGyuBU9KeDbQPOaiWy7F9JCrpLE_u_GslLOI33_lr2fum2t7T8obs5Jv4wgLjsConuKo49xAVuSpB-NVms55Pafr7qoQD8k8AeW9DFE6NMpYYArQPQaGNfVUPtvomlU37JOtDpfZtPs4f0-wdiyUGibW10-T_M-H8ZliYVIn13dSazwH9JvpRRHwAqGZkgmLsSto966216xiV8g5kL4Vc_q0ulCtq5yBYdeNI-U_5zgkuILePg6UqLbc9KQ8TSvw4GGj1kPS2E3pIDCeUU5PdR0kmS0ImbY_hkZ-S1pSeqP_xf8PlAOA1m7XAaYd-ZXRwt8A2hl_GIbW-fbRivDYi64skvjirOJi9pvnGknLuZQ2A_CbpOrBw0eHjPJ-pvgNqIMcrB8yb8qNY4IWtpEhDrNtIp-tgCyI3Umfh7ARgWTy1tyjya7IxEeIrQB_6vFwvfADJHY7iQblee01xbXAqP2-YkG1NHeC5X-lljV6QoRBNDhBaY4T_8CqpFO0PqLaYT1_91JwGsE4xI6_pk2n8adsWqhEHTQ_hceFSxZX_-3qFsWSVCxsabkbKKEHrlbUj0BqO75vatVyDEqeOS8-3KfNzgYAjvPM4c1AmWZzi21dxp7AIvSE--1CwcJmnHIQ19Lp_CeokGPyTQtsRl_bctVkV16-3J7sIPob09gACOvdEZo9tzne9MIuZvthSfqHwaBt5rIjM01Bq745enhs11JKmkapKPLesKBw7_Ezqq5uDe-6RojYsSfwNpFju1_4ITdbbcvZGGpJbitIljgewBp9Hnyp4fHByKwZcPy21EbMGIKwB14LmBBQ6-abksa_ExDF-QjzYrXRdTEBq_CYeWWxLelz4rdXzFfdac0ihcFaYqweKTagFoabq44Nup-seuFMDoPKE8yKLWf-2hx5qgKZPcxSMDQq8-ws1ioiOeAm2tWBUt2d0wQQhyzyZCTCKzx-j-rPb2LyVLhZg3XQ3WzkX4DQbz3gsfAT-7b2Qs4QExGK_Db42TrV0FxVx3i7k9AcctttHFcRlr19ukZ2_DLZxv_aMSeeF_dMM13XiEmftHDCwuZuW0-_JfgcW0RctYT3bB3vUJl9GMt__beTSO7KIgxH6aSTPf2Dt_ozbFETW4OqoC9qcc2pYfh_73W_-PrgRXemrLG09MpNR0-TUWFhaWq1gDEK_c3wt2TOKgI1wzVbueF04xuU33QigppEr8dbcmvAmNZMxLmdTwKE4jNb8BfvGfj2mujUKJ10ci_eTVZOPO-5p5PW58eyWDTyYDfMMoVw6SCYdz_wPiYF194Lqb6LfitahPGB0KzApNO5Zk5QuhMnZsZH7QM95LRYO3BUkI3PaBxRTqdSpgvB5bPb2kJ4O8IE3URIVhOoP2qRxVP2U3Z2drCgTEaTTqtwNZz_-IQZoFaSIjaU5ft_5sugCY8havpql1-fLYrfhJmvpIrY1au1RiQRw9cqMKZnDNmgBzMO08-_aC5v8MoDw3vI_7SOQkP__JsiYVEzAFYRkI-QCqicVd4Lm-C-Q_Hn0acEFpIB9IQRnPGxvtHLzsIKtU-JSedOWrNOnUHf93QHG4z_o-s3gUXfMCMDMXxMq-ovjxfXtoyVa8DkHOGoaaigIA1wYwlFcUrbOzxTLOVK50dvi1bCUJqCnDq-wzBKAf33-2Cu8jWRNcRD4EkNGwoFSyuJhFqtARKVhgHjjFsU3sgYMN3fTNHUe1hvSH4GzIwJnfiT-OY-N5222TP2TeRUI1pW1X5NxFcL4v82AuKVPXhdxxa_40LM0L7Gh9k5duLwNTSCQW1gNiKD6r_E8UI_FRKGnC7CjuRDp1nS7APJdmg2431xsynJ-vdmjxu1oMknO6vaoyHiy8&cid=CAQSOgBpAlJW7sqaZ4gFvb8VL5RDVhALwKqjtOOx9bdaIZQWwqJUsIVNHZ0WZ8aPjdFWez76V2AUt_tWKQEYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fnewsvidex.com&ds=l&xdt=1&iif=1&cor=4264485767941120000&adk=1268836065&idt=109&cac=0&dtd=13

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35c3f3d08165291ff39d50ad2b21886f753c4ebed0bcfc5cb0b2603ead2aa0e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36648
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 95ms
56ms Preflight
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=Cz0vLZFPbZNrHFcWS1wa66oLoBZ2m8NNxibihposR6Kq2lYsDEAEg_77uLGCVgoCAsAegAZzvgMICyAEJqQK5q2-bweNJPuACAKgDAcgDCqoE7AFP0JZLsGZ9NFIFOqLNEWGQtaO2nC6SgRY7A1mwjsZWDzNuR7DFFZTYOrM7sccgKWBQqaYFNOy_HqCGmlD_3sLiOhJA9iyJ32I4iwdHIXa6EGzZu19vhUjb_RMjimRD7vJLPZWyVXAuLSdGukhodWEHcc4F2IHM2sLfMr9qn6Vm-2-LcW9i7AGkx5PT-tuloP8i3G1rYpZSbMLFFMqF9w2A0wpow2IZSsic0I6LW5hVi6aSmF2oagrd3n7d0jgwt-ZftK96EZxbZ9lVAas_fKBSc9FCRnpb6fZDwIee8aUln11-aEXWTdlCsJpPtcAEqImGscQE4AQBkgUECAQYAZIFBAgFGASgBi6AB8yQ_70BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ5-BD0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJdmh0dHBzOi8vd3d3Lm1hbmFnZWVuZ2luZS5jb20vcHJvZHVjdHMvYWN0aXZlLWRpcmVjdG9yeS1hdWRpdC9zZW0vd2luZG93cy1hZC11c2VyLWFjY291bnQta2VlcHMtZ2V0dGluZy1sb2NrZWQtb3V0Lmh0bWyACgPICwG4E5wb2BMC0BUBgBcBshceChwIABIUcHViLTE5NDYzNzc2OTUzNjcwMzcY__kd&sigh=lbDDTsNQxFE&uach_m=[UACH]&ase=2&cid=CAQSTABpAlJWvl-Dn21vI-yb1XEkxW-3HQKg1blpH4KonC1ISatBnfpeyqPVOU3_ZWAa2kxf2_aV6DCyfKcMW3U65BSvBIjZJRkLgwboH-sYAQ&template_id=3484&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 15 Aug 2023 10:28:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4F9C
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=Cz0vLZFPbZNrHFcWS1wa66oLoBZ2m8NNxibihposR6Kq2lYsDEAEg_77uLGCVgoCAsAegAZzvgMICyAEJqQK5q2-bweNJPuACAKgDAcgDCqoE7AFP0JZLsGZ9NFIFOqLNEWGQtaO2nC6S...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227875343041317998722%22,%22debug_reporting%22:true,%22destination%22:%22https://manageengine.com%22,%22event_report_window%...

0
0

97ms
54ms

Fetch
text/css

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227875343041317998722%22,%22debug_reporting%22:true,%22destination%22:%22https://manageengine.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22675297180%22],%224%22:[%2208-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213924244359166064337%22}&andc=true

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"7875343041317998722","debug_reporting":true,"destination":"https://manageengine.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["675297180"],"4":["08-15"],"6":["true"]},"priority":"500","source_event_id":"13924244359166064337"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Aug 2023 10:28:53 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 15 Aug 2023 10:28:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7875343041317998722","debug_reporting":true,"destination":"https://manageengine.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["675297180"],"4":["08-15"],"6":["true"]},"priority":"500","source_event_id":"13924244359166064337"}&andc=true
access-control-allow-origin: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame F6F3 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 08:52:09 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 3223
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1475223/71249285/4.js?ias_dspID=3&ias_campId=1012441042&ias_pubId=pub-3423085545296231&ias_chanId=1&ias_placementId=20111337730&bidurl=https://newsvidex.com/&i...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_ZFPbZIr9LbODjuwPh_-V2AM&cbFunctionName=goog_wrapCb_ZFPbZIr9LbODjuwPh_-V2AM&true_pb=

1 KB
1 KB

19ms
19ms

Script
application/javascript

2600:9000:223f:0:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_ZFPbZIr9LbODjuwPh_-V2AM&cbFunctionName=goog_wrapCb_ZFPbZIr9LbODjuwPh_-V2AM&true_pb=
Requested by: Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:0:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 19:01:32 GMT
x-amz-version-id: R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding: gzip
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 574042
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 08 Aug 2023 19:01:30 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: OnZRtiRse8J2N47KPwPD6hOxBvuW-HfMOeK72otGGExePCPulQWkZA==

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:53 GMT
server: nginx
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_ZFPbZIr9LbODjuwPh_-V2AM&cbFunctionName=goog_wrapCb_ZFPbZIr9LbODjuwPh_-V2AM&true_pb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 9EE0 91 KB
23 KB 65ms
22ms Script
application/javascript 2600:9000:223f:0:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:0:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 28320757
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: EUqwFIxHsXiNPmDztF0LKjOYT7bg4O4TTdqPmZMHHubb6b_RZfveCA==

GET
H3 200 cbstyle.css
s0.2mdn.net/creatives/assets/3758114/ Frame 9286 25 KB
5 KB 20ms
20ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3758114/cbstyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5d0407c813ca4bde74789d41f00c993617159d54e14e606baa4378d53bff3b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 835
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4582
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 09:29:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 10:29:58 GMT

GET
H3 200 cbLib.js Show response
s0.2mdn.net/creatives/assets/3781309/ Frame 9286 32 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3781309/cbLib.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feb97a90ef148adbb793ce925a51b98dc5bcbdc003a7f888b7e656f8429817e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:14:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 836
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7876
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 12:12:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 10:29:57 GMT

GET
H3 200 cbResourceList.js Show response
s0.2mdn.net/creatives/assets/3781309// Frame 9286 93 KB
11 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3781309//cbResourceList.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62d03191b72dcd5d8e4284ef5dc142aa20507115a8aeb8319e191fb71d67490f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:24:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11434
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 14:45:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 10:39:32 GMT

GET
H3 200 moduleList.js Show response
s0.2mdn.net/creatives/assets/3781309/ Frame 9286 8 KB
1021 B 26ms
26ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3781309/moduleList.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9261fc374ad402a8ca48b414850f314f0098b30776695dffa52c4e20eae9f3eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:24:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 993
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 14:00:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 10:39:11 GMT

GET
H3 200 AssetsList.js Show response
s0.2mdn.net/creatives/assets/3757766/ Frame 9286 1 KB
363 B 27ms
26ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3757766/AssetsList.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b22015e781bca8c265c5e679c44002e17b35f1e56b8d458bf41806f037e04350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 333
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 08:13:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 10:36:30 GMT

GET
H3 200 cbElements.js Show response
s0.2mdn.net/creatives/assets/4615943/ Frame 9286 100 KB
17 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4615943/cbElements.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebb0e85cf8a5e0953a5997538edab29e75417ffe81d7097459e7c2ab99f371e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:14:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 839
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16920
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 08:52:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 10:29:54 GMT

GET
H3 200 cbElements.css
s0.2mdn.net/creatives/assets/4615943/ Frame 9286 34 KB
5 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4615943/cbElements.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05a9031454324dcd0150aeb877d980bfe8bdc132d39f87dab9623994e8e1f6c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:24:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4706
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 08:50:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 10:39:25 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3223 43 B
215 B 529ms
176ms Image
image/gif 2600:1f13:800:7780:7b33:7507:38f7:f5c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=276d3798-5fe8-c6ad-52e5-25c0c7456048&tv=%7Bc:lmgdhy,pingTime:-3,time:60,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:60,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B54~0%5D,as:%5B54~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tMZRzJu+11%7C121%7C122%7C123%7C1241%7C13%7C141%7C142%7C143%7C15%7C16%7C17%7C18*.1475223-71249285%7C181%7C182%7C183%7C19,idMap:18*,rmeas:1,rend:0,renddet:na,siq:20%7D&br=c
Requested by: Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:7b33:7507:38f7:f5c1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:53 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3223 43 B
215 B 520ms
174ms Image
image/gif 2600:1f13:800:7780:7b33:7507:38f7:f5c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=276d3798-5fe8-c6ad-52e5-25c0c7456048&tv=%7Bc:lmgdhD,pingTime:-6,time:65,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:65,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tMZRzJu+11%7C121%7C122%7C123%7C1241%7C13%7C141%7C142%7C143%7C15%7C16%7C17%7C18*.1475223-71249285%7C181%7C182%7C183%7C19,idMap:18*,rmeas:1,rend:0,renddet:na,siq:20%7D&tpiLookup=ao:newsvidex.com*&br=c
Requested by: Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:7b33:7507:38f7:f5c1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:53 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 091A 0
20 B 121ms
121ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcZr1ZFPbZLK0E-mOjuwPzZmCoAsAAAAAOAHgBAI&bg=!wcKlwpbNAAaiGN5Pghg7ADkAdvg8WlA0vilUKmr-Ul49VUqiM6fdQQHhNpCNdIim8KR--3Qmg51b3OqSLbHL52cyDH-SsY8I-k8CAAABT1IAAAAFaAEHmQMRxOXhohtJ5c9dXziKGzqHq1007DlN8QIMOkHXakUPS8lIVzfOGq6h0hqqiQJ2rOBvujpq6B2dH-tAav_MiJi_Sp3ye81pgJbDIWJIwYzXBgNA2rOzNk4yFgNQ-E7HBehjw7EX01EdmrDUmUAbP8GsVsOH-EK0DYSSS5_4HNzbDtHYRsSNVbu6e9jowXaZazSTHM1qGnb0E1UUVEDgqe6KnycnEDZPkgQVHgs0iQsy2RjMw5DA9M8WaVQJj3YR8W7nvIwQQ3bqHiJJGAKWTZpAUfyTodAJcEqETwxaiBWxBMFuAc2VWfrVwNQhNkkJAOW4uz2FCdYlRLsz8bNUnrUZ7Z4TgA6YsrHRwYem40OW-zgSO8pXkx5AQwaC1lFPBe9YhxUX53Ezq_5fyzPyFu5LEUE5y9TLeyO_Q1HlbQAMG9xLqGxC8pZTJUO65bSSHD1-Ys2Sa3uXRtN-M0h-pGI1JyKPnB3AhFdctEE4fa0bELOHGsTXdynMQzuVNTMeuoZXzrxzmkFLFvN8LG8EIboGHRSqR_VgJjfTxySRxnnPbvYW7vjxSfeuBj78D89NDwUhMrTdyFAZXglr242idT4rvV1KxQgMC1VVwOyf3PZtmaVelnTr8XyGMSmlItMzIdvHb1fU-1YHJGbopL5wU2TDP0Vy6lc1DJT8U5GJ3P6tcEl56XgNZiOLHFTKOtDVcZdLg3M4rbWtscpzKoV9N5EW__pCZNQNcsMeXUtVbNB9XUk4_iooISPFRI2ae1HxqGnF9xpInpk1dj6cOmMDljqWYojgGJluBDU7u462AdONMj_p7J2UC-avSShrOp0aLf8Burd6wEyAYwLfVxfO9YlaZhvuhcnIR0_IcKGrvClBEVP_81FmMb8dssPvXmzySrMtFZrhbsg3qi5joqNP7gAc2wDGpCHYb6K1Q8Rd3a337DmEEiwotiZrS8bA69BgSibynX8In266gNo8cRbpBjpJsBfYuBIAu3hBwCZLeqVLMYqPfoh3pHgHRsWf_v-dfDD4zUh0cTZ5_w8b-H5EYYnPam0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/ Frame 80B3 30 KB
11 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AncX9R08laAPLeycqUV8Wc4sSh5XXjlAFPNJloHFStTWwEf2NZ70mR3HSM5wKldb-R1QL6LHFqHlihcCHxP7gQrAhXuw&cry=1&dbm_d=AKAmf-CimvbgEzYJ4xDrLyCGwCTFlTwEThtFYDx_ojw3NXBlmaCs2lsAVJGS7TwChD_wotphyuG4qlOO4umB2atViggpCoFEP7Tt6U_f5cnwoj4xXGeByrF9CUe5wZDKyRqJptydVyQayFbhg6wshnbKXk7DBgBiNzy6AZQ2l54ravfGK77dW0QoNGW0tXv_UbLMrtBawBguxAL4HGJzobgKUexc6ZDU-kUHQIqOTaOven04_FURBcnOVpN6Cgtr_UADaqTHrSQwlepaQ33-qWWevdeGa2t6PS3nuWIBB-87puXsZIU5LQkRjGIfdcaphy__fiJkrmorT2SJ2blEhPc248KTjF88ACGnn1FCJcF2NBY4RNFb0WgoWnGBZZq3uk-h_r9G4rMgU2aqP5HMDu8zK2nPRfJrvDuuPjpeQ-0ivaugmhyqkNeWUlTxQfs8gQUMXHx03bSsnVHTmF8xfJLRWeR4wztFdq8bDNqZ-yk3NX_P5QM19rix8CJkyb_9sFvXG0vKU1Y4qXEo1-_u843aDGKPaz-OXgUYHguOFpXZcZYRKUJjQhNy2foScTjiljqtOq_MRz3Htgo_2EtBgebvcHXgM4hPngxWAGdeSPGs40Lzqw0UjYQY3RR2-xvUekzjfoPB1YHui4WAYkiY6R3gK1USnj_u3NZ-heeiOw_KABAk6bGs1B0F48xpNUIM5zvyKxrsuArHwiAvEDF0wGPOa1Afp-mVBs5mUKuQm_GICQvkZMBepeDg9NIO3DLpSbnw5xV06ZhTT2HGHmi4ZRTA7XdjP50zJAR_TrCbrxob22h9zbLgv47ivtzb7UqgtS5vP2chgZM4HSTpQuQ0eYncPkfdIUtxfdHDixiwPXMK1wKJdkyrXq-sjbA2NdENUbtRK3MLz68UhDZIdon_Azj8BWUzfRmfNi3gyz5fo8yAl1axEftwIwGAdTjgqST-tTpFHDu2RNH9ciXmVZ0ZY28N-53X-sn70eJF5C8CwqRNP1wfXHFiY7SQZ5A3mdQmdZ0Qj8h2T_CU7j5e32zSH0l19Xe_OOZIrg1Glhv6LO0-_dP31AqQOPsFpW8mpHnWbBYQjZn0vYEhBRrP-pATcApy5C15bFzte3tHbD4KgoIkqrGdRYbcynvIM_16Ia3MHMr1z1OCaRbUhkHJiGHtGamVpRLwVTFFWQSpt5nL89BVZgZpkdz2eVy9jQc68Qirc8m0vGo3caub64KQAX6BtoFWdblmoq60Q9K35v17GbZDsYRRJd3I21X6CzINS-KcriTI9O7t7u5Nb4oHdyZwAMZ2U-x5dr_1Fw5tH_KXnhGtBn-IwhnJhfHAufBc2YDYVXKI4b_tjybJ4BPvI50AY54U220x9gBoFxqlS46Liipf-3cHT_3f-xGIEhTSKUdEqKNExVnM6rvOskPJ0cUT_ayRv6SCyY3DAUpejMGQNVqL0rJAViDwym-ADaL7z3RcgmGaVHi3yk8l_UBOkpPb1932Xwai211JsnkjKjV-9DVAf0Vo--Ar0Ka8t58MoQ-AWtk3a-I8FfIne73xdx666i2A1Yae95wZcBRbrQNM_jVXHhpy4BpFk-jaS-2fQvUyyfVAqTXMupg41inwhyKom25HryrpzavJWcXJlYMhjw7PZT7s55LMHvMf431BAY5PkKna8rAIGvTXRywwajkL_TUa8fVORsDhfp3cfQ5LANGyuBU9KeDbQPOaiWy7F9JCrpLE_u_GslLOI33_lr2fum2t7T8obs5Jv4wgLjsConuKo49xAVuSpB-NVms55Pafr7qoQD8k8AeW9DFE6NMpYYArQPQaGNfVUPtvomlU37JOtDpfZtPs4f0-wdiyUGibW10-T_M-H8ZliYVIn13dSazwH9JvpRRHwAqGZkgmLsSto966216xiV8g5kL4Vc_q0ulCtq5yBYdeNI-U_5zgkuILePg6UqLbc9KQ8TSvw4GGj1kPS2E3pIDCeUU5PdR0kmS0ImbY_hkZ-S1pSeqP_xf8PlAOA1m7XAaYd-ZXRwt8A2hl_GIbW-fbRivDYi64skvjirOJi9pvnGknLuZQ2A_CbpOrBw0eHjPJ-pvgNqIMcrB8yb8qNY4IWtpEhDrNtIp-tgCyI3Umfh7ARgWTy1tyjya7IxEeIrQB_6vFwvfADJHY7iQblee01xbXAqP2-YkG1NHeC5X-lljV6QoRBNDhBaY4T_8CqpFO0PqLaYT1_91JwGsE4xI6_pk2n8adsWqhEHTQ_hceFSxZX_-3qFsWSVCxsabkbKKEHrlbUj0BqO75vatVyDEqeOS8-3KfNzgYAjvPM4c1AmWZzi21dxp7AIvSE--1CwcJmnHIQ19Lp_CeokGPyTQtsRl_bctVkV16-3J7sIPob09gACOvdEZo9tzne9MIuZvthSfqHwaBt5rIjM01Bq745enhs11JKmkapKPLesKBw7_Ezqq5uDe-6RojYsSfwNpFju1_4ITdbbcvZGGpJbitIljgewBp9Hnyp4fHByKwZcPy21EbMGIKwB14LmBBQ6-abksa_ExDF-QjzYrXRdTEBq_CYeWWxLelz4rdXzFfdac0ihcFaYqweKTagFoabq44Nup-seuFMDoPKE8yKLWf-2hx5qgKZPcxSMDQq8-ws1ioiOeAm2tWBUt2d0wQQhyzyZCTCKzx-j-rPb2LyVLhZg3XQ3WzkX4DQbz3gsfAT-7b2Qs4QExGK_Db42TrV0FxVx3i7k9AcctttHFcRlr19ukZ2_DLZxv_aMSeeF_dMM13XiEmftHDCwuZuW0-_JfgcW0RctYT3bB3vUJl9GMt__beTSO7KIgxH6aSTPf2Dt_ozbFETW4OqoC9qcc2pYfh_73W_-PrgRXemrLG09MpNR0-TUWFhaWq1gDEK_c3wt2TOKgI1wzVbueF04xuU33QigppEr8dbcmvAmNZMxLmdTwKE4jNb8BfvGfj2mujUKJ10ci_eTVZOPO-5p5PW58eyWDTyYDfMMoVw6SCYdz_wPiYF194Lqb6LfitahPGB0KzApNO5Zk5QuhMnZsZH7QM95LRYO3BUkI3PaBxRTqdSpgvB5bPb2kJ4O8IE3URIVhOoP2qRxVP2U3Z2drCgTEaTTqtwNZz_-IQZoFaSIjaU5ft_5sugCY8havpql1-fLYrfhJmvpIrY1au1RiQRw9cqMKZnDNmgBzMO08-_aC5v8MoDw3vI_7SOQkP__JsiYVEzAFYRkI-QCqicVd4Lm-C-Q_Hn0acEFpIB9IQRnPGxvtHLzsIKtU-JSedOWrNOnUHf93QHG4z_o-s3gUXfMCMDMXxMq-ovjxfXtoyVa8DkHOGoaaigIA1wYwlFcUrbOzxTLOVK50dvi1bCUJqCnDq-wzBKAf33-2Cu8jWRNcRD4EkNGwoFSyuJhFqtARKVhgHjjFsU3sgYMN3fTNHUe1hvSH4GzIwJnfiT-OY-N5222TP2TeRUI1pW1X5NxFcL4v82AuKVPXhdxxa_40LM0L7Gh9k5duLwNTSCQW1gNiKD6r_E8UI_FRKGnC7CjuRDp1nS7APJdmg2431xsynJ-vdmjxu1oMknO6vaoyHiy8&cid=CAQSOgBpAlJW7sqaZ4gFvb8VL5RDVhALwKqjtOOx9bdaIZQWwqJUsIVNHZ0WZ8aPjdFWez76V2AUt_tWKQEYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fnewsvidex.com&ds=l&xdt=1&iif=1&cor=4264485767941120000&adk=1268836065&idt=109&cac=0&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d44eef42468aa9860e7e4d534a143260ab1d102607635a2f30483d0c039686f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:39:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11540
x-xss-protection: 0
server: cafe
etag: 10407724091878522853
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:39:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/ Frame 80B3 11 KB
4 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230810/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 14:39:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Aug 2023 14:39:48 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 80B3 0
0 66ms
66ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlvM0YrPThR7JIDa0XwiTpc5CfpUKUhc_VU30EiXUDnz4X6X2dwr08ws6FRNnDGBRw2ccE1SYWPk_ZxJBw4Fprst_UZsKrnM8cfSM8Y9yyZQwM6MI0YA8GqRBt9HkGRh6EeI04XduGOlbNlkpiDF1DpGxVyMl0pSh4oN_rMuE6Ck1DOHZhHeBxofffNYxNdK0vfMbcTg-DJkBZkYZKKcdaR3-c_YpmtTTY2j-HZkP1adpUglLxojNCbOk6_Hd-4vUALIibdzxNEM3U6EKoTwRat54Xf_edkiHmECMEyDgEMzhd2RCeUkTZkv29ok09J_t19KcMreJYLkpEWyFR6bUXmyIlErv9sxU8Z6WXdrm2gic0jcBafmooKjZYqEvwojayx8caXoD1VHCjdhCyJ4xRk5uaEykZl96tsizewIUYPD3hAVXeDg0OPtpmnj5Jdcx1t_RMGMi3233SUZMD3t9BlOEl0su8eSUtkcbpzBDxMXgy5Jq0-zy-9fnP04ChveP__EhmVcJvDDJjUks8jpisz6UwRs2RbAVmbayvVYRpcGemvrpLiQ6vfmzmGqIyLNt2toNYkn9hGLE2jq8im0KzHpsK5Xz_l4DBKDKfwElbfJQSgd1ogL-Yx4iVKKK8W4ed9WwT-4-W1qMEH0ekctwF9DeEg_7085PsA10A3HEhYNflBQgWxTUei6OLl9FuvKShooI64S_HFmRtSYIo3ZPZJE9GgTrnt4Uo4e8M1Ng51yxsn0Q3DoKXQ_Wn77YzlMx0vlH2HQN6b6XijVW0bK_djcbTA036KZFOfmItaMxHOIzWIHdHSqp7m-bDTn34WywfpbI_BXIQ2dKjYAk-YgsGkdpye74sWBI3s-ue_k9hJqt7onFOuR7c4bCeaPHryrOHGZ96wUJvwzbHUj9ECa7zAfg9BeP9u0Q0g2vsqZjeHVeQ_8snHAlTUeRYZV0iFbDELdAuz_0Ti_YgVWqXgUJW2ctCBgqzIrXQePukClup8AIrDHPuYF3aa2H3Ki8_6EsaPlmLnFh4H7wo3YD_6sCqnca2H1L8oayZyz0LhcyZGgOM6ENoWpKbOMAOU4Y0sQcOrFnCV4LcHuE1-7zYrBwdmYlI1ihNc7I4_cB_ZYJA3dmgJQh-hoNOc0EXc9ckTN1XIcbBEfDCDuLypRCgVzBKZPNwFy05sA_7uJbgNSCQMVDqP1KiKLLTagmpoVgdbe9oeOANUsQ_2C0v57cf8g_g0kJYr25-B-lSQRc4-wVHCvSAjA-rXoCoK3GK-L8h1lNWSWdd6RHUZQVIPS3eKQRt0xE5y_FD1wk1DLkaFiPP0imkwkmRp5WfxjMyDE8&sai=AMfl-YRHMZ639XZlZy2yuMTO3-OyYSFqlGnuUmDa9pgB0FnoXQp2EP5VQ8AS0NyHgi63_fT5LHz4pjsjbgfRn1H-EHA3gxQgb00ng40PUrgaZMjCK6006QHszksaTWva6gMTHCi--3Uh9UaSZUppg5Bh-1Ut_RXirApP_HXEOIGP6SyIQdJlITnKzbauF0jZcUL5c3_NlCSh7p6yu0xOMQnrjqL8prCXQoK0KwjfIwSrIU0y_nuD1hc2AWHwMNT3wdtA7WqvNH36XEkxDNj-YOILwUUIZIE&sig=Cg0ArKJSzLLS7M2xz9gJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20230810.35404&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 15 Aug 2023 10:28:53 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 15 Aug 2023 10:28:53 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 80B3 41 KB
13 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 18:14:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58453
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Aug 2024 18:14:40 GMT

GET
H3 200 3808754588835900353
s0.2mdn.net/simgad/ Frame 80B3 27 KB
27 KB 22ms
20ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3808754588835900353

Requested by

Host: 4c7273966160223132d25434d861315e.safeframe.googlesyndication.com
URL: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c75e240b625f6a72433e28a783349a5c304dd88b7d28827c5149f5e017364b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 19:41:55 GMT
x-content-type-options: nosniff
age: 139618
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27297
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 06:32:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Aug 2024 19:41:55 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3223 43 B
216 B 508ms
173ms Image
image/gif 2600:1f13:800:7780:7b33:7507:38f7:f5c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=276d3798-5fe8-c6ad-52e5-25c0c7456048&tv=%7Bc:lmgdhQ,pingTime:-2,time:78,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:655,beZ:656,mfA:658,cmA:659,inA:659,inZ:663,prA:663,prZ:669,si:674,poA:675,poZ:697,cmZ:697,mfZ:697,loA:719,loZ:721,ltA:732,ltZ:732%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:78,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B71~0%5D,as:%5B71~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tMZRzJu+11%7C121%7C122%7C123%7C1241%7C13%7C141%7C142%7C143%7C15%7C16%7C17%7C18*.1475223-71249285%7C181%7C182%7C183%7C19,idMap:18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:20,sinceFw:57,readyFired:true%7D&br=c
Requested by: Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:7b33:7507:38f7:f5c1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:53 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame B464 37 KB
14 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 08:52:09 GMT

GET
DATA 200
OK truncated
/ Frame 80B3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c799addff8ce46fe79abbda93586a33ee0ca4ddcb4df3a567d7cfb7a4a08c401

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 dobraslab-medium-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 9286 11 KB
11 KB 21ms
21ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3512464/dobraslab-medium-webfont.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4615943/cbElements.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3304ebafae2f97adb0f5d016454298a110bc449f68cda9c1afa3e01a325963e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:25:07 GMT
x-content-type-options: nosniff
age: 226
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11356
x-xss-protection: 0
last-modified: Tue, 15 Oct 2019 14:21:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 10:40:07 GMT

GET
H3 200 dobraslab-book-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 9286 28 KB
28 KB 22ms
21ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3512464/dobraslab-book-webfont.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4615943/cbElements.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0129fef24101a11eaa58cb3eab025b451acc53fb30a6dcd6cce7237b07427e2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:16:45 GMT
x-content-type-options: nosniff
age: 728
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28524
x-xss-protection: 0
last-modified: Tue, 15 Oct 2019 14:21:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 10:31:45 GMT

GET
H3 200 aebl____-webfont.woff
s0.2mdn.net/creatives/assets/3512464/ Frame 9286 20 KB
20 KB 28ms
27ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3512464/aebl____-webfont.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4615943/cbElements.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

609c9c8da515ce83f6dadac3fc67c7d3b9dd8ad6898eb9dda19c0b20b9a906a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:25:08 GMT
x-content-type-options: nosniff
age: 225
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20060
x-xss-protection: 0
last-modified: Tue, 15 Oct 2019 14:21:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 10:40:08 GMT

GET
H3 200 OpenSans-Regular.ttf
s0.2mdn.net/creatives/assets/3512464/ Frame 9286 95 KB
58 KB 32ms
31ms Font
font/ttf 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3512464/OpenSans-Regular.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4615943/cbElements.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/creatives/assets/4615943/cbElements.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:25:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59331
x-xss-protection: 0
last-modified: Tue, 15 Oct 2019 14:29:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 10:40:10 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 80B3 0
0 60ms
59ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlvM0YrPThR7JIDa0XwiTpc5CfpUKUhc_VU30EiXUDnz4X6X2dwr08ws6FRNnDGBRw2ccE1SYWPk_ZxJBw4Fprst_UZsKrnM8cfSM8Y9yyZQwM6MI0YA8GqRBt9HkGRh6EeI04XduGOlbNlkpiDF1DpGxVyMl0pSh4oN_rMuE6Ck1DOHZhHeBxofffNYxNdK0vfMbcTg-DJkBZkYZKKcdaR3-c_YpmtTTY2j-HZkP1adpUglLxojNCbOk6_Hd-4vUALIibdzxNEM3U6EKoTwRat54Xf_edkiHmECMEyDgEMzhd2RCeUkTZkv29ok09J_t19KcMreJYLkpEWyFR6bUXmyIlErv9sxU8Z6WXdrm2gic0jcBafmooKjZYqEvwojayx8caXoD1VHCjdhCyJ4xRk5uaEykZl96tsizewIUYPD3hAVXeDg0OPtpmnj5Jdcx1t_RMGMi3233SUZMD3t9BlOEl0su8eSUtkcbpzBDxMXgy5Jq0-zy-9fnP04ChveP__EhmVcJvDDJjUks8jpisz6UwRs2RbAVmbayvVYRpcGemvrpLiQ6vfmzmGqIyLNt2toNYkn9hGLE2jq8im0KzHpsK5Xz_l4DBKDKfwElbfJQSgd1ogL-Yx4iVKKK8W4ed9WwT-4-W1qMEH0ekctwF9DeEg_7085PsA10A3HEhYNflBQgWxTUei6OLl9FuvKShooI64S_HFmRtSYIo3ZPZJE9GgTrnt4Uo4e8M1Ng51yxsn0Q3DoKXQ_Wn77YzlMx0vlH2HQN6b6XijVW0bK_djcbTA036KZFOfmItaMxHOIzWIHdHSqp7m-bDTn34WywfpbI_BXIQ2dKjYAk-YgsGkdpye74sWBI3s-ue_k9hJqt7onFOuR7c4bCeaPHryrOHGZ96wUJvwzbHUj9ECa7zAfg9BeP9u0Q0g2vsqZjeHVeQ_8snHAlTUeRYZV0iFbDELdAuz_0Ti_YgVWqXgUJW2ctCBgqzIrXQePukClup8AIrDHPuYF3aa2H3Ki8_6EsaPlmLnFh4H7wo3YD_6sCqnca2H1L8oayZyz0LhcyZGgOM6ENoWpKbOMAOU4Y0sQcOrFnCV4LcHuE1-7zYrBwdmYlI1ihNc7I4_cB_ZYJA3dmgJQh-hoNOc0EXc9ckTN1XIcbBEfDCDuLypRCgVzBKZPNwFy05sA_7uJbgNSCQMVDqP1KiKLLTagmpoVgdbe9oeOANUsQ_2C0v57cf8g_g0kJYr25-B-lSQRc4-wVHCvSAjA-rXoCoK3GK-L8h1lNWSWdd6RHUZQVIPS3eKQRt0xE5y_FD1wk1DLkaFiPP0imkwkmRp5WfxjMyDE8&sai=AMfl-YRHMZ639XZlZy2yuMTO3-OyYSFqlGnuUmDa9pgB0FnoXQp2EP5VQ8AS0NyHgi63_fT5LHz4pjsjbgfRn1H-EHA3gxQgb00ng40PUrgaZMjCK6006QHszksaTWva6gMTHCi--3Uh9UaSZUppg5Bh-1Ut_RXirApP_HXEOIGP6SyIQdJlITnKzbauF0jZcUL5c3_NlCSh7p6yu0xOMQnrjqL8prCXQoK0KwjfIwSrIU0y_nuD1hc2AWHwMNT3wdtA7WqvNH36XEkxDNj-YOILwUUIZIE&sig=Cg0ArKJSzLLS7M2xz9gJEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=83&vt=11&dtpt=81&dett=2&cstd=1&cisv=r20230810.35404&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Aug 2023 10:28:53 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 116ms
58ms Preflight
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 15 Aug 2023 10:28:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2023_07_Back_to_school_design.css
s0.2mdn.net/creatives/assets/4945525/ Frame 9286 19 KB
3 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4945525/2023_07_Back_to_school_design.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af22380d5deafa05590754ba24ee155d3907ecedab1a14439ea2d9dd4e5d84ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2528
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 13:57:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 10:33:16 GMT

GET
H3 200 factSloganSplashV3.css
s0.2mdn.net/creatives/assets/3782803/ Frame 9286 4 KB
753 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3782803/factSloganSplashV3.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e802095e892c6b9193c1918d778b61eae8d12e27f5320abadd90436202ee2053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:18:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 717
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 13:38:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 10:33:43 GMT

GET
H3 200 factSloganSplashV3.js Show response
s0.2mdn.net/creatives/assets/3782803/ Frame 9286 35 KB
4 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3782803/factSloganSplashV3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbBdsV2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6335acd39fb5e7657ee3d854e2a92717c6326955dc8615913d1aa3b2f82bce38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:19:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4454
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 10:21:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 10:34:58 GMT

GET
H3 200 index_atlas_P_1.png
s0.2mdn.net/sadbundle/15666339272179623673/images/ Frame 10C1 19 KB
19 KB 21ms
21ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15666339272179623673/images/index_atlas_P_1.png

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9c646d300f58c46de0e4d1028b3a09a9b66dd7af4fba8620dd92706825659e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15666339272179623673/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 07:28:13 GMT
x-content-type-options: nosniff
age: 270040
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19918
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 11:47:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Aug 2024 07:28:13 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3223 0
0 60ms
60ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstlIa_vKyd6EKGgOw3cjqOD_q563j2B6frWZGO8xSCcotfItZ1yOO8CZFcTWdRzLZTgzYsuBWIIbeYDllXsrb9C4CJzq9_lRgUrawGHX0ripfsawIBP_RwxrQnvAGMwDRVJqSLgAlKkL2-9BDRUAcpCzGbLSfZFIhX123UPrCsQtGESAkmApU4UHlyvHAw1dxLVS2ylrwjIwNcr-1Lknez3ALaqIRxhfYaisOXQsdRz9h6FzhV-FOwH5DsR1e_0piMfztjikalbFqNkLnbs0g5nSo3KbjBeLZak7jVltxF9t3A_SlhygTlA6gswehVk_aAYEtf9Fitgp_-KfwLB7tCty-YzjdHn2AReT5UJt-p4r4bzJNLhJJvhKeIQOIkJIC--nGhKcfJR6dcY4r8os6tFP9jjKrohLXeie1NTJQDOBjwrWZgyC7fSeEm8T3jMdzTlSFwqGO-v9Y-qiD18qscNEz5e6-7_NZFPlkYY102nhObaC5zhYlFVD1veFzBYO5lJdtOxU8pjAwrzwNdmlAyl0pci3RTjjno_LqGlPUG8LaNAlkmk7bf3H6T4sHUqejrUA-c4DIIGzTOup8x00w0qpDVrkbJ70FUzVCXFrPVR6BiUzgY--4UF4TqKsahvuKjannHEFa3DO1K1lNcctiwUMr_Sq6lwzqETlUclxEfaXWOLtgs1I-jjLwahdohOLMGEt03X4AFykvX1JT49TS-iMK2KtaZcYF3pIcqsNYaUs95Lxft-Jj7lFm76NHnZZkz0-lDNa3Ky3fv_7beJIrTNdkz0gIF_thK9EzQuBeDgHoCYCbjDsdBKx8WZ8yBbKyoFqW2eD3Ig5U2XyYXAuHKm1hQeq8FOKoWfshFHnnO-LoPj2Zt9fi8-LUuboz7z37qnwaJpQbZk0mKsASWKwiHdRQ6fVeK46_B1C4y1Yi_PcqN_NGIJuFUGbY1iZhdYF1Z6nRpLQU-t83G_hXlalqq7SoMqPL522p81qOnaQsqQGxuK4VR_bOKrxGP7SswDd9YQ4z-a1-UslKM17uuraABV1UBcYz321RvGS7VHUyO6p_e-AqjCJywLp2niw_Ze7TXaR9TNHgn7bRzl4MNqUU__eNEJPeJFfJzjCkjD3M5UHKWHWzF5KKisFXXt4x2GdW3UvBNObyH5R58RZf-OumO_MCd3FCB9abEUFtC-4B7gm577QeEg35mFKDJONWiIz2aPUui_NB1LxVix07kOhKVGyckL9rEXLWhJj4oYhFdChApc9MoDr8lDIx7y2mhECNBWbO0fqKx1c8HLVS4c&sai=AMfl-YSExkKV7YN1EVkoTJ7pt_C9VrI9YoVjnUOzTjE_1qsxbbcerAbdmXzLphM0ViKB2iecPO4aQxuqsvaS2OdS0he5xH4vV4BVYU2IPGijM_L-0UFtb40ClkqUNC_O7meXzRGbOvP44kBQp6gBLVh4qwTM4z7JQRa1Bny_k5h0skLxVESKMNpCNgll6-PuqPxCDfUtWyZoMO-L0LaVbB3t2ll4IiiURbBcWTYIpZq8wwD5UEcpk6fjYruzNh4RQiuWsViChg9RlGnb4xmrfkvwJ-Kh4mbTmP_W&sig=Cg0ArKJSzKV9TBCl7GR5EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=426&vt=11&dtpt=288&dett=3&cstd=135&cisv=r20230810.04252&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Aug 2023 10:28:53 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 54A3 22 KB
8 KB 19ms
18ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 128922
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 22:40:11 GMT
expires: Mon, 12 Aug 2024 22:40:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/15666339272179623673/images/ Frame 10C1 87 KB
87 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15666339272179623673/images/index_atlas_NP_1.jpg

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5de2d117e118b18fe29937bb19e5776203b00f6c3836de57897efba0107e58d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15666339272179623673/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 16:24:32 GMT
x-content-type-options: nosniff
age: 583461
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88718
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 11:47:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Aug 2024 16:24:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 122ms
122ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308100101&jk=3889811211081171&bg=!JSalJnLNAAaiGN5Pghg7ADkAdvg8WrhuU_iorADHPynaHnD-cJlQc-zlVYbM6St4EuyMqGyYl8kdresH7rKFWuMwTfkjKGjJEtICAAABR1IAAAAEaAEHmQLLJDv25iiD2noOIEhdqaBa0hvX-2LNFTvoCJ8lQNB3RJTXH_DiGJIS7qWgYGbvs06JkUUbG9iIg2M8oE9lUz4R2ONIgMrMzQpXZK-tzPnM97U_-ZotiKVI_9wtFOldAr3s6RFOYu_0MU68s8Y5IeVyBsKadOQuAKsJZ-UukdjhHTIPhCZi0NiAi4CGnccRgVbR4t2we92XbB_x5zElvKYXcsgpCMHnhPK7FGPNAhLkSx6NdF0UwArLqDVEwMjtZWQHnGTpXEgHgexbQb1qf-ygc9rdzXBMOzzCBDWKel7YX97yhcTafipQWpQr01VMGBAoQOTTibwEe_fMw6r09z18AnFDh4Q3FhvT2sBn2ezMz46YMpAUF_vytGRBNmGVCScJjLjzxcZwqhefY8dj_1lwIupnBJmJ_u5B63_FhON54pfkYIGitvErmuOenBMBeZzP4A9nQYqUVqKDsAb0CIUhWnbAz0IYZuh_3csxBohiiZhlkHtsFtEXVArWQFHN8bq_2oRjI3yjeTO66o5Ipy6xV7Kw58b509QGzsd_9fQc2X6p7gcTrqtj3Dln_YBtIG3Ex-Xzpn4jD1G49Yw5C-loLoKimBFs8WQH00CfE4IDbKnCdYnCH78fHBnyTQKl7psCctUKM0ROPWsMDpKU0EJM45dB08XRS2nqRuBDZ_-8F2mXYUz1P_877fcy7RKHtrNJakZ1OgL1n9IC403EV_ATNc2GDV01s12CqRZzP_QwXUuA60F0PTKcDOQ7OaMQY9pg92qKZ5gntZZkr1hH2HDWv2MkdbcXxIXmz0RuHa2w5yTY0IQ9KGEn0cBZqiTD_vJ89iNSTmNr4_FKr6s7BPn8DUN6vII8o_7bgIKO8e9RrDvHe1k_D8nsCGKmGfe5AwKpVmEcumPMjz7mxMJk8-H1Ft8GhGm-36ZF7mAYiQx6DeVe753TUDItr0I1RA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 CB-logo.svg
s0.2mdn.net/creatives/assets/3782689/ Frame 9286 5 KB
1 KB 22ms
21ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3782689/CB-logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c1e6e3f592d8c8b63e2b543ac0ccbae369ddb4604066dc97420c7a1d586ba8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:17:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 693
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492
x-xss-protection: 0
last-modified: Fri, 12 Jun 2020 07:30:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 10:32:20 GMT

POST
H/1.1 200
OK u Show response
events.kiosked.com/ 95 B
458 B 60ms
60ms XHR
image/png 52.18.159.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.kiosked.com/u
Requested by: Host: scripts.kiosked.com
URL: https://scripts.kiosked.com/loader/kiosked-loader.js?site=17805
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.159.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-159-223.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: ac554a4ea8b34bbb80db013e14be195ebc986f82f24e5b18b0ea9032ef561f57

Request headers

Referer: https://newsvidex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 10:28:53 GMT
Server: nginx/1.4.6 (Ubuntu)
P3P: CP="KIOSKED"
Access-Control-Allow-Origin: https://newsvidex.com
Content-Type: image/png; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 95
Expires: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 4F9C 33 KB
33 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 278692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 05:04:01 GMT

GET
H3 200 CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js Show response
pagead2.googlesyndication.com/bg/ Frame 54A3 37 KB
14 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CSOfw_hsnqCQOuvd9EdsMHEKKK7Q7ue9EljC2uloiwY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 08:52:09 GMT

GET
H3 200 CB-orange_percentageDot.svg
s0.2mdn.net/creatives/assets/3782689/ Frame 9286 2 KB
822 B 21ms
21ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3782689/CB-orange_percentageDot.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8efd59bf2a451b6137510fe256ab6651aaeb65b23e9c48a2d48cdd7982715304

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 786
x-xss-protection: 0
last-modified: Tue, 15 Dec 2020 12:03:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 10:38:12 GMT

GET
H2 200 publishertag.prebid.132.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 50ms
50ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.132.js

Requested by

Host: scripts.kiosked.com
URL: https://scripts.kiosked.com/loader/kiosked-loader.js?site=17805

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:15:31 GMT
server: nginx
etag: W/"642e8db3-16298"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 16 Aug 2023 10:28:53 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3223 43 B
215 B 218ms
173ms Image
image/gif 2600:1f13:800:7780:7b33:7507:38f7:f5c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=276d3798-5fe8-c6ad-52e5-25c0c7456048&tv=%7Bc:lmgdmx,time:369,type:e,im:%7Bpci:%7Btdr:158%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:369,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B362~0%5D,as:%5B362~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tMZRzJu+11%7C121%7C122%7C123%7C1241%7C13%7C141%7C142%7C143%7C15%7C16%7C17%7C18*.1475223-71249285%7C181%7C182%7C183%7C19,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:20,sis:223%7D&br=c
Requested by: Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:7b33:7507:38f7:f5c1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:53 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F6F3 0
20 B 124ms
124ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmZqGZFPbZIr9LbODjuwPh_-V2AMAAAAAOAHgBAI&bg=!1Nel14PNAAaiGN5Pghg7ADkAdvg8WgyoQkjLSICXsd9_CJy5To7NuPC6mCB12cMn4ymdu9VZa1jNTVjOX2FyInwhuEbBaeecoAICAAABAFIAAAAEaAEHmQMZTNt_v3kfdPiFRfMgAQS1FETaOjzzehRrrvMUty4SUfhEZkDjV5mO5R9uBSlTIc5x7lCJHxB9YHNMazdgkjNYpwRSiGj5APde81ePwY0Wyl3Q6opxatwjPQQQHDn7780RwUzTXAuS4IjCzW4we7BVz2kXUbpF98IX8SkjvRC35jsSPyYNONYvUZ8Yz5wAPthSTuABGAFvfs3014lyFbtj5ddAvsBQBFH7GEI-k2SZVv3DTEGrEGSZ2yJJfh06QLU-JnwkD81aUUzrqzFyUZXdKlnZsJMy62E_C5119HU6B9-01XHzeHrZPRgVHul_tbk46EncLzMAH9UVOfZGnwXOHSfbt1mz4gBHEfEEzBJhqLOBUVZIy4M_NVK6pqBwWHpx3b29smbRElGIj1cZU0yREfezKPxKk3WMeNbezyEj0HAwzGURCtvSNHul8J0K5EX1x7MW45wy-q4M1cJIH9VXYtT6Nl6PR6PeGKoay1qzcA-denj_U_JKoam6WJq_GGYSWv_MLYnh30Aw3wEPAOPnaphMXamlB0dcdLjHUyfovXQQ3Jv9HpvtV2aFO1uWDCgTQUAJfPft-SUyOt-Ew4yneU6h4MdDJfmDWrhl6tkAxZ2j6j73k1GJYSaK0ArttxmcAUuLI58mmZ18nouFIGMd4bp_ISQAQwnDPbqg6jwm1uYI6PkgvxNbGZjedgGe3zjA9T9u5sAvKzTJ4vII07coM3J7wFrKulUnkHwdCTEjn--vfQBMPEHyqgU-9ffEqVZ8ltO9Q_5K3zjyYyhANfH4j5h_6djliOSfW0mrwr6Rk1XdFDQBT-Pqzead3Dvp1XhhpPzKZPNA1fzeP7zUyZWgso_XMXX7TdfozKa3yZdAlTYX8PKLBDCZBNa-xrEUn-6IEB3rnmhPtrFLpP0VCq7UPZjjgbS09eTypwnFvxezTm0ZcDrkVEgxdf4cHTkTOau5kVRt2TFHCCe5Zwl-iX-wUnd6h3Z_4R7jFsZZAIr56ipgH3BDQn8hlEO-0A7_HNmbY1MipDTyz70PfvQV5qrBEsyUjAOuOnGxig

Requested by

Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D085 15 KB
6 KB 40ms
40ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=newsvidex.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://newsvidex.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 10:28:52 GMT
server: Kestrel
server-processing-duration-in-ticks: 1224359
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.132.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 140ms
69ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.132.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:28:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:15:31 GMT
server: nginx
etag: W/"642e8db3-16298"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 16 Aug 2023 10:28:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0F74 0
0 123ms
123ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308080102&jk=2615014209965235&bg=!cnGlcSXNAAaiGN5Pghg7ADkAdvg8WjiMpr-9wmL2IuNOUO1e1ydqVlS0pcdZJWp7xxyd_D6WnrKk7qjs3Fj36D4MTx1O2tnLCXQCAAABMlIAAAAHaAEHCgCZoSI3MYIgH_bWd2e2uh9cususrXDZ9Fk5rEPFTIooA97qg2lK-3vWvJkB327xpEmEfnXRVVXveOv0AV5obrIUyeybd6grrjLvbv5woUc6lPT6TMYNJZDN9_oymRB-n3NsG09UHEt5LY-rX6i9bW9fST6zb7Fz9XHX3wsoFbaFiuFkLDRsfQ-DZa8aZMs2QeZL8cWZQ0_mPMgqmQLb7jKG-bRX4QYd11lc-Sk_-vCSy1PHR2uDZdweXFP0Ygf0DlUXgZq8SYHzTwxwSykELFqmMpmylyKX4iAgnszDQUjFL2DCwY0kJlRY-71GyCGFa89ThJoraS4lJQXIEKotaZTab6D4V11EfBNlf227Ty713x_VnkVupNM67H65Nnuh2ZoTjjALfnnwMfw2j2jPRVxX48OZ-guZQ5pUBZ-vYBaZUzDfYU9_Laz8qGPyiJNko3otb754cNueIIo-Nbo953dC7i3BB28pU9Dj5sTNAhDFTKY0l2lM965ywhGcFGKhRGQjsxhiXt1rH8ntGajBolSQal97M0rhxWPE2wYIa6bLWUKY0z_PYdmSu1lkfehL4pjU9wcoR3uvMWsTQjPCW-nDT_YEQJcD1755vbKRy6V4KBH1QDCxZ4bKD1DTQw2g-PaWts2Q8X_RPS4it3SqqrK7Pij90kiomhntkOBKrVrohn6vevVdi4qB6SqEb7X2MP0QeD7Ci1EncRGeuZiinzZbZeTfkpezBwP2cfvMrHEmKarckmFyiv5kqcsOOACmDcZzCKHy-qH3vnjkBzFRKSW78TnKTco7sRmm9xYmcBSIzMl3LLUcwMU12eJgZw2xv8IRj2dPmzPnNzK20z3acNroxYbHFS-R0FjLPW6NPmc7nuLPWIVmhytgKlFD2vMlvOTqFdx3RPlRhAO0BExkDhHnIA-HYTVh9eUnc9CXCTwPZtbu3TvcbIfMjMBCSmGqib5KwRfJPzq8RLGm58zene5qyT2_UEW07AXUeVR69thlH-E8gfDdt2cCQD--7VVSmn4jTXI5HkvJeWVfjf7jEq4-v7EI91E-xWmoM_7sBhxxwnAldFbM70u_9Zw-vSCvR9sYy7xp0rn9QTf0PFFkpwyizo0vi8hXRDNJ6--eSG0bVEJEQuXfGzt2Bl-tQhSUUezrteUAsfxXae-U-z9B_V9VL2dVkdvaCQY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newsvidex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 05EC 42 B
64 B 126ms
126ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0yK5zCCnRivdF7UH-Sk8GJn8RmW5QXcshNTLvSVBEk3A8uXQPLfmtRsiBpnI_elCQtdpxTtQWhMsambbBfjpSFlwZCSCybR2SllQCb_1mYJdAbf_K5Sw2YyDvUJ-vct7ydurLzonk2FWk&sai=AMfl-YRc_ldh5-UR4AWgcc8iAteMZvfGAnZWCjVWyffr_-Rqx3fZSnB-mXHITasOPy3-kAXFTh9NsfwaHmL9Ilv67EdAA9C_GNiWT9JSIX2zeKKWEGPwhjzbpO80gwAPdgDCi2WTAJ2VLUj7vqYq9g&sig=Cg0ArKJSzNbdqAFUsEyjEAE&cid=CAQSTABpAlJWXfq5Axz46UNGRqGN5bRAWsMi8lE77z8wixuT5MQSJof2QG3e6VO6ydm9dcodeGqwD4tSIPVziVcwPnAGG79rIcMv26blKhgYAQ&id=lidar2&mcvt=1021&p=174,650,424,950&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20230814&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=843571903&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692095332051&rpt=496&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3223 43 B
215 B 250ms
250ms Image
image/gif 2600:1f13:800:7780:7b33:7507:38f7:f5c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=276d3798-5fe8-c6ad-52e5-25c0c7456048&tv=%7Bc:lmgdoF,pingTime:-10,time:501,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE1LjAuNTc5MC4xNzAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1692095333613%7C%7C1b60848c2c95fbffbc65e46bb386d216%7C%7C37d7be34f85ebd2dc555d2e13b92cc86%7C%7C74a42027d449b8d2dba7f07b79c5e935%7C%7C0ddca35b94fafa99e9b67843656af447%7C%7C06d5218fb0f6cc3d4e465753cc1ebfab%7C%7C81425763255a8d51aaf8159a6b8d5be1%7C%7C2c5e6eefb1086b7e21935e570bf92000%7C%7C1663701684%7D
Requested by: Host: 0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:7b33:7507:38f7:f5c1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:53 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2

200

sid Show response
mug.criteo.com/ Frame D085
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=newsvidex.com&sn=ChromeSyncframe&so=3&topUrl=newsvidex.com&bundle=bnKPml9uMGFHdW9kdyUyRm5tajhmWVNwYk92c0MlMkZ4bTdrMXNPM0t1NzZaQVZHUEl2eEJE...
https://mug.criteo.com/sid?cpp=q8WfZXwyaTk0VGhLM2NwcWdyS3pHY2E4K2tkejh6aE11dTUxZ3R1ZTBmK1M5V3AvNHZlM0Nwd293bFJhVEJjSmkzRnRKMUtac2FuVjVHY2JKaThmR2s3QWxXR2FyK05lbmxNSTMvZldhSFd6OWwxS3B0ZUNzT0p3OWYwME...

422 B
647 B

28ms
28ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=q8WfZXwyaTk0VGhLM2NwcWdyS3pHY2E4K2tkejh6aE11dTUxZ3R1ZTBmK1M5V3AvNHZlM0Nwd293bFJhVEJjSmkzRnRKMUtac2FuVjVHY2JKaThmR2s3QWxXR2FyK05lbmxNSTMvZldhSFd6OWwxS3B0ZUNzT0p3OWYwME9FZ3dTcmg2N29INitCeGRMaVBFMHNZMDgxM1hoRkNOblB5SytPcGlrN3hGMXRFZkpFc2o2S1NOSnh4UDhxTWVqVldMU0NEeUQvM0o5Q3VlaDJFWFdyZ1FiRHp3VzBNU05Ic0lCWDhvRU9EeUFIOVVoUzQrNDRabWxacEVWZ3d1anBQR3pDdHBTekxnN3VVTnRkenNpa0ZTVTRKNUVnYUlMeFhmMEM4NG9yMnJSRGt6VktSRT18&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f3807564ef36fe2eb9fc3a3fe34b3d0e1046c5b8be9257119fbc4aca288ee6ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:53 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 690547
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=q8WfZXwyaTk0VGhLM2NwcWdyS3pHY2E4K2tkejh6aE11dTUxZ3R1ZTBmK1M5V3AvNHZlM0Nwd293bFJhVEJjSmkzRnRKMUtac2FuVjVHY2JKaThmR2s3QWxXR2FyK05lbmxNSTMvZldhSFd6OWwxS3B0ZUNzT0p3OWYwME9FZ3dTcmg2N29INitCeGRMaVBFMHNZMDgxM1hoRkNOblB5SytPcGlrN3hGMXRFZkpFc2o2S1NOSnh4UDhxTWVqVldMU0NEeUQvM0o5Q3VlaDJFWFdyZ1FiRHp3VzBNU05Ic0lCWDhvRU9EeUFIOVVoUzQrNDRabWxacEVWZ3d1anBQR3pDdHBTekxnN3VVTnRkenNpa0ZTVTRKNUVnYUlMeFhmMEM4NG9yMnJSRGt6VktSRT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 340159
content-length: 0
expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 54A3 0
20 B 121ms
121ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BO-YpZVPbZLS2BfySjuwProWgmAUAAAAAOAHgBAI&bg=!v7ylvOjNAAaiGN5Pghg7ADkAdvg8WiGQvNbGO2iegBhqjIAaBu9qxdek-smG9gv-TDnIAcroC_Qq7yeG4KIBSghkwnuhM2RrbekCAAAAbFIAAAAFaAEHmQMuV6hxWWqcWT3KEoTEUdKYjNaCKrMn9n8v40TQrqzyOmF44l9nqqJ8liPVBv6yVEUJdONjUuMcSg4aDzZOk0OkSjGoYm3QyR7851Qiar8Q7IrbAd-UGwrh75WVE1gNYNCXV_7j0P8FBAs9ThlII4ABUaaLSln8XG3PQ_B8X6kQ-v29g5WFjHPgFSYVslLN3uaXT0MzAG-0UxvycaSMB9efymZPg-Xrt5EzCNi9b3H2YaSeldvQDb0ygLFSsvAcXPXqdn_aQqf1M4xmlVmidT3DhWQI8C36K0hL_nldQeKDUK9bFV8tivHroyLvlDuf8SCR31zb4jk-ppp9iX6zexs6DtGI_j0GfSxA_2EBlZEjorP4yu43dhuIAwKbpvT7nPPxILpp1-WwVTt33DxL9isD3xJHcUde3vBftUtjsEjY6H9weKaoej9IcDDhX5KWqqKn2fG3d2khUuj5z0-WftdHyjPOCxk4SnoYFckThleWaKMiu5m_Zzd9RjSWIul4KTImtbD3a4HiwbrZqDy8ZQ6wi0qiyssCayRGOUC591pxvnkALHYGbeEk7suz63G_oQjQZ8k74ZTQYw5BMMQ6O4PIpc7ehXIO2zVyQSlIn5kymjXJEdI52433bZoNnLW-2aW6axdZ1wTYQmHa6z4jIbFSPiMaNIuPFNvPy3MKWNCSkpRYBPmvoU-sHpv1B01uIGWHP05bpBzZYalCQRRA4asbM03tPCd5_WUkSAE8pLEz040hgn4Co5Bmd2Y6jPWhadd8M0TEZdyWZztuO2vdLXIot6uVfYnsNHOeazmyoBvQhhqopxrLqWvS6gkSEHOST-l8jT0tYFakipIfgqM5l3rxUwQC2-fEHo_pAjkD1WgQn3G0f4Ryyc6Vzye_Tij37BzJQuVmcmP2QY0lvkdX6QRG4tpuFFyDlhIHTcD5xqhu3ZRAJSDsbGdohNPVvrOHGLxq8S5JCyer6BP4oRGPbac7iTReFlZf5ex4-W9FthL3qiyFC_Zds_TuGj5Z4Eqecevf7MnquxZ9L2W69qU5tLRdj3r8mtzL-z1PAm-JR5IgpznL5XahcgHGWXtPXgzdcQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 CB-orange_percentageDot.svg
s0.2mdn.net/creatives/assets/3782689/ Frame 9286 2 KB
822 B 20ms
20ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3782689/CB-orange_percentageDot.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/3781309/cbLib.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8efd59bf2a451b6137510fe256ab6651aaeb65b23e9c48a2d48cdd7982715304

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 786
x-xss-protection: 0
last-modified: Tue, 15 Dec 2020 12:03:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 10:38:12 GMT

GET
H3 200 de-DE_back_to_school_2023_07_wide.png
s0.2mdn.net/creatives/assets/4945528/ Frame 9286 701 KB
702 KB 21ms
21ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4945528/de-DE_back_to_school_2023_07_wide.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0bc5c636a694ccf091f11463d62e7eee62f779f35948849c56defea47a62eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:23:13 GMT
x-content-type-options: nosniff
age: 340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 718232
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 13:58:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 10:38:13 GMT

GET
H3 200 arrow-white.svg
s0.2mdn.net/creatives/assets/3782689/ Frame 9286 659 B
491 B 20ms
20ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3782689/arrow-white.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ee73a11f7deaf542b5417e0fa5adac6d92212515da73813d552157337d25cfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18437164533219852288/de-DE_2023_07_Back_to_school_300x250.html?e=69&leftOffset=0&topOffset=0&c=icitVSsawn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 702
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 455
x-xss-protection: 0
last-modified: Fri, 12 Jun 2020 07:26:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 10:32:11 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3223 42 B
64 B 122ms
122ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvXPL-zJmLlstl8Shq525jWo1J4VvPNOF1Vcjo9LU1Ra7TOntTXmYklnMfu2C52xu276_IQbmSy8cQCEo0tSaWvmT0zAMulA094HVQXVFeRFbA2tpDF_XIHPyWgc3NEyiFxhru3nXwBEwLx&sai=AMfl-YTB_GOKDfNOYD75u8pBEAehqRUvbP8qTMozgTNW_Xk4F1ocsbqdMr54yXp645Q5mH92NmK-Yo-7-qOn7W68kyJiBTyyfIUL0qIolRXQMmMSETSTDhQXmOQIuIHi6juo4CY6xDWIjXxizDVl&sig=Cg0ArKJSzOkzrdRFIE6DEAE&cid=CAQSSwBpAlJWiqlk0r_orKTbNjoqLWdSdUNm-NsJAo5XrH8gfv2dK7AehfugH8owX_ppI0KDAUrpemrJz7dCEmV_VLQ1rl8lnn3mHSGhIhgB&id=lidar2&mcvt=1000&p=545,1099,585,1140&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230814&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2792757711&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692095332458&rpt=437&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 05EC 0
20 B 117ms
116ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6596079223734&version=m202307240101&ct=76&x=1&cor=211577310376958620

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 80B3 42 B
64 B 125ms
125ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstELHkV3EsaW5gOonAAYgE2Z1rOq5U9XjRGa1A6fwtAiDkwbUUkSRcX5PvNuzkJ8kAV1rP6OGYZzM4OU7EhcOoB1bIePxEbS3wu9U-9GPV8F_9qPlSlV8BrOmC_8iYfsh8_BN9-eRM08Kx1&sai=AMfl-YQs-x-adr72mn0q6qW0r9z8AWusdKywxaByAhwELMisSFgUpCVEX7FgHCQBusmZcMD_QgY7uPAe3Jhtczq0RyehNFOjc--uYKjDQY9_inGdEqkrMMC4SNd12Q&sig=Cg0ArKJSzNoknxddZ7ZhEAE&cid=CAQSOgBpAlJW7sqaZ4gFvb8VL5RDVhALwKqjtOOx9bdaIZQWwqJUsIVNHZ0WZ8aPjdFWez76V2AUt_tWKQEYAQ&id=lidar2&mcvt=1037&p=1110,436,1200,1164&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&v=20230814&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1243402238&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692095332817&rpt=452&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK u Show response
events.kiosked.com/ 95 B
458 B 56ms
56ms XHR
image/png 52.18.159.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.kiosked.com/u
Requested by: Host: scripts.kiosked.com
URL: https://scripts.kiosked.com/loader/kiosked-loader.js?site=17805
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.159.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-159-223.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: ac554a4ea8b34bbb80db013e14be195ebc986f82f24e5b18b0ea9032ef561f57

Request headers

Referer: https://newsvidex.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 15 Aug 2023 10:28:54 GMT
Server: nginx/1.4.6 (Ubuntu)
P3P: CP="KIOSKED"
Access-Control-Allow-Origin: https://newsvidex.com
Content-Type: image/png; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 95
Expires: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 80B3 0
20 B 117ms
117ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2376089388695&version=m202307240101&ct=76&x=1&cor=4264485767941120000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4c7273966160223132d25434d861315e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4F9C 0
54 B 278ms
277ms Ping
image/gif 2800:3f0:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~llc5vez5&c=134468866431&slotId=67234433215.5&qqid=CNqJ2Km63oADFUXJ1QodOrUAXQ&umsem=0&ape=1&ple=1&met.4=vil.llc5vf9m~vfl.llc5vf9o
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3e881cad55383437c91698a17d09f133.js?tag=video_mra/web_raspberry_ms_cta_adjustment
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:82a::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3223 0
20 B 117ms
116ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9176939800139&version=m202307240101&ct=76&x=1&cor=3338450261400651300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3223 43 B
215 B 173ms
172ms Image
image/gif 2600:1f13:800:7780:7b33:7507:38f7:f5c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=276d3798-5fe8-c6ad-52e5-25c0c7456048&tv=%7Bc:lmgdOh,pingTime:1,time:2089,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:19%7D,%7Bpiv:100,vs:i,r:,t:1088%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1088,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1081~0,1~100%5D,as:%5B1082~160.600%5D%7D%7D,%7Bsl:i,t:1088,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:257,fm:tMZRzJu+11%7C121%7C122%7C123%7C1241%7C13%7C141%7C142%7C143%7C15%7C16%7C17%7C18*.1475223-71249285%7C181%7C182%7C183%7C19,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:20,sis:223%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:7b33:7507:38f7:f5c1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:55 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3223 43 B
215 B 173ms
173ms Image
image/gif 2600:1f13:800:7780:7b33:7507:38f7:f5c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1475223&asId=276d3798-5fe8-c6ad-52e5-25c0c7456048&tv=%7Bc:lmgdOi,pingTime:1,time:2090,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:19%7D,%7Bpiv:100,vs:i,r:,t:1088%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1088,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1081~0,1~100%5D,as:%5B1082~160.600%5D%7D%7D,%7Bsl:i,t:1088,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:257,fm:tMZRzJu+11%7C121%7C122%7C123%7C1241%7C13%7C141%7C142%7C143%7C15%7C16%7C17%7C18*.1475223-71249285%7C181%7C182%7C183%7C19,idMap:18*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:20,sis:223%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:7b33:7507:38f7:f5c1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Aug 2023 10:28:55 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

266 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
newsvidex.com/	1970-01-20 14:44:47	Name: _pbjs_userid_consent_data Value: 3524755945110770
.newsvidex.com/	1970-01-20 14:44:47	Name: _sharedID Value: b2b405ab-d2a1-466f-b8ea-797dfcc5e8a8
.newsvidex.com/	1970-01-20 23:37:35	Name: _ga_J2YRJREY02 Value: GS1.1.1692095331.1.0.1692095331.0.0.0
.newsvidex.com/	1970-01-20 23:37:35	Name: _ga Value: GA1.2.1511824296.1692095332
.newsvidex.com/	1970-01-20 14:03:01	Name: _gid Value: GA1.2.420844085.1692095332
.newsvidex.com/	1970-01-20 14:01:35	Name: _gat_gtag_UA_247050099_1 Value: 1
.rubiconproject.com/	1970-01-20 22:47:11	Name: khaos Value: LLC5VDVV-25-8Q0M
.rubiconproject.com/	1970-01-20 22:47:11	Name: audit Value: 1\|naVuGyos1qp1bLw+3z/HFbU1ZxogGjlwOA+xFj1I9sfQKCb/4IkTDqmwErNFphcd42iBhlB76sqItfYiHtH7h8xuhZpbWKLtx/wDdF6OIkW+xUA9sgf/4eNEKcfJxgEB
.criteo.com/	1970-01-20 23:23:11	Name: uid Value: 5745a5d0-74e9-431a-94c4-9c0762d674c1
.openx.net/	1970-01-20 22:47:11	Name: i Value: c2414276-cdf9-4c68-adbb-c6c898960b48\|1692095331
.adnxs.com/	1970-01-20 16:11:11	Name: uuid2 Value: 4716135886893562248
.casalemedia.com/	1970-01-20 22:47:11	Name: CMID Value: ZNtTZOrjm7PLALKB1.yTNQAA
.casalemedia.com/	1970-01-20 16:11:11	Name: CMPS Value: 5254
.casalemedia.com/	1970-01-20 16:11:11	Name: CMPRO Value: 5254
.adnxs.com/	1970-01-20 16:11:11	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?_r(iXZ!]tbPl1M>e)ZlrFUfJ+tGXxpC[LmkJKyQS_AEh?i:>PvgFnt<=YZR*+HoVd$3If)y3KL9D3I?+egslXg
.doubleclick.net/	1970-01-20 18:20:47	Name: APC Value: AfxxVi5fTlFFuvawcOpLPRe9lRIOW79VFoYLeZdE-008jQyztbnkcQ
.doubleclick.net/	1970-01-20 23:23:11	Name: IDE Value: AHWqTUkIWmYmDK-gDwiuRWebrRSCGc5hJEmBSQrsifYwzuNWyNiIY2XCiy9IXHsDMqI
.newsvidex.com/	1970-01-20 23:23:11	Name: __gads Value: ID=e7640403ba01693d:T=1692095331:RT=1692095331:S=ALNI_Mbts-iysMhJrUjOu2UoeccFgSrdvg
.newsvidex.com/	1970-01-20 23:23:11	Name: __gpi Value: UID=00000c86d5a07162:T=1692095331:RT=1692095331:S=ALNI_MZq6dD6SC15tDC9-RlVZS-EQwJONA
.googleadservices.com/	1970-01-20 16:11:11	Name: ar_debug Value: 1
.newsvidex.com/	1970-01-20 23:23:11	Name: cto_bundle Value: fIHuil9uMGFHdW9kdyUyRm5tajhmWVNwYk92c0Q4RnJ1Mk80RVI4WE5WTTVTNGh6NWUzRGZvNk9nYzl1eTJ0THJrVWUxdjYzaWpVazYlMkJORHNJWXNlZU5UaXczUm9sSGF4Z29Qbk0wNlRFbDRsRmduMW84ZmdIeFJWcEFrSHJvdklFaUFyejU1S2ttZ2dBbWN0dGFrZ2toVTZ3bmlRJTNEJTNE

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/'https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png' Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: The resource https://0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com/safeframe/1-0-40/html/'https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png' was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0830943539d81f7b618f258c0f05f171.safeframe.googlesyndication.com
4c7273966160223132d25434d861315e.safeframe.googlesyndication.com
aax.amazon-adsystem.com
bcp.crwdcntrl.net
bidder.criteo.com
c.amazon-adsystem.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.createjs.com
csi.gstatic.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
events.kiosked.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
mug.criteo.com
newsvidex.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
r5---sn-4g5ednd7.gvt1.com
redirector.gvt1.com
region1.google-analytics.com
s0.2mdn.net
scripts.kiosked.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
videx.slidetext.xyz
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.24.112
108.138.1.25
142.250.181.226
142.250.186.130
142.250.186.66
162.19.138.82
178.250.1.11
18.66.122.92
185.80.39.216
2001:4860:4802:32::36
2600:1f13:800:7780:7b33:7507:38f7:f5c1
2600:9000:223f:0:8:48e:53c0:93a1
2600:9000:2250:4000:a:e047:753:6381
2602:803:c003:200::21
2606:4700:10::6816:3456
2606:4700:3033::ac43:911b
2606:4700::6810:5914
2606:4700::6811:180e
2800:3f0:4001:82a::2003
2a00:1450:4001:16::a
2a00:1450:4001:800::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:827::2001
2a00:1450:4001:828::2006
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::a
2a02:26f0:480:f::213:7ed6
2a06:98c1:3121::3
34.102.146.192
34.120.107.143
34.96.70.87
35.244.159.8
37.252.172.123
52.18.159.223
52.222.239.116
52.48.185.171
54.229.80.150
65.9.66.97
00243e1acb1e0ee5e5de905ce388340295cccc0b3fc6d18bb843344424f0b7c5
0129fef24101a11eaa58cb3eab025b451acc53fb30a6dcd6cce7237b07427e2f
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
05a9031454324dcd0150aeb877d980bfe8bdc132d39f87dab9623994e8e1f6c2
05c1e5469741d286589a094c9fea2c1e5409ac1eca95013c43c65c781d170e2d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06e75ec54c0483f0944a8ace0a48d3fb0d2604b023775daf21b1620304455dea
071a1a692b351fcf6b1f05c964d06c1c4dc2ccba265b4a94f80f2fbfed393a88
0868f8864edf2b3ce1a92817e3a85110b916f7879056733374b77ced7dbcfb31
09239fc3f86c9ea0903aebddf4476c30710a28aed0eee7bd1258c2dae9688b06
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0a441c4f1b90c992eacea5aa9ed1f7143c5e0ca315d26edcc3468ce5ea61e03a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c75e240b625f6a72433e28a783349a5c304dd88b7d28827c5149f5e017364b1
0d376e780bcc5c6dd54272d535a39e4346ac241d12870b555cd85b4ad734ea40
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13ac1c1b7c458edfb370d17f60c016f5133fcf726f02a0d6eea0d62e5eb20d86
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1d005e54c557c7b45e4dbbe2abb05bf33bb52631faed17189da60940b07c25ae
1ee73a11f7deaf542b5417e0fa5adac6d92212515da73813d552157337d25cfc
22d77c667d6084c6eb69aa5b1f28bac84df2d473de862e29d060054a84b20106
23b32563a179a81e549d990ac973605a26b42e7002c2cb8699c7f6df999a76ab
250952b26f354268e84a0ef38b4c47a99bf545d42fc36a27bba740601fdc009e
25f4c396468d408a71ef0916d7f25c010987ce9c8694fb13e4317bfed8b32e9a
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
327b8d4fd0cf37311dec0a709e5afdc892e29a047e879671b7b9191ca313fe27
3304ebafae2f97adb0f5d016454298a110bc449f68cda9c1afa3e01a325963e0
336a0c08c69f92f1a5b7a1d71902aa98ee2199424c0581dbaa27242b267942f4
35a108cc6447cce609282afe9f42c0f0f1a8371b6f3bcb73dd9d877b27c1ed58
35c3f3d08165291ff39d50ad2b21886f753c4ebed0bcfc5cb0b2603ead2aa0e8
35f391b57644dbac2bbd29c21e0bee372b26f6cca8252a33d9e00c3605a1a5b3
364a5c27d2ac8b5f566046597a12ab16fcb1bacc833561b04ea9ea7837ff4cd1
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ea3074d44427095db8c43247c0ae10f1d707938bec563391959de4b1ac1e061
3eae3599cc2040f5b82e880c2f044dc06d3c5913019847974a319d6ee6643bcc
3ec390175d170ecdc54a60a8a0816ef240b0af875fbd32611ac15bb8375e3cce
40cd1ad9d1bdbded676fc0fc4408ce80371fab72a26fce6c873e50c01e44e1e9
40d4a6129a7d8ae7843464eccf026d9c15271e774fb695d38e8458cf64137ca6
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a8f0742694ae329458444baf9544a7ff3eecce6c5a78d458778eb93cdf21dd2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4d44eef42468aa9860e7e4d534a143260ab1d102607635a2f30483d0c039686f
4d60b0b7de3c1658a98786988291357b961be9c02db341bd24036e5194962638
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
516f44a87a093ebee25ce5e3baec74b4044cb8e89fe52de19b4316a51d717c46
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59f20a3efda076a98cc6c12c39229ec1cb2ddb13d500badbafaa841dd5f25f89
5c1e6e3f592d8c8b63e2b543ac0ccbae369ddb4604066dc97420c7a1d586ba8a
5c522f9116ea6ea47e03ca9f70125e37edc03ca979cee71d7e9a8c844d4de537
5de2d117e118b18fe29937bb19e5776203b00f6c3836de57897efba0107e58d3
609c9c8da515ce83f6dadac3fc67c7d3b9dd8ad6898eb9dda19c0b20b9a906a4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d03191b72dcd5d8e4284ef5dc142aa20507115a8aeb8319e191fb71d67490f
6335acd39fb5e7657ee3d854e2a92717c6326955dc8615913d1aa3b2f82bce38
6458f6ab36bab1309374c9f6213a9e962c5a2ca3f572faf474a2b0780b07797b
64d8b90f5b453ad0e19e7ee11724f05a2e2343cf9c8f5ffba9f55b8e79f24781
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
723df3c7d7a3d796cd19b2d214c09340b55cf08e08d26cdf29848731527239ce
72bce1d8441437e210c0a053e087f0444869afedab4bba9aaa2bcd4d3419da7c
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7557f17dc371a05fb02dbd250123e79a9a505eb2f4854b53af47599f6c756c4f
76af7cb8cd3b202e502d3abd8b661f6e8126503c84b83d80bd2922c9cc40b9fd
7b4e644f5023ce44019f5a16ceca4d8b0691e28ed051411a220131dc5f9c6518
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
7d3d3e006fed403fe21adad67236246365b16a1b00baca471bfa3f9552424146
815e919eb9f91c295d3209fbd3d5465a2625f83350af90fb12985d4094c60462
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
89bba462c4880cf4a0e49696cc9d3b9e28052e57071ddc4924a4b25515301510
8efd59bf2a451b6137510fe256ab6651aaeb65b23e9c48a2d48cdd7982715304
9261fc374ad402a8ca48b414850f314f0098b30776695dffa52c4e20eae9f3eb
92a9645446378844b9f2622be5f3a02607f8e4bfd8c793fc92e5b2d569eccffc
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
9a0222cc8d589e0592f678c0cfc0da93023dcfee170ae6807f3a9a6d12008d2b
9c1c540adba2efa0a227e1bf95106a4ba172a700c7b186533b4ab2a901b5ad91
9c2f00d8171be05c2ea9b2dd91b4f7ad9cd21429375508ad9e54a8a0a4b77fdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c51c49db9c74085ebad0d11a1c5d1eea450239668797fbc3a477dc0ded3023
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a64e131b6a69590fb5776dc889746c0a873e756504498a33e8fc6d432325b01c
a65a90d45e96a839c51c415245fdd88b0bebcdf8b4dc7faafd4d914b82cde215
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a8e68ecd193069b7a36b25962c7665b9c9a2af1381649d77c01cbda53bff54a0
a9c646d300f58c46de0e4d1028b3a09a9b66dd7af4fba8620dd92706825659e7
aab40de161061febcc2b8ad6e131fcc712a6f846691e48dd558689b37e596c36
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac554a4ea8b34bbb80db013e14be195ebc986f82f24e5b18b0ea9032ef561f57
af22380d5deafa05590754ba24ee155d3907ecedab1a14439ea2d9dd4e5d84ea
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22015e781bca8c265c5e679c44002e17b35f1e56b8d458bf41806f037e04350
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
b7125c5e6f452041b3cb773a2eb3e5315c99d975bcc8f894a15d37aae2aaae59
ba2002d3607e865976666cf35ed91dce6a71d44649e885afd3fcc4adc3320943
bc5f0440a4ba1fe3295b324b649bcc18ebd13629e64808a199e115d38f15048c
be06ffb2cd06a02216ca9a5e16cecf8009507b74105774aedd0617ddaa8b8cbf
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c143b6f39022be1afa16adc565a3bba2f68f3427e76ffb7e148dbc2ee231bdfb
c2902e5c19fbbe4b0c6bcbfb1ef627bf4a75df212eed136d0aa260d4913b9e2d
c32520c4061f2dc531744ba5384035ae123532861644782333cee1f5b2a1cbfd
c43375572e1e71864c01267c2f3d4bea1413bd7978af273509757575319eff02
c799addff8ce46fe79abbda93586a33ee0ca4ddcb4df3a567d7cfb7a4a08c401
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120
d7e1d11e09ae5619685a66e50267d80bc6b716e2a3d9377b922ead3c32cba527
dafe80f47a31afee1a28891aec84618e73595f7acad8421ae9c999d9a61458a9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
e3078a5b6033cf95732e2e123f82136c30b09a3b213b1d2065de3fb6abf085bd
e35753e5bd7e5ed48ee5b5fbb44909718d9c4c971a3eae0fda1d95831c9da9a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e802095e892c6b9193c1918d778b61eae8d12e27f5320abadd90436202ee2053
ebb0e85cf8a5e0953a5997538edab29e75417ffe81d7097459e7c2ab99f371e4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff5fc69ec853b87373b67d2f9542236a8019ef425151dea24e9862e172448e5
f0bc5c636a694ccf091f11463d62e7eee62f779f35948849c56defea47a62eb5
f3807564ef36fe2eb9fc3a3fe34b3d0e1046c5b8be9257119fbc4aca288ee6ab
f4baf7bb464a8911b3875c0910cdbdce6d84ad6cdfe4c8887a2de655034ea9c3
f5876d3e4aeb48a0c4fce444bd738d17309c159a0ae8f66d44f06a4b8df1ce1d
f5d0407c813ca4bde74789d41f00c993617159d54e14e606baa4378d53bff3b3
f7389b6a13c1e06ad2f0df0b0c874dfff99ea3e00f917d6bd272dd9297a0e58c
f933b32b5f78fa23efb9facccf12ae09be764fc115f6c464996cb095a5a45cca
fb66df48bdc2630ccb6f47302d9e5a51d470997900efe61de374f323473902d4
fd13d385a728fc6b4cc9407f2c74d8a7f99ed322ea745e30be360aadacdfdf2a
feb97a90ef148adbb793ce925a51b98dc5bcbdc003a7f888b7e656f8429817e5

newsvidex.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

226 Requests

94 %HTTPS

62 %IPv6

32 Domains

51 Subdomains

49 IPs

8 Countries

4319 kBTransfer

9556 kBSize

21 Cookies

1 Outgoing links

Page URL History

Redirected requests

226 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

newsvidex.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

226
Requests

94 %
HTTPS

62 %
IPv6

32
Domains

51
Subdomains

49
IPs

8
Countries

4319 kB
Transfer

9556 kB
Size

21
Cookies

226 HTTP transactions
5 data transactions