uat.newsroompost.com Open in urlscan Pro
2606:4700:20::ac43:4aa0 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://uat.newsroompost.com/
Submission: On October 19 via automatic, source certstream-suspicious (October 19th 2023, 1:58:00 pm UTC) — Scanned from DE

Summary HTTP 402 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 57 IPs in 11 countries across 48 domains to perform 402 HTTP transactions. The main IP is 2606:4700:20::ac43:4aa0, located in United States and belongs to CLOUDFLARENET, US. The main domain is uat.newsroompost.com.
TLS certificate: Issued by E1 on September 3rd 2023. Valid for: 3 months.

This is the only time uat.newsroompost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 129	2606:4700:20:... 2606:4700:20::ac43:4aa0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2400:52e0:1e0... 2400:52e0:1e00::1079:1	200325 (BUNNYCDN) (BUNNYCDN)
2	18.66.112.41 18.66.112.41	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 12	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 6	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
11 26	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4 4	52.57.124.150 52.57.124.150	16509 (AMAZON-02) (AMAZON-02)
1 4	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
3 6	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
14	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
26	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
24	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	213.155.156.183 213.155.156.183	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3 4	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1 2	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	2600:9000:225... 2600:9000:2251:8600:3:4706:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:1c00:1b:f040:3600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	154.58.197.185 154.58.197.185	174 (COGENT-174) (COGENT-174)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 4	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	52.29.100.88 52.29.100.88	16509 (AMAZON-02) (AMAZON-02)
1	3.121.79.42 3.121.79.42	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.77.35.11 104.77.35.11	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:c0cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
4 4	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
2	3.9.163.207 3.9.163.207	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.98 18.66.147.98	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.52 99.86.4.52	16509 (AMAZON-02) (AMAZON-02)
2	18.135.134.29 18.135.134.29	16509 (AMAZON-02) (AMAZON-02)
402	57

129 2606:4700:20::ac43:4aa0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

uat.newsroompost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newsroompost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1079:1 (Germany)

ASN200325 (BUNNYCDN, SI)

ads-script.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-41.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.228.164.11 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.185.130 (United States) 11 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.57.124.150 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-124-150.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.243 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.35.237.56 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.91.62.186 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Mossingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.183 (Sweden) 3 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:8600:3:4706:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cti.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:1c00:1b:f040:3600:93a1 (United States)

ASN16509 (AMAZON-02, US)

ads.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.58.197.185 (Spain)

ASN174 (COGENT-174, US)
PTR: staticip-hv4m185.hispavista.com

t.hspvst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.105.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.100.88 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-100-88.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.79.42 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-79-42.eu-central-1.compute.amazonaws.com

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.77.35.11 (Glattbrugg, Switzerland) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-35-11.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:c0cb (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.166 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.9.163.207 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-163-207.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.135.134.29 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-134-29.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
129	newsroompost.com 1 redirects uat.newsroompost.com newsroompost.com	2 MB
65	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com	491 KB
59	doubleclick.net 16 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 ad.doubleclick.net — Cisco Umbrella Rank: 173	748 KB
43	criteo.net static.criteo.net — Cisco Umbrella Rank: 728 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9717 csm.eu.criteo.net — Cisco Umbrella Rank: 9249	593 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 34439 ad4m.at — Cisco Umbrella Rank: 12024 assets.ad4m.at — Cisco Umbrella Rank: 44524	1004 KB
12	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	4 KB
8	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9209 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10275 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15502 dis.criteo.com — Cisco Umbrella Rank: 648 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15658	119 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	471 KB
7	w55c.net 4 redirects pm.w55c.net — Cisco Umbrella Rank: 1069 cti.w55c.net — Cisco Umbrella Rank: 3403 ads.w55c.net — Cisco Umbrella Rank: 13796 i.w55c.net — Cisco Umbrella Rank: 2341	45 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	551 KB
6	teads.tv 3 redirects sync.teads.tv — Cisco Umbrella Rank: 1584	1 KB
6	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 1024 r.turn.com — Cisco Umbrella Rank: 4738	3 KB
5	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2250 www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
4	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 206436 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 161993	8 KB
4	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 8325	1 KB
4	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 985 s.tribalfusion.com — Cisco Umbrella Rank: 2451	2 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 33897 api.webgains.io — Cisco Umbrella Rank: 91885	19 KB
3	blismedia.com 1 redirects tr.blismedia.com — Cisco Umbrella Rank: 2268	582 B
3	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 649	2 KB
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 5121	917 B
3	google.de www.google.de — Cisco Umbrella Rank: 6147	670 B
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 59583	2 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net — Cisco Umbrella Rank: 83080	737 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 82854	516 B
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 18074	1 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 387	291 B
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 913	489 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 952	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 643	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 402	297 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 153 partner.googleadservices.com — Cisco Umbrella Rank: 1200	3 KB
2	gstatic.com fonts.gstatic.com	53 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 179	3 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 405 fonts.googleapis.com — Cisco Umbrella Rank: 49	11 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 109006	3 KB
1	blau.de partner.blau.de — Cisco Umbrella Rank: 178172	1 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 93025	1 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 121204	495 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 929	464 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 50844	611 B
1	hspvst.com t.hspvst.com — Cisco Umbrella Rank: 159447	928 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343	574 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617	584 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3431	104 B
1	b-cdn.net ads-script.b-cdn.net — Cisco Umbrella Rank: 578490	1 KB
1	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 379	22 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
0	everesttech.net Failed sync-tm.everesttech.net Failed
402	48

	Domain	Requested by
127	uat.newsroompost.com	1 redirects uat.newsroompost.com
29	pagead2.googlesyndication.com	uat.newsroompost.com pagead2.googlesyndication.com tpc.googlesyndication.com 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com securepubads.g.doubleclick.net e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com www.googletagservices.com
27	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com securepubads.g.doubleclick.net e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
26	imageproxy.eu.criteo.net	ads.eu.criteo.com
26	cm.g.doubleclick.net	11 redirects 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
24	securepubads.g.doubleclick.net	uat.newsroompost.com securepubads.g.doubleclick.net 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com www.googletagservices.com ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
14	static.criteo.net	ads.eu.criteo.com
12	assets.ad4m.at	as.ad4m.at
12	www.google.com	1 redirects uat.newsroompost.com tpc.googlesyndication.com 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com as.ad4m.at e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com ad4m.at
8	www.googletagservices.com	securepubads.g.doubleclick.net 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
7	www.googletagmanager.com	uat.newsroompost.com www.googletagmanager.com
6	sync.teads.tv	3 redirects 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
4	ad.doubleclick.net	4 redirects
4	ads.travelaudience.com	2 redirects 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
4	pm.w55c.net	4 redirects
4	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.googletagmanager.com
3	tr.blismedia.com	1 redirects e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
3	sync.1rx.io	2 redirects 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
3	d5p.de17a.com	3 redirects
3	csm.eu.criteo.net	ads.eu.criteo.com
3	a.tribalfusion.com	1 redirects 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
3	r.turn.com	7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
3	ad.turn.com	3 redirects
3	7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google.de	uat.newsroompost.com
3	region1.google-analytics.com	www.googletagmanager.com
2	api.webgains.io	analytics.webgains.io
2	track.webgains.com	as.ad4m.at
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	www.awin1.com	1 redirects as.ad4m.at
2	prod-rtb.ad4mat.net	16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
2	x.bidswitch.net	e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
2	static-de.ad4mat.net	as.ad4m.at
2	dis.criteo.com	16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
2	onetag-sys.com	1 redirects 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
2	um.simpli.fi	2 redirects
2	e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com
2	c1.adform.net	2 redirects
2	match.adsrvr.org	7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com
2	ads.eu.criteo.com	7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	sb.scorecardresearch.com	uat.newsroompost.com
2	newsroompost.com	uat.newsroompost.com
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	partner.blau.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.conrad.de	as.ad4m.at
1	cms.quantserve.com	ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
1	i.w55c.net	ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
1	rtb.fr3.eu.criteo.com	7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	t.hspvst.com	ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
1	ads.w55c.net	ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
1	cti.w55c.net	ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
1	sync.targeting.unrulymedia.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	rtb.nl3.eu.criteo.com	7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
1	s.tribalfusion.com	7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
1	dclk-match.dotomi.com	7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googleadservices.com	www.googletagmanager.com
1	ads-script.b-cdn.net	uat.newsroompost.com
1	cdn.ampproject.org	uat.newsroompost.com
1	fonts.googleapis.com	uat.newsroompost.com
1	ajax.googleapis.com	uat.newsroompost.com
0	googlecm.hit.gemius.pl Failed	e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
0	sync-tm.everesttech.net Failed	7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
402	76

This site contains links to these domains. Also see Links.

Domain
hindi.uat.newsroompost.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
hindi.newsroompost.com
www.nseindia.com

Subject Issuer	Validity	Valid
*.newsroompost.com E1	`2023-09-03` - `2023-12-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2022-11-07` - `2023-11-11`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.w55c.net Amazon RSA 2048 M02	`2023-05-29` - `2024-06-25`	a year	crt.sh
ads.w55c.net Amazon RSA 2048 M02	`2023-07-19` - `2024-08-16`	a year	crt.sh
*.hspvst.com Gandi Standard SSL CA 2	`2022-12-12` - `2023-12-09`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-09-26` - `2023-12-25`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh

This page contains 37 frames:

Primary Page: https://uat.newsroompost.com/
Frame ID: 7A7EFE70665102A33460FD6FBC816DF7
Requests: 168 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: E6ACF9C432DA767CDE82B2199F4F0CB9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1781853254296294&output=html&adk=1812271804&adf=3025194257&lmt=1697716671&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x540_r&format=0x0&url=https%3A%2F%2Fuat.newsroompost.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697723871449&bpp=3&bdt=1086&idt=274&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2750611247394&frm=20&pv=2&ga_vid=1944785838.1697723872&ga_sid=1697723872&ga_hid=1052426716&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078237%2C44805112%2C44805534%2C44805681%2C44805920%2C31078301%2C44806255&oid=2&pvsid=758522786356559&tmod=1256683079&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=317
Frame ID: 4D8B27FD90E2E98CD3B7390B2CA2DFDE
Requests: 1 HTTP requests in this frame

Frame: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CCF542241C221050080B5EBD3E3B532E
Requests: 1 HTTP requests in this frame

Frame: https://uat.newsroompost.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
Frame ID: E386A0BD451F1CC39BE4D2D09EBF17E3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 17912FF012ABB15D94110842FBCAE566
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 411F3F5C34A735AC713C861EF81796F8
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDRRfQM3FwPU2cl0l3Pl6JWiQkIECd8YkBCdZJP-1bpmXZ9HpNdVmZHy-s3hfGR2hPhYxCOtFTyvShKbHZUx-H-k2ufr4VyEq-FfVbZAGyPE8cZNo_-JSDjiWvwaCpU6NtD6ON6mydpn3OcDTHHCp0nMOJkiP8ejWGUiyB74tFScInV9jLCrr7be5--pfLvrhq0teXNZxjS8lJiVU4CoY-I75A8mIIkmZNvpi3RxwGGf1wTVzDE6MyvtOZ9IWhcJXNEmXhJO3eIwjMWRLCZoh3ObyfIRkBaaZGeCRJG8bNp-9lhiYaM2BYkJ3bHCQUsmQfNlwgP0MWyC9l4uPsOYBHNg3RSJ36mZYVYwlWo_MdZvrsEL-qkb3YKX1LCUDlXNSlt7LKqHBVPA&sai=AMfl-YSPXYLxPeo_JGau6z4qAw9Y5bm6wi7bAvot_S1AscOeieYG2PCdQP70HZYabYs24osxoVWoePnpJq2_78HXCbtoinx8PLHdXbJqX9hYDcuS6lef4FSSBuCL4QjZDj8&sig=Cg0ArKJSzPH_mU19fepSEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B155AE7EC6075B965A47E2EA1B9273B8
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfu2qjjyoWiUuxjGOfDnaYXq-6gKxJkeEbxHRYGt43AMPZTgGKIZ5vFbnJKu6dYRZVhlbX4HhLnzsNGCQLUyjJACJPzX8B4srj6qU3swP8RJUnt-y33m8sKiMNnwv5q8XBJ6nlho0lrkFUVxyAPV7gvz3fvDvz83bqTpP2zmlaGx4teFaUpRUsiv83sDzoWiiQrqjdabYJ48vm6m9OzPO7GTqUeJ-veg89Xe-xA4_5VdfJUeyYT1szea-NzIPmoXyb6ffMOzmkEfbyLk6_BruksrG2hPb3AmrGgLic1ylhTxrwpvrE2fb1ZzFgnTO7krUmvnLJKHaQzfh6iJVjT2JVGL9Ss0ALadL7cORn6qW2MnQOMttphkeodt36fWFdM-N8mNvH_i22FUBzK6rX&sai=AMfl-YTZipEaWyDDwnRX0m_cV_YKo2sftFb4a98vzKBGNwKqChUWDeGCWxWkbIwwDSbnwCVSTNNx4GzpBpIB-52ScSsNk5OwAymRJf1N3Kh25tyE8oIJx-g2ogjhws5cNrE&sig=Cg0ArKJSzLaSaWAz0KZVEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 29B56D924F22CC548D67C7D1D006B8A1
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOVoGFHuW6ZzzGtgw3gQeGrhLnTjIuSw-c_AwIldDU3M4Ni1YxeBg5asVpINDmrnxANXoBL-kd6xEzmTTYAaM8mMks5jMI1hYSyB3mMpcGdbJu9i5fyVIkRrP2I8AjaxsOgOCqrJi_Y7FbOTbz3iMvT6r3PPFfzeVYopruqRZb35EAnoijjuDvdU0wL8RgcrriRqpXdGuSJTMs8x5VbSXI-LukwMqF2QYebOpvgQic68RZp2LM4RVI_9no0eGGkWk5DSHYURBDMpn0eWlsoCCnJ8o3NleQjxQZaosRu6w08A19qA3ZsyGz_tN2j3MQmQrPi-z5eT8VIIvr0WzWhxoIFQxwQ5nLOW3_6vBXa44Oq6MUeeZJUfcFOsPLe6zOw1dUqHshaxhdkKFA5Lpn&sai=AMfl-YR7zzBK73SqUiC5EGhfRtE6daZ7Xi9yH8nXnwZEQYPIMzaBTlk-mNJTA1NtU5-4mX020PuvJRCC2faSZvVqOGlJq-xQgqre4HyJf3yk6inWlKWqkVhPfQi-gn_LUMs&sig=Cg0ArKJSzI05GLb7-8v8EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F2EB48BFE091E25D9D43D6C692800201
Requests: 11 HTTP requests in this frame

Frame: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 93BD15DD2F68239CA50C38B7B60E9842
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTE14AAA2kkK3oDOAA18n_Rv3YnRkJwZd8lOOw&u=%7C4v4bc%2Fo%2B1LYYzJ2Y4YMooi%2BL7QvtoU%2FghXxy9athUCA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcEx6o_OgiyXAlqag-brSrvdRdxHGpTdBCQZI5r6gdh2-TAyQC3jr-N2O3UaCJGz8fpd4p4SRI3MOQwXZLvlDOM6EfWg1IWew5Enn_JakQFOc7st2SMGmjEayMUqRXuHbi6UtZ6P39iJKgPFEGcAndgzlXjut6UMSKQvRsVXmTWrJv68g34zfntCPnkIYeFCghIijHFq4aakezh_vkzcNloURk4cSUOQiL4xLgfIYnvOUO4c70hu1HhS-AQFpaNqVfj0CheYGYKK8CtegR81ON7aLBp6upDVOtI_M27V8gVL55Fv-KDsQFO826z43LYsIeolWJptf8QXd2Le6LUuYdPsx1Psb_9DILnl6Iu4Hi7bUyMILFZ5OpQBdySlax2AFym5nVHtJqmfaMZsomK2XHfV_5DXmHxcm629N3wqP7tZivLAHk0L02-yMRhRh0FSQ7mbpCeQa5nfxY-Iin2Qxbx9RktjOK-S_i_BigNZcEiQZYmkJcC6wyueh8XmnN7Bsl91nhTUH6gV6tU4WHTrebEInDv5WESxzfa2&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtUOI4DUxZcm0A86B-gaf-bWgAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyMDYyNjIyMzI2MDcwOcgBCakCCIfFM7W0sT7gAgCoAwHIAwKqBK0CT9DkxHgu0GUgpJ5Dya2aL_PeCyjNGr9xPknyO1rccv-zHvd2sddk2n2wqCnh8e531sj0Cn6SHRGlCjGY4kTiucv9JQt2ifNF6h9RQ3WHziMeXhUAFOa4FqQTF4SmVgrkRx6Z3RuaQQ2yDQB3QteuxtgCKEOU8R022K1iLIYeB6GL-p9utopr35fSBmnNXTgMLM_bLvYQPZleOKQDNykiES4CyTyM6JB5Zc4yWt4MniYjje0AonKFYjIa_xDLZF8nbFi9oDbKf5xY7i9kY88d_ki9VXhvtp9MKq1DFVmU95QpyWlFDI9d4sIV-9NjewEIU5PRje_zfJuILygXYgpoAwFIMK7f7tS_nmszOgettjJVj6o-pg1VyDpCuMWciq2kAJZLvPaqiNP_yX7KZeAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ZUC8oNYwIkwOx4qBp9-6FOL1tQQ%26client%3Dca-pub-4620626223260709%26adurl%3D
Frame ID: 3061EA18D9EB06E5902AEFE32E21A10A
Requests: 26 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DBF618D987D0FC46F3ADED49BB27B37D
Requests: 9 HTTP requests in this frame

Frame: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 9885A459B7D1890B92AE3F61AA9F26D6
Requests: 1 HTTP requests in this frame

Frame: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F9578E12B04EBA092506B35FC68988BA
Requests: 1 HTTP requests in this frame

Frame: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 67C9972EFF2687498227C04CCE36F0D0
Requests: 10 HTTP requests in this frame

Frame: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4D850577096C4C6031F657E3E3E26EEA
Requests: 1 HTTP requests in this frame

Frame: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E56A50F175867DA9D6002C1C40DAC993
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTE14AAMNyEK3r4LAAQZVm_-AhN9xtvQTTajLg&u=%7C4v4bc%2Fo%2B1LaKKhwy7J0KaGPa4Zo2WdCUFVOlGZt88zo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MgBRA06n4_YKg1oYOaEv-yaWt-0vzAYTp8FngXdkYeTdvT474OcKaxVveDlVZMqqorRHSPYj8RZjf4XKGMbOB62P3KLtjtVkM3ezIsyj2dvYC440u7D2BQTK3Xzgx3SINPxyfZRcSmUM5Ss8SqLCKqF3SBLa75DPCS7Av9wPnbeGt9xJGGwYPIrTqUi_1xfrzEDXBvwAr-9S5sVngPj945lnttlKHUh82kwUTOinCNfmIXY58BCD6MbIdD36e-fnoHxizz9J9Sd-9tcbc5vOfihGio5LSvJNJ5snXDFLaLkxTlF2jhJN2F-PGry7qGLxF-8nEv3f2YPltbZX0PKfTs20VnL9nwR4a1cmBgREiVnJpxERviHHzsPj3OWLS4kxmneMnBjBoSRHO5B2CUaj-4WBW1bsRoT912En5kBI7MrNeJ1ihAA19MZTz-N7rGJ_tMuVBBM99VjNjN1co_DGtQ_srw5N55v20Um_0MA5WC3sDwvj258pJoAtU_lG6IYBeyJWJHziICAwXdcMTgSMT_9OCIBLew1RMnO-OB1krNxV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4sJ54DUxZaHuMIv8-gbWspDAAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMDU0NzQ1NDMyNTAyMzLIAQmpAgiHxTO1tLE-4AIAqAMByAMCqgSZAk_Q9gUH_X1JtVfb_flLGkQmcOrz5AtO80Pa-RxadcKuFvPzWhrD9KTY114CYIsnhMjL0n8WxQhXgykZ2CUaq6f4XuRRO21zOGtst1abhKQCGjmffqSXssCi6LmGebOexGHLUPBFo2dZt9wqdNa-cKfmCb1KjIyXAJqZlmVKODTGQmbxoKyXcjnGqA5Rnj7xJtofO9yOeCdiYAaHfiaytzctxMIOiqtPmqUHQETMMhgjb3wPt8E8Zjoc441wZxyFyg2eMKBDw5_k6C2F6sxOeqhcyXIr5SWjXcdHuOh-ltgoLtwLDKrPShLlRVwXbXDUYUCwqo10F1TCL5ohb6vpgInr-b_PGtD9SRkwlsoQ6eM6fb_tgu1WzMaw4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3BoWZFXmqLKukGCWb5yAymkH3R0w%26client%3Dca-pub-4305474543250232%26adurl%3D
Frame ID: 7D161EB4079147165C1E07C1F48A0765
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2B9ACF6860CFD8370043E682A9C6B955
Requests: 9 HTTP requests in this frame

Frame: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 41EAB888D7FFA6A6D2F4F9D19B6AF5FB
Requests: 12 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h85s28x61x14qavwh4da953r6gpb7xvqf0zap62xpj484ns178ys8a4381nhkt2jwgg819wcb1v52qy6jzdzwc3k02fbf5aqs0v3zan572t3yayathzzws3mrd8p8aysjfk7qs9bvb0hr8bwef5r5dq0wwtbwh5wmcz283t067mmm7tb7yagwcs3nj40wy5sq18b0dt96fx5ec82avej5y85srwz2skwj3emtbxhdh5ywmfgn28dkvvvc51zmxamnz6y9qdpn76kv7s5b46g7czknxm52f1kbwe8z9byhxgswzze9m9jygmbdjbp0574m2pj9fvwdjh0a6rpqth4g04rt5tn2k8p1xnjac2wxrzdztbjdz7bw17p6b3anfn0d4qsfcr4h52aa25ytakvv7hzeewnhsn6an015k8sdgyx5zhm1pg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCervQ4TUxZeP-C5KtgAef8oqYAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSfAk_QtDcXXYXq9tSUwNzicKybzqVPFFyawhLSf3D7yCnujraNTmP21XQVj9zIB4lOWKpOjBAsqj0D9xZ2Rp7zLUcFf7vtCybrj-aFrVIgxpNxKBaMYIwAMBgcdvwUtMvdtAms4s6ZyVXEUyLCQudXOAgKYT-HS9isX8upVnChnBaVWZ7l9DXJLck3CpAsHBGK07Uxl-ncXcp0QDe7BDVLDZPIONYvwlLqCduG12ZtSPvHPQMenC-OkIRj_KndnBrSr62jQ4P1cP32OHDt6nh8KrZ8sEVWjhEzgzLv3pgNFXRSd37lGAt49u6ohzc6vHanowEOV1Ga6drOPbhL_R9-aNdSItQJz0o4pOoESV_CN9KQv9E4i2VD2PuavCIkdY_h4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kY9i0i6fVBwFjGSNS9-z3JMlUGg%26client%3Dca-pub-1781853254296294%26adurl%3D
Frame ID: F984CF797B2D154C035C34950A539B16
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2207CCD53BECF1A573B817B7D893EA0B
Requests: 9 HTTP requests in this frame

Frame: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5AE07C9A90CB1A749086512F1E8DF942
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k3aaxeg6dc7rje1pycvsja3yypxyvwes5dvngxr9tzw7qtw196a6kf581mmta80njgzas99a7nmgrb3q4sj3fqtethy75ckt6amw15886k1092bt56412twh48bhwm32zmvgzb2by8bmnwd9z2a094s4k4mttk289ckmdy82c2rt0vgpcxa3zrna338xybfxzvns5n9pw4bgcyrh5vqf621vm5fbe5592hqfd89ndqng7vfhn24231fktx51p8s74b87894yhf1exszaa0v5de2tf69hw67qgp58zjxnqf76z5phwew3kjt5x47wm2x20j79xfwnt7b6jzrqevmeyca54fa59c90rzs6aw5vyeqyzwewby9xvs138dm06wy5y7913gwa9gyz3q5prphmhpm02rwng9xfkc5yp3czj39wpzy7w7rr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%26client%3Dca-pub-1781853254296294%26adurl%3D
Frame ID: CE90F6595A023E463DB676DB39C53064
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 834420B4E83EA98CED1BF6BCF085C877
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B457819BB7482A34679D681C82D64B50
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 33ECDFCB12149B6C7267A2EFB0086051
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 265B1CE6D15DAE7138585CAEB6D2F2CA
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: F9D761E60C8A7BD549973AA4D9E3C7D9
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 623AEA4E9960D2BAC9CD3A7BAFD92313
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C166402&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=728&d=90&e=&g=3730de41298fdc7532fbc06e63ac78d4%2F9654924245587981902&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874505&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hchw1xnea3m1yf9nw0dfnb6c3yxsqng8yyf2rr5tgpnwdavsr7701y83jd0fmg27xy40jrx3t32arrrha9swd082n9hz42qexkpvaj7f1nm1h4evgpamjqcxq3j1s32j9sys5nrs892jr27x2tc299anmy1m3hn07vy0xfz4r5602ka4hhwtf5wmheya6mq1snwmpz0wq1sxd1t42s49a35r1419pbxsvv4jgkspgh6br76fwn0y139m7yx2ebtvvm9x7v2v98ttr5g4qm0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCervQ4TUxZeP-C5KtgAef8oqYAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSfAk_QtDcXXYXq9tSUwNzicKybzqVPFFyawhLSf3D7yCnujraNTmP21XQVj9zIB4lOWKpOjBAsqj0D9xZ2Rp7zLUcFf7vtCybrj-aFrVIgxpNxKBaMYIwAMBgcdvwUtMvdtAms4s6ZyVXEUyLCQudXOAgKYT-HS9isX8upVnChnBaVWZ7l9DXJLck3CpAsHBGK07Uxl-ncXcp0QDe7BDVLDZPIONYvwlLqCduG12ZtSPvHPQMenC-OkIRj_KndnBrSr62jQ4P1cP32OHDt6nh8KrZ8sEVWjhEzgzLv3pgNFXRSd37lGAt49u6ohzc6vHanowEOV1Ga6drOPbhL_R9-aNdSItQJz0o4pOoESV_CN9KQv9E4i2VD2PuavCIkdY_h4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0kY9i0i6fVBwFjGSNS9-z3JMlUGg%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
Frame ID: D84E3739319DFC612F123D9B7A51C697
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B6075B0AB1B625F0CCF09997A8B5DE8A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 70606A18ECA5BCCF0324FE90B40BD337
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=661b0be211baecb7b9a5c19963b8a8b5%2F6921377979479094863&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874589&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2tszwhdem291yjpmpe6k0dnx31v9rs6bxf68w7meyeyt0ej0tqkkcx3pjt7tkkq94a9g91pyac8m739kenr04mrdw2r3rm2jg5q240stg1kfdrfyc8s086jy7rqrmwhd0py47ky127gwww2eq8tnq43aj12cwcmadwng2nmz6hdrx1jp2qnzrsw6ykyv8rh40kqr5htjdqqdhszettqy081sz8x3rps58v8h237qmmp6exn5yr205k1d01zw8y9zhhgjz8qw8gpkbzt8f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
Frame ID: 7D0A8F17562DC0CAB62DA87F9DE0233A
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 83E2223CCD15133B9B65332E47BB2F20
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BD993041E59F82852915716FFFAE56C7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Latest News, Breaking news | NewsroomPost

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

402
Requests

92 %
HTTPS

55 %
IPv6

48
Domains

76
Subdomains

57
IPs

11
Countries

6396 kB
Transfer

12464 kB
Size

42
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://hindi.uat.newsroompost.com/
Title: हिंदी

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NewsroomPostCom/

Search URL Search Domain Scan URL

URL: https://twitter.com/NewsroomPostCom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/newsroompost/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/NewsroomPostcom

Search URL Search Domain Scan URL

URL: https://hindi.newsroompost.com/
Title: हिंदी

Search URL Search Domain Scan URL

URL: https://www.nseindia.com/products-services/commodity-derivatives-contract-specifications-energy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 153

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/788449987/?random=1176942770&cv=11&fst=1697723871512&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuat.newsroompost.com%2F&label=en2aCPnXm4AYEMOV-_cC&hn=www.googleadservices.com&frm=0&tiba=Latest%20News%2C%20Breaking%20news%20%7C%20NewsroomPost&gtm_ee=1&auid=1803553293.1697723872&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=3zUxZbrWKPKb9u8Pu6GPkAM&sscte=1&crd=&pscrd=Ek9DaEVJOEtmRHFRWVE5TWZ4Nm9DQS1LNm1BUkltQUpzVHh5TnpWVDJyZmpyV2JBZE5WbTJxbm5YOTB4ZmRJbTNyTllmbHl1eXotc29EYkFNGlpDaEVJOEtmRHFRWVEzTFBTbjU2cXlLN3JBUkl1QUlRSS1DUFFPVnNWOVZWQldkNkp0c29ZeDBoTnhJREJiamVkRjc4dVd1TDNkUnF3dm9jNFpvaTRuZXRyblEiEwj6wbCiooKCAxXyjf0HHbvQAzI HTTP 302
https://www.google.com/pagead/1p-conversion/788449987/?random=1176942770&cv=11&fst=1697723871512&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuat.newsroompost.com%2F&label=en2aCPnXm4AYEMOV-_cC&hn=www.googleadservices.com&frm=0&tiba=Latest%20News%2C%20Breaking%20news%20%7C%20NewsroomPost&gtm_ee=1&auid=1803553293.1697723872&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEtmRHFRWVE5TWZ4Nm9DQS1LNm1BUkltQUpzVHh5TnpWVDJyZmpyV2JBZE5WbTJxbm5YOTB4ZmRJbTNyTllmbHl1eXotc29EYkFNGlpDaEVJOEtmRHFRWVEzTFBTbjU2cXlLN3JBUkl1QUlRSS1DUFFPVnNWOVZWQldkNkp0c29ZeDBoTnhJREJiamVkRjc4dVd1TDNkUnF3dm9jNFpvaTRuZXRyblEiEwj6wbCiooKCAxXyjf0HHbvQAzI&is_vtc=1&ocp_id=3zUxZbrWKPKb9u8Pu6GPkAM&cid=CAQSKQDICaaN4SkeS7LLWA4CtOLMJ3yFPH10VmJtbg3Mt4mH85KwPLE958wT&random=3489910869 HTTP 302
https://www.google.de/pagead/1p-conversion/788449987/?random=1176942770&cv=11&fst=1697723871512&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuat.newsroompost.com%2F&label=en2aCPnXm4AYEMOV-_cC&hn=www.googleadservices.com&frm=0&tiba=Latest%20News%2C%20Breaking%20news%20%7C%20NewsroomPost&gtm_ee=1&auid=1803553293.1697723872&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEtmRHFRWVE5TWZ4Nm9DQS1LNm1BUkltQUpzVHh5TnpWVDJyZmpyV2JBZE5WbTJxbm5YOTB4ZmRJbTNyTllmbHl1eXotc29EYkFNGlpDaEVJOEtmRHFRWVEzTFBTbjU2cXlLN3JBUkl1QUlRSS1DUFFPVnNWOVZWQldkNkp0c29ZeDBoTnhJREJiamVkRjc4dVd1TDNkUnF3dm9jNFpvaTRuZXRyblEiEwj6wbCiooKCAxXyjf0HHbvQAzI&is_vtc=1&ocp_id=3zUxZbrWKPKb9u8Pu6GPkAM&cid=CAQSKQDICaaN4SkeS7LLWA4CtOLMJ3yFPH10VmJtbg3Mt4mH85KwPLE958wT&random=3489910869&ipr=y

Request Chain 164

https://uat.newsroompost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://uat.newsroompost.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js

Request Chain 193

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBlohIezeDUQlMTDaf0ipfo&google_cver=1&google_push=AXcoOmSEHc3IPRJfAgXxFPQ4yyuZRNzpkqJSo6hDDh9itFsaA5HRyRnSHlXEtsHzq-LejROeobIyzD7mZ6S82HziJft-A9kWFoWEJz0X HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU3ODUzMDI3NjE1NTU4Mzg1OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJdRfN7jGq2YTXJcW8hbBEE&google_cver=1

Request Chain 195

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECUBqnAzjTLJeZ0F7qnpSC0&google_cver=1&google_push=AXcoOmRfInfpiyfeFwg3C0r2DYnR-egFPhOFYKdXxImmk5jlKRIIiJ-quvQlzdqTx5UeWKfF_pN1I0hBGQqEgqdBaD3ZksCOW3imOsU HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECUBqnAzjTLJeZ0F7qnpSC0&google_cver=1&google_push=AXcoOmRfInfpiyfeFwg3C0r2DYnR-egFPhOFYKdXxImmk5jlKRIIiJ-quvQlzdqTx5UeWKfF_pN1I0hBGQqEgqdBaD3ZksCOW3imOsU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QjBCOTlZQVMxUVR0eDc1&google_gid=CAESECUBqnAzjTLJeZ0F7qnpSC0&google_cver=1&google_push=AXcoOmRfInfpiyfeFwg3C0r2DYnR-egFPhOFYKdXxImmk5jlKRIIiJ-quvQlzdqTx5UeWKfF_pN1I0hBGQqEgqdBaD3ZksCOW3imOsU

Request Chain 196

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIH1BTcqsUNK3LXJ4ICzYl0&google_cver=1&google_push=AXcoOmTmX2r7qi3-UtBqsRVNpHwkjoDgX3-ziv9wTaM_vAXnK7oqxE4RAv_2PSzHi1uOTmg1Sbugig2AP6otn7Q63Z14yTiPF3XSJjI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTmX2r7qi3-UtBqsRVNpHwkjoDgX3-ziv9wTaM_vAXnK7oqxE4RAv_2PSzHi1uOTmg1Sbugig2AP6otn7Q63Z14yTiPF3XSJjI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIH1BTcqsUNK3LXJ4ICzYl0&google_cver=1&google_push=AXcoOmTmX2r7qi3-UtBqsRVNpHwkjoDgX3-ziv9wTaM_vAXnK7oqxE4RAv_2PSzHi1uOTmg1Sbugig2AP6otn7Q63Z14yTiPF3XSJjI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTmX2r7qi3-UtBqsRVNpHwkjoDgX3-ziv9wTaM_vAXnK7oqxE4RAv_2PSzHi1uOTmg1Sbugig2AP6otn7Q63Z14yTiPF3XSJjI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 198

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEITYKD_iYlEI6jFcjLENzEs&google_cver=1&google_push=AXcoOmR6OGL6bdsB1y6PghaL7xR_UPE6_XDSb4OMz-tt_4oj_dgAPinFnlsORCvHVsgcF7i8l0e1z7qmoj-I-dimVSvPh_X3vw3TgWlK HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEITYKD_iYlEI6jFcjLENzEs&google_cver=1&google_push=AXcoOmR6OGL6bdsB1y6PghaL7xR_UPE6_XDSb4OMz-tt_4oj_dgAPinFnlsORCvHVsgcF7i8l0e1z7qmoj-I-dimVSvPh_X3vw3TgWlK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY2ODQ3MDk0NTc0Nzg3NjQ4OQ&google_push=AXcoOmR6OGL6bdsB1y6PghaL7xR_UPE6_XDSb4OMz-tt_4oj_dgAPinFnlsORCvHVsgcF7i8l0e1z7qmoj-I-dimVSvPh_X3vw3TgWlK

Request Chain 199

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFaCZHf64gV3xFPPvDunavs&google_cver=1&google_push=AXcoOmRyiwb98ueuuwH_Cf3x3Y6h42rD-rzzQQmIAoe2KLWfkzyP8cgsBi5Hnq0FepD83lW7ApWXyvCF0dRwLzKu5kgWCnsWafspIzT8OA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRyiwb98ueuuwH_Cf3x3Y6h42rD-rzzQQmIAoe2KLWfkzyP8cgsBi5Hnq0FepD83lW7ApWXyvCF0dRwLzKu5kgWCnsWafspIzT8OA HTTP 302
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&google_error=5

Request Chain 267

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJdRfN7jGq2YTXJcW8hbBEE&google_cver=1&google_push=AXcoOmTgttnuNwDBgffMLBcpVsVNFJwPKUTJ7GckVOT1yKGbnPrd-CgUW1a4VZR_vLpgRM4r_GySCr7WsCxgGXRGQfTGH982vlA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU3ODUzMDI3NjE1NTU4Mzg1OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJdRfN7jGq2YTXJcW8hbBEE&google_cver=1

Request Chain 269

https://um.simpli.fi/gp_match?google_gid=CAESEOm0s1Zet1I_PuaiGfiTisw&google_cver=1&google_push=AXcoOmS75M0nL-Ls7h91zZo_owI8XYWJfubYdcpcTeW2Sm0w-dRAaCxWQR3knDWfGZPDiKb4dsVSaADkTH0Shzp1T99Bq9POW39n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=41ECC616BC50425BBD03D32167B38B95&google_push=AXcoOmS75M0nL-Ls7h91zZo_owI8XYWJfubYdcpcTeW2Sm0w-dRAaCxWQR3knDWfGZPDiKb4dsVSaADkTH0Shzp1T99Bq9POW39n

Request Chain 270

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEE0rxeHhrD3ShoEhJ4svKSM&google_cver=1&google_push=AXcoOmSE-2x87Er5Qt7p1WFouk6JRH8YPKGBK-qaNgJ2tilhPE2s48kS1sk7AEIonyVMijbZ25wTOKIWXsl4t6PRNXQcv9JFQ498 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MTY2ODUxMjE5NjY1NTI2Mg%3D%3D&google_push=AXcoOmSE-2x87Er5Qt7p1WFouk6JRH8YPKGBK-qaNgJ2tilhPE2s48kS1sk7AEIonyVMijbZ25wTOKIWXsl4t6PRNXQcv9JFQ498

Request Chain 271

https://d5p.de17a.com/cookies/google?google_gid=CAESEGZIPN1ARY8iP01mn3QTnGg&google_cver=1&google_push=AXcoOmSmcd0H4f3vpx_3XfIBUNVfrvdoabEFc4rKi0ceztuCQCYxNEM7XXAyCatW49ZhQEHC3fn9-FY5wXWgqgZ_6NX3YoFjjyE HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGZIPN1ARY8iP01mn3QTnGg&google_cver=1&google_push=AXcoOmSmcd0H4f3vpx_3XfIBUNVfrvdoabEFc4rKi0ceztuCQCYxNEM7XXAyCatW49ZhQEHC3fn9-FY5wXWgqgZ_6NX3YoFjjyE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSmcd0H4f3vpx_3XfIBUNVfrvdoabEFc4rKi0ceztuCQCYxNEM7XXAyCatW49ZhQEHC3fn9-FY5wXWgqgZ_6NX3YoFjjyE

Request Chain 272

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEArTFriuYZ9u77wD5wYQ-YQ&google_cver=1&google_push=AXcoOmTeDQgO95VOgid1BM-Co2zbNKtq9XtBA6z47wKrJSoa3I-qdJJCmgbtG9NjUuAJqZygT0svyILw_WPjFAUEyAi-D-LYDb2_ HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTeDQgO95VOgid1BM-Co2zbNKtq9XtBA6z47wKrJSoa3I-qdJJCmgbtG9NjUuAJqZygT0svyILw_WPjFAUEyAi-D-LYDb2_&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1697723873863 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-0b42021a-07a9-47ee-8a12-b6e847dc8be9-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTeDQgO95VOgid1BM-Co2zbNKtq9XtBA6z47wKrJSoa3I-qdJJCmgbtG9NjUuAJqZygT0svyILw_WPjFAUEyAi-D-LYDb2_%26google_hm%3DAwtCAhoHqUfuihK26Efci-k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTeDQgO95VOgid1BM-Co2zbNKtq9XtBA6z47wKrJSoa3I-qdJJCmgbtG9NjUuAJqZygT0svyILw_WPjFAUEyAi-D-LYDb2_&google_hm=AwtCAhoHqUfuihK26Efci-k HTTP 302
https://sync.1rx.io/syncpixel/rmpssp?sub=google&google_error=5

Request Chain 273

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEG4qSjPFuYa5lzJTMX9Xrds&google_cver=1&google_push=AXcoOmQmq5K6R2c3b1O0IgBR6ICM-ogQBRb9iCMkzJSg1SI5I3XBTidGMDsqB-pRpziUHkNgUdpoGdtLg66XG7CI5bxm_JknMcSq-A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQmq5K6R2c3b1O0IgBR6ICM-ogQBRb9iCMkzJSg1SI5I3XBTidGMDsqB-pRpziUHkNgUdpoGdtLg66XG7CI5bxm_JknMcSq-A HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 308

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFAj3HyqbruhRYjNjK3RmBM&google_cver=1&google_push=AXcoOmQSwwOAti4oRl3LbCr_mFe9BlmOOWT24Rz9rBqznCNlK02J5By-OD1_hU6UXVTKalmy4kh28kZvW6gNFZOEhVsaSTOrRfuTig HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QjBCOTlZQVMxUVR0eDc1&google_gid=CAESEFAj3HyqbruhRYjNjK3RmBM&google_cver=1&google_push=AXcoOmQSwwOAti4oRl3LbCr_mFe9BlmOOWT24Rz9rBqznCNlK02J5By-OD1_hU6UXVTKalmy4kh28kZvW6gNFZOEhVsaSTOrRfuTig

Request Chain 311

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMjRp8xPVPT4WiOb8Bw04uo&google_cver=1&google_push=AXcoOmRsfBtbkGd4JkpXUKuf3StfBjCwrF_RVbe2Pu1Bt78nfA721PZcX8kvm_KDMkHGq7lZ0zn5AXu7BA2ISqKdWQNrD1evUVJo52o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRsfBtbkGd4JkpXUKuf3StfBjCwrF_RVbe2Pu1Bt78nfA721PZcX8kvm_KDMkHGq7lZ0zn5AXu7BA2ISqKdWQNrD1evUVJo52o&google_hm=Q2pj_u4vSBi6Le5BFwv9sZA

Request Chain 312

https://ads.travelaudience.com/google_pixel?google_gid=CAESELW0fEy8Yt4q8pb0XdFcbCk&google_cver=1&google_push=AXcoOmTBqG_uev2sJBcdP-qXnIFVGIjdQ5g0gOazy3TGiTNJrJTL5byK042WXmRkWPMUbLuxoHxCw46ryPqz4FmJtenI0a9cmd0JpbI HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=We4VRFz-QM02-V0lUg6RgQ&google_push=AXcoOmTBqG_uev2sJBcdP-qXnIFVGIjdQ5g0gOazy3TGiTNJrJTL5byK042WXmRkWPMUbLuxoHxCw46ryPqz4FmJtenI0a9cmd0JpbI HTTP 302
https://ads.travelaudience.com/google_match.ashx?google_error=5

Request Chain 314

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAl5qFKvfxt0v8whvRy0oZU&google_cver=1&google_push=AXcoOmTKQZCe-RGqhYndTiiCzpCp7uOhMxrt5jA1VAAsvxkGJLDMDxd4KF2K_3TlAI8llYPLei_khv37JHKzvphNhH9QwEFS2zcytZE3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTKQZCe-RGqhYndTiiCzpCp7uOhMxrt5jA1VAAsvxkGJLDMDxd4KF2K_3TlAI8llYPLei_khv37JHKzvphNhH9QwEFS2zcytZE3 HTTP 302
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&google_error=5

Request Chain 325

https://ads.travelaudience.com/google_pixel?google_gid=CAESELW0fEy8Yt4q8pb0XdFcbCk&google_cver=1&google_push=AXcoOmS8Mc836YQn5cQiIVbw92AVFhSW9J1RmIdAdd4lezEK5BTpQuFpt2KpS584Q1G-WvbRyM0KkkwuhyJ7zGJG9M6aLxFml6SR HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=We4VRFz-QM02-V0lUg6RgQ&google_push=AXcoOmS8Mc836YQn5cQiIVbw92AVFhSW9J1RmIdAdd4lezEK5BTpQuFpt2KpS584Q1G-WvbRyM0KkkwuhyJ7zGJG9M6aLxFml6SR HTTP 302
https://ads.travelaudience.com/google_match.ashx?google_error=5

Request Chain 327

https://d5p.de17a.com/cookies/google?google_gid=CAESEGZIPN1ARY8iP01mn3QTnGg&google_cver=1&google_push=AXcoOmTMJn67jhv-zjY4CfVY_pdjjvETpN2wX3BKrepi4dUDJUU5iCQyG_T687ThDvO2KObIxLt6o7tJy4X_YJDsS-BmFAWDY0xtjg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTMJn67jhv-zjY4CfVY_pdjjvETpN2wX3BKrepi4dUDJUU5iCQyG_T687ThDvO2KObIxLt6o7tJy4X_YJDsS-BmFAWDY0xtjg

Request Chain 329

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAl5qFKvfxt0v8whvRy0oZU&google_cver=1&google_push=AXcoOmSylEWEJkIecD-rn8tvynZGoR93wn2_DW3YdpCLnbVCKplJSmRw1q7O_tdlK2oF3qgpoi9dzx6xMqK78ne10wBs_mKwt7Olhcw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSylEWEJkIecD-rn8tvynZGoR93wn2_DW3YdpCLnbVCKplJSmRw1q7O_tdlK2oF3qgpoi9dzx6xMqK78ne10wBs_mKwt7Olhcw HTTP 302
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&google_error=5

Request Chain 337

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJdRfN7jGq2YTXJcW8hbBEE&google_cver=1&google_push=AXcoOmR8NfdzBDQH4DcfvnrZud0JSKKIFT9I57ia4NIGoKR2QUtUIlnNklv-Qvs9u9oba61fm0DVX0HtQ-xXNIIExfyAaKKkT7HdWZc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU3ODUzMDI3NjE1NTU4Mzg1OA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJdRfN7jGq2YTXJcW8hbBEE&google_cver=1

Request Chain 339

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFAj3HyqbruhRYjNjK3RmBM&google_cver=1&google_push=AXcoOmTwZdIHuBBXo9v_U2_ZtQcvAEqZk6MQ4W1J7p7UXVXjBUKxKMWVkrXJlCWqtxU5LU6On4b91H9FBjse0jwR1sGaiZzM7LzSF3E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QjBCOTlZQVMxUVR0eDc1&google_gid=CAESEFAj3HyqbruhRYjNjK3RmBM&google_cver=1&google_push=AXcoOmTwZdIHuBBXo9v_U2_ZtQcvAEqZk6MQ4W1J7p7UXVXjBUKxKMWVkrXJlCWqtxU5LU6On4b91H9FBjse0jwR1sGaiZzM7LzSF3E

Request Chain 340

https://um.simpli.fi/gp_match?google_gid=CAESEOm0s1Zet1I_PuaiGfiTisw&google_cver=1&google_push=AXcoOmRBasy_t7SkazEV5I32ZRL7BsjY4_igncuS8qQNXCcnK8YaStTfCqi3qxwR0zBufILqfu6lcMPtKMHltByfiaOcov9o5kW8TQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=41ECC616BC50425BBD03D32167B38B95&google_push=AXcoOmRBasy_t7SkazEV5I32ZRL7BsjY4_igncuS8qQNXCcnK8YaStTfCqi3qxwR0zBufILqfu6lcMPtKMHltByfiaOcov9o5kW8TQ

Request Chain 341

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEP5yGtmrngMXK9OhV4-ns-M&google_cver=1&google_push=AXcoOmSb6C9DYYw-y8xAI__wvmrmZGBS4PIiNf1YW_TEXGg1wyOsxkayQpOXGEfxjgrOUFJYU63B97dJasCwnkzy-oWB6GL3swYsmQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSb6C9DYYw-y8xAI__wvmrmZGBS4PIiNf1YW_TEXGg1wyOsxkayQpOXGEfxjgrOUFJYU63B97dJasCwnkzy-oWB6GL3swYsmQ&google_hm=hmUxNeKyrACHHGxEog&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D653135E2B2AC00871C6C44A2BLIS HTTP 302
https://tr.blismedia.com/v1/redirect/AdxPixel?google_error=5&partner_device_id=653135E2B2AC00871C6C44A2BLIS

Request Chain 368

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1697723874_804af360-6e87-11ee-8ffc-223056a867d8&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 371

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKiP6qOigoIDFbyQ_QcdtIIJrg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023101915575489828977661X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023101915575489828977661X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218

Request Chain 374

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CMqS6qOigoIDFarVEQgdJDoFpA;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=viewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=viewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023101915575489828977655X117663V1225131106MSviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0

402 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
uat.newsroompost.com/ 164 KB
24 KB 580ms
546ms Document
text/html 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2ec520977fea13dc407a5ae15bed121a454a9008b6ad90f94507805e60b8f4f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-edge-cache: cache,platform=wordpress
cf-ray: 81898849d9bb368a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 19 Oct 2023 13:57:50 GMT
link: <https://uat.newsroompost.com/wp-json/>; rel="https://api.w.org/", <https://uat.newsroompost.com/wp-json/wp/v2/pages/5204962>; rel="alternate"; type="application/json", <https://uat.newsroompost.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=peJPePiu2GVNUIhRO7%2FnesQSZZ4%2F7XF2sFCRihRvWtAMrDc3jzeC1DAGj1CKuoymPIfqehf43i%2BeJ2AP%2Fig2WqfNNvL3MVU3bn6nVRrMH5J1jYr3Ixi%2B%2B5hij2KxE6jMQWWOJFEBsnwOrIo8lpPLZwmO"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 style.min.css
uat.newsroompost.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 778ms
775ms Stylesheet
text/css 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.newsroompost.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Aug 2023 09:53:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ddee27-19824"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naA3Or%2BF4fSQSgwb%2F0TK%2BPS9h0kcj1vrBBY53ET6qp8Qmky96SUs3zN77VX8JXX9pllyKc%2BX1cVKWe8IDNW4xYHyRDHV1cBffbvXJ6qopak9jqLcmdDOWwbGgQKaT8KUNC0dOhl4TUIe97%2FEcyNoaaTs"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 8189884ddf63368a-FRA

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/ 36 KB
9 KB 117ms
36ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css?ver=6.3.2

Requested by

Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 20:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8422
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 20:41:23 GMT

GET
H2 200 style.css
uat.newsroompost.com/wp-content/themes/zox-news/ 136 KB
21 KB 790ms
787ms Stylesheet
text/css 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.newsroompost.com/wp-content/themes/zox-news/style.css?ver=6.3.2
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3958da567ad0728f4613f735cbdcf263a9da85e25a2362ecd1c5c5d8456df069

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Mar 2022 13:25:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"622607c1-21eb8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DSEq6ePC3RlzF1DqjJzBHEc9fUpJHE5rcN%2BiK00RAvLJxlZY3NGjWtAMG%2BE4YV1opdSpJK2BzoB5sv%2F1P%2B3NSgsieWMiISd%2FPjDHljsdAEn6LScm65Ym1fmzJLK79OB%2B0pDuN0fpffA6PNCn8ZNk3Dy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 8189884ddf6a368a-FRA

GET
H2 200 all.css
uat.newsroompost.com/wp-content/themes/zox-news-child/font-awesome/css/ 72 KB
13 KB 660ms
657ms Stylesheet
text/css 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.newsroompost.com/wp-content/themes/zox-news-child/font-awesome/css/all.css?ver=6.3.2
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cb8cc3fee4275e182236ab19c3aae55274f43aa0ffde9c0510d8d59fcf8e5dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Mar 2022 13:55:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62260ed7-11f69"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZGPMiVOtPCjq618wsD6qkdlQL%2BlHgZtLar1HG%2BqadW1maFsCaFx5O06Lh6KJCA1vfx%2B3DMRQv%2FGMVkIAdNpcGMMzJe0PKJ1Qxz%2Fa1mS%2Bb18NuQdIcvKcgr3txVm0fa01GHTb3ukDl%2F8vmEVBFyyTKP8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 8189884ddf6d368a-FRA

GET
H2 200 style.css
uat.newsroompost.com/wp-content/themes/zox-news-child/ 546 B
637 B 405ms
402ms Stylesheet
text/css 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.newsroompost.com/wp-content/themes/zox-news-child/style.css?ver=1.1.0
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 334b209cc22693d004730734ed783c39635f37a04f625c450be70cfb2c69172c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Mar 2022 13:55:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62260ed7-222"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yln4mlBiKm%2Bkmg9E94GenVEcZwgX2oei5xVZPLc0tIN2Lo8X8xKLAVfQXDsKugL3sJXlV3TjnfssjdN%2FNVSnFgArAHBQs80sn%2BlamxUjAJHPHNd5QJ94hvqgZTtEQlD6iS5GKtOZcAgEOTCd5Iq31Bv1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 8189884ddf6f368a-FRA

GET
H2 200 reset.css
uat.newsroompost.com/wp-content/themes/zox-news/css/ 1 KB
922 B 417ms
415ms Stylesheet
text/css 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.newsroompost.com/wp-content/themes/zox-news/css/reset.css?ver=6.3.2
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a56add0a0fe88ca8ad47ea3def87d8d5934976680db80c6530c0b28529854f0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Mar 2022 13:25:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"622607c1-43a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UsYu2W%2BAuWMdNq6%2FhVvWnXnZnbCVE8T6SrcyKhQLgnbysq%2BsaOE4txhDeXGil3FoEfz9MzRQFCmyHY84knWJ4qHW2tT%2FaapB7w6f0qXa6polXDA1fhXN5fkDeg9lSuqTlzARhJ%2FucF7DwJlew68FPU7b"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 8189884ddf71368a-FRA

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 136ms
50ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700%2C900%7COswald%3A400%2C700%7CAdvent+Pro%3A700%7COpen+Sans%3A700%7CAnton%3A400Tinos%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CTinos%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CTinos%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CTinos%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CTinos%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CTinos%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese

Requested by

Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

198b7cfbb92bb077844491b2464c698548108003b2d9bd76f4164ed35a5e469f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://uat.newsroompost.com/
Origin: https://uat.newsroompost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 19 Oct 2023 13:57:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 13:57:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Oct 2023 13:57:50 GMT

GET
H2 200 media-queries.css
uat.newsroompost.com/wp-content/themes/zox-news/css/ 116 KB
12 KB 797ms
795ms Stylesheet
text/css 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.newsroompost.com/wp-content/themes/zox-news/css/media-queries.css?ver=6.3.2
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdb2577b31b4c9dc42d321eb50b146e6a4ccba2af19f58469d3eeb91fa7a8922

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Mar 2022 13:25:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"622607c1-1ce18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDPPpEu8T1HZWopZ90AR9G%2FbHRhZCQMSowamLjxo2wIiHzwEh5lhaS9Yfm7Vh6zgLbqo%2BUUroNAaDtkjnfEB7UsUnxzgVSEWe17vFcFly%2Fx8zlJkZedoe8FNLmizOrreBfs%2FEm2S%2Fm1u%2BsjJB11GiTRM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 8189884ddf72368a-FRA

GET
H2 200 jquery.min.js Show response
uat.newsroompost.com/wp-includes/js/jquery/ 85 KB
31 KB 660ms
658ms Script
application/javascript 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.newsroompost.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Aug 2023 09:53:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ddee27-155ba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJcWQ6gr9E8a7T%2BWtUMLUr66qq7cEZG5EO6wSERgPMenMek%2Bn%2FRidrSnA6hKqY1DWh9sjy0Q2DWTwsChg4Rr%2FNSW8%2FybyOftDsYJeEosEQvQ5stM4A77NUw7FI1yXaDGebznQbXXGyATg8kAgLwHqgv2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8189884ddf75368a-FRA

GET
H2 200 jquery-migrate.min.js Show response
uat.newsroompost.com/wp-includes/js/jquery/ 13 KB
5 KB 566ms
565ms Script
application/javascript 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.newsroompost.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 17 Aug 2023 09:53:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ddee27-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xQbSW%2F2dk9Jnws47NTJdCEqJnEnzS4G10Cs7mAHmMX6xoG8JhMtpwk8aCX4KCMd7wLqWO5CeZ%2FpMR5XfRh7qjDdboUgb8Kv%2FtNWmg9PWntKtJQJZy49sT6oPFSV5hvT%2BAookeREceRMXMB%2F9AKnmDOh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 8189884ddf82368a-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 216ms
100ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0365adde1a1caab9295da1c1b25a07523d498cc3ed3e3631ae8c67b5e917bcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51164
x-xss-protection: 0
server: cafe
etag: 11318191826489231870
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:57:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 161ms
57ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-45370355-2

Requested by

Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

187b95d75467e82f060b070703218f5973083acc38c8deae4e569ca565ee469d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65224
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Oct 2023 13:57:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
84 KB 235ms
131ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F7MQXQTFXZ

Requested by

Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6854cf79f990a5d6885daebdfd22ceed02424eb8c54924363007dfec7270975d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85447
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 19 Oct 2023 13:57:51 GMT

GET
H2 200 amp-story-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 68 KB
22 KB 513ms
44ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-story-auto-ads-0.1.js

Requested by

Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42ea3e9eb5e1e4579afef251615dc7208bd747a7a21b3f6ff2082b4aa7f3944e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 19 Oct 2023 13:57:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20933
x-xss-protection: 0
server: sffe
etag: "b3f0c2d0125d7232"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 19 Oct 2023 13:57:51 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 197ms
86ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1781853254296294

Requested by

Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1cbb6ddf64a4547d5b721b76d8697415513f437a03a919ef3a1bbaa40addae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uat.newsroompost.com/
Origin: https://uat.newsroompost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51079
x-xss-protection: 0
server: cafe
etag: 17981674981102213211
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:57:51 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 559ms
90ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

829cdbb399bfd4b93878a2ae19f00d4ef90c66f3347601885f586adf16b7be3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29387
x-xss-protection: 0
server: cafe
etag: 832 / 19649 / m202310160101 / config-hash: 14863387668746949887
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:57:51 GMT

GET
H2 200 jambojar_nrp.js Show response
ads-script.b-cdn.net/nrp/ 2 KB
1 KB 33ms
9ms Script
application/javascript 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-script.b-cdn.net/nrp/jambojar_nrp.js
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 1a3cc4205a101e934ab6892dbb6409ae5f751908e382a22adb13256d1d4fc155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:50 GMT
content-encoding: br
cdn-edgestorageid: 752
cdn-storageserver: DE-576
cdn-cachedat: 07/12/2023 11:42:59
cdn-pullzone: 1308791
last-modified: Fri, 28 Apr 2023 05:01:48 GMT
server: BunnyCDN-DE1-1079
cdn-fileserver: 576
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"644b533c-8d2"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ef54f2f9-4370-4ccb-9651-0bd5872aaaa2
cache-control: public, max-age=2592000
cdn-requestid: 2771a036db9680e42401b32462f6b68f
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 198 KB
72 KB 170ms
66ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-788449987

Requested by

Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e694569b6d667b6bfc44932e77ae4cf3195872697834634ec0f39236b4fad9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73917
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Oct 2023 13:57:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 250ms
146ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MYBB1ZXH0R

Requested by

Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19842e977e4c4a0cf8d3103d51db157de3b650c5e09f4f3d818556f084da1d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93641
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 19 Oct 2023 13:57:51 GMT

GET
H2 200 newspostroom-logo.png
newsroompost.com/wp-content/uploads/2023/08/ 9 KB
9 KB 430ms
397ms Image
image/png 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsroompost.com/wp-content/uploads/2023/08/newspostroom-logo.png
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7a68ae321996f090383185d5bce12ae38bfe91d2e694a265e4f76a6f8730704

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:50 GMT
cf-cache-status: EXPIRED
last-modified: Wed, 16 Aug 2023 15:11:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64dce725-2208"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIvKVBNvfFdw2BVODXaui9XLFsIzsSGki0dVHZYMpBo0Qdg%2BRDUf56qKjCecXk5x53pL0xn4IFf2yoXGgr09JTaiwzmfYRR7BvhKX1XgfxFuNaEzDxgCCt%2FKXH5VjDrcI03%2BfI7Ci8LK4d3QPTA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 8189884e0fb8368a-FRA
content-length: 8712

GET
H2 200 ind-vs-ban-560x600.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 48 KB
49 KB 671ms
670ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/ind-vs-ban-560x600.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f73298f2d22b33c565e4656df142d6e4dfec14b84c8fb507bed6603636a03a10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 07:58:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6530e1b7-c1bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqmeFOgJIoWiwaRPVInK5pr1OGKvGoJB9iwu1vBFKD1ca6EWX9NLe%2BDK7WKRb%2B0Byj1gjPY5asJ9Tuj4WIXWa%2FqiZ37q8cXFCe1q9f0W5lRyRMGN6lNz5dTyy09NOOS8MaXCtKsu8Uiiz1yIDSM905Mi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8189884ddf87368a-FRA
content-length: 49597

GET
H2 200 ICC-1-1000x600.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 110 KB
111 KB 658ms
657ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/ICC-1-1000x600.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b0735da7fc23b2a2a415ff2ef120dd584cefbcd1c5ef8118c7e94d88e477018

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 07:38:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6530dd0f-1b92d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DT%2F9yZaN4EiLkpqcJ%2BAhp%2BfaMJjR1KnfGelZdB7Bpe87zWqAEGdOSD%2F0BZVsNanoHVZkbvWFJpb2wpoN4vUTrrx82Y26iip9CoPHNavGQkyNKjs9FXCi3YpfBtnDB2ZQn0E1kaev4%2FY799wy7bvf0Hc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 8189884ddf8b368a-FRA
content-length: 112941

GET
H2 200 ICC-1-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 30 KB
30 KB 564ms
541ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/ICC-1-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a93a8efe87aae54012af1f3d5f2c4ad4ec0380029b5ddffa66ede06371edc02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 07:38:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6530dd0f-77c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6cKXA9u%2Fy86VFGYmurAx%2BhAymN2dhOZSjjjMuYMM8iYYSkxyg2EIqr1o0tNyfyShwfE8uAjlilwc8SK%2FHVIa70FzJvlT0BB%2FBIbYoE18yryFARCxuiwOZ4HaK0tfeJcquKONXiNXFsji0hz8Z9kOikW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988530f0a368a-FRA
content-length: 30663

GET
H2 200 io-1-1000x600.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 55 KB
55 KB 679ms
656ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/io-1-1000x600.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74f114a1cf169336fdb8a22a09918aa716afd9e444101aef93aaab1a5cc5ca81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 07:31:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6530db45-da1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkYHTsKmkFB7FejO44Z72WB%2F5CqHcGutx%2BFskdwWN54zSSEVIzFhv1XmDTHR%2B3cnHMtU4OL1YCTHWBYPoVioA63U1V%2FXiuxIBORBOUXXSUbL3myRzB2GGA3RfjkFfH1BrfGuW9VPqppgLyGQ0TcWF4Cs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988530f0c368a-FRA
content-length: 55834

GET
H2 200 io-1-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 15 KB
15 KB 575ms
552ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/io-1-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c41755dd7a15af2474871cb0595a0f377cbc16e8e520f92b219aee407c9f352

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 07:31:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6530db45-3ab2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7oqqDTaNEKIhc97Q1vhRqoW70sXTZTDx0i0FwOZQJxW2xI%2BjPU0Dc4HMQdkDLLdFfb3xOKPrb2HcZGkaG%2FfLQEb3ZwGuOX410GP7bFh9g3pcO6SjBzaVvONS9XaqE%2F5dM1GeZSD2fEHnynyJSTVUrpj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988530f0e368a-FRA
content-length: 15026

GET
H2 200 dream-1-560x600.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 50 KB
51 KB 694ms
671ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/dream-1-560x600.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6dda875c1d50dd4c111e61ce959dfa1318053d3553e81d9bb6c8aafdcf40456

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 08:15:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6530e590-c979"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOOuIxY1P67IkU5adbql21d7VatS0GH9%2BSVjRDISE4Lmv2XZv3zoZBhEq%2BbIrCRNOrKXm1dRPAzR57upEOzfxRLVIPYgUoq0ZSqYUU0qQf73PHKyrkaJgb3fVtYsZX0OCfFEVZYH2liLaWniqE4%2BlL99"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988530f10368a-FRA
content-length: 51577

GET
H2 200 Untitled-design-14-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 18 KB
18 KB 576ms
553ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/Untitled-design-14-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c78ede533167996ea3cd83b12cc2c81aee3f04574e4532e24de3f9271818ca0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 06:18:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6530ca2a-4634"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EqSWLqYjDp0Elj%2F1d6TmDWNj%2BeC5YRnF9jALrlFBnVONQ9YA3HozfN1UftKO%2BSGVtVlK33KG5sPzTjbtFrbK%2BvxOngMv8%2F%2FcDBO9u7SWnMZ%2BpJ2FUIWoSmSsfPkraVMeYOfeR2lmRiIjdZ5QGSlmS4na"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988530f12368a-FRA
content-length: 17972

GET
H2 200 Untitled-design-14-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 443ms
420ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/Untitled-design-14-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 634faf0aa67bd4595e0cde42ccf46f24337c89a848279c094b1d0d3b6819a03e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 06:18:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6530ca2a-a58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxcC3vhbKyuXsSoUsZwp31pfhYde1FIqt7sht5v%2Bnv%2FGa6bpmdouxsk1jclIQmV2Lh4IhytvLKo8gl2mu%2BoUV%2FL8OFYS5MCBZaBDqHOe%2FvvZLlsiZnj4vX2ie0TN89b6e4tl25S6Tm%2F6ndO4g6r6%2BPbo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f1b368a-FRA
content-length: 2648

GET
H2 200 Sunny-Birthday-1-1-1-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 24 KB
24 KB 565ms
543ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/Sunny-Birthday-1-1-1-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91bb314962a785ef19f7a6a193aed3e9e0533c1f20980274bb06d06455a09adf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 06:37:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6530ceb9-5ff2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWbxkFNlfBO5V4Xx9KSNV%2Fu02LIWtgIpzqdAU9wlRcK6F1qtPpErrhBF2MnJ6azZ4%2FRdiVZJKbQ%2F6ZdFaU9WOB2fhn8k2ZkGNVUh0MeTG0hG9MUS%2F21Job43xQDNIhZDabvleUWPLwwGhsEWC%2BW7V7bj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f1c368a-FRA
content-length: 24562

GET
H2 200 Sunny-Birthday-1-1-1-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 459ms
437ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/Sunny-Birthday-1-1-1-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8b682813dbca7755e0e49908679ff3a46ef938eabb6f26cd94691c716bbd7c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 06:37:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6530ceb9-bc7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcJxDSlwz8AlbAOPFgceTxQpWixXdrpgk0%2FfTRD9q628U1JZVEfAFFdfyQ2mKtamotf7hcHUbV6QYMj3Wdjrd8aAYJKoa%2BiaDT38%2Frqiv7EPOSkMs03zmqhjGuQO1VRj0VcgveKI15LAiAb%2F638S6pdS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f1d368a-FRA
content-length: 3015

GET
H2 200 leo-1-3-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 451ms
429ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/leo-1-3-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c21cf4cb7783ec3fafc8d505ee129638cce802623ec506e94c17a3ad39b0bb29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 04:52:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6530b629-bb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ao%2BQmdddgAUgrhdfrulpRUfZe2xWqYmpV0pp%2FeTwy5w%2FXos9B%2FxhJ7uWiDo0nMl0Qp8mw72dTHPYLVqpC3JRqts5ZeHmhaxUch%2BGMSuFyJgRVHL%2FwL5Dl1OpZoqbEGNKJHZ%2BW7saKuW9ck1m82W4uSZd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f1f368a-FRA
content-length: 2992

GET
H2 200 tiger-1-2-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
4 KB 451ms
429ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/tiger-1-2-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f93354cac2449fba391c23a388fc64f06f3fb5096ee1e13402823f30384030ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 09:45:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652fa947-d6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17wc2ViTDJQeHGxwa0M427HrfJjKncsRPzv2mertxUYTUstO8YllNDb84J%2BS1u412E%2B76lCSrasW%2BvEthpt%2FFHsUSke3hc%2B1nZqrB%2BeuNqDfwUIlN2%2FjZl4bPYa9PmjNigC92TsZtBK6MKuX8V76b6AS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f21368a-FRA
content-length: 3438

GET
H2 200 ganapath-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 457ms
435ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/ganapath-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bec8ddddeca4b9cdadbb7797a011082fbcb06b7c71d3a009bd65c3a9b5d537c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Sun, 08 Oct 2023 06:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65224c53-be8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJYfUJS%2FwPsRb9iPy12cLtsaiBEjH%2BBUoYZ%2Fo6rEQmbo64OL04gJ2g0iSm6Ulg7cmYR%2B%2FhVY8rXFNNb485btZdWl3m26U5sFxQpp9nnoepRyP0jAydkpy%2Ba1rTUdV4grOmm%2FVVtPwqSjivhu9B%2F0G%2BvP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f23368a-FRA
content-length: 3048

GET
H2 200 F8cwVSDbkAAncCc-560x600.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 46 KB
46 KB 701ms
679ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/F8cwVSDbkAAncCc-560x600.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d822d6847507e3e276904a53c9cd515dc8e91da84791f0799add86eb5316131

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 09:27:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652fa4ef-b697"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhRw7DHdf3ksGpPUNLi57H17JaYBfL7he1PddUcciVpsymZOjPFotHcN%2FbUK8nX7r6a%2BopPUmUEE5M2qX%2Fn%2B5X4XHU2JZN%2F1UG7yYb63Npbr0Z06cJZoc%2B9nlEm6fe3G2zQ7GNS8l7rF9GrPHpNovAi6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f25368a-FRA
content-length: 46743

GET
H2 200 pints-table-october-18-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 18 KB
18 KB 568ms
546ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/pints-table-october-18-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3abe051008ae48cbbb76806468670de8fbd3f896e6d4eeef9843965a00e314de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 07:34:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652f8a72-4798"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrTFB8KEVM%2Bs02boGsDA1aocU2wzc2KUkNHRFmDGCsj9UEzYO9ekfaLVOEF3UQudbl3f9zuM71sgHNtFJW81%2FTwbbqwZ8Bw%2BwFfJyLZ9DD%2F5DXWRxrlsOZdv5JpH6M6QY8TGz88PN6%2FwkI7uTIWg9vte"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f27368a-FRA
content-length: 18328

GET
H2 200 pints-table-october-18-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 462ms
440ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/pints-table-october-18-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a13df0d5f71281c8190c27fa6949ec9f7ffb8d767a67bbb861ec4519c658ebc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 07:34:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652f8a72-b4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMiPd%2BZE7cnZFhPbSHR6lqV3T2KHtqnGFK5I7q2y1x%2Fs3FgnK7cvMB4cYlUAWG19PQaux%2FF9R6ET11X1%2FtI%2BnR3zDoJ1JY29WkN4SgZBNtKN3r1IaPv7mm%2F0YMhx6H5TVyknjhp6%2BHUZvFiIs3j7vOyI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f28368a-FRA
content-length: 2894

GET
H2 200 dc-1-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 21 KB
21 KB 574ms
553ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/dc-1-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d91295fd6eda5bfa0adf378e8733bd558f86a1c193a2e1227a46b4517c7a7564

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 05:56:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652f737d-547d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1izKGAWkSZV6zu6zo9TyFWpUs7CU7zIFHD9KdXKEVdBRSna5Do6JXq6vcF0nPE3wZQcybJxCuZ5pTL2JRosZ09Lg2fr%2FvUvcVj4Jfo%2B9%2BSHyk7NsQRJJ2PJyUGlNVBDafZufjUhttPz8fIHxdgKmUeP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f29368a-FRA
content-length: 21629

GET
H2 200 dc-1-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 443ms
421ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/dc-1-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86525b4296fef90dc9b151f181a60064b2b9f17d02f70151beab1a457876c657

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 05:56:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652f737d-b4f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRIK69g4okyYjoTAuUKlSncicjRj9gLFcnxMAkJNn4%2B%2FPKbX1IeeDHkN5GyXpp1yORT25avwLVO2UFMVMkeAK8xZbahUSwDSsqf6T0%2Be2LVo0P4ycOCkF%2FJDWKndK%2FtAEZ2CHJOWOXM0Nnr85jUTkH2L"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f2b368a-FRA
content-length: 2895

GET
H2 200 F8kML6xbcAA1ypt-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 447ms
426ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/F8kML6xbcAA1ypt-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4f0482800af78688d8dc8d274a8fe1ca25fec0a790e392aa5e29947fa695e79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Tue, 17 Oct 2023 11:43:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652e7350-af3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8Bf2TeAVd2t479ENnLhXvR9HoU6lIUlpBZlbFdD3oM39725ieIUleRfASaZjc6Yk21oxrDaEkOKpSjSFYNGAAZDuFm3X9cx%2BBa%2FMIWjXJqxW%2FtwOcMWH8huehqJHEwwPgUhtp2sjp25FYar1VGYAlYM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f2c368a-FRA
content-length: 2803

GET
H2 200 pt2-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 439ms
418ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/pt2-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7157ad0960bc174af3e0e109e3fd48f45b9516ab62361dec4546c488f40396d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Tue, 17 Oct 2023 09:56:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652e5a56-c54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIsmNXFrS6lxy5qkbeFV%2BlOOYy0Y6NYAPCVWfogle2Kcg0bDVp%2FNWw1MkMpdjHlDrQt10ekPl9J9F4ITEK0gGfLZ7jPN5YiYkT4Vha%2FTqj9IMBWT21HsPIeQVi0RPoA%2Fi0POis2qTmgStpW07PJmMCW4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f2d368a-FRA
content-length: 3156

GET
H2 200 greg-and-mickey-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
4 KB 449ms
428ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/greg-and-mickey-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f1d638daef1764a56f3c7384a1e482b0c4727350872f7793d4eded71e91f61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Tue, 17 Oct 2023 07:50:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652e3cbe-cdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdqZ2O1s%2BZ0JPPH%2BTTJeo6eqhUI3ZehHRj7sS7iLwWgJ1iXSB8EcQtRtPE4lYBK%2Bd%2BNemGR01LSHbVL%2BieaqTG9Nf9DWcPeh%2FWuYlzHoZGjW8lmkic0ZXgpeE%2B8ztNGveyImkY8xZEG4NstM08qodJM9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f2e368a-FRA
content-length: 3292

GET
H2 200 pm-modi-560x600.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 29 KB
30 KB 565ms
544ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/pm-modi-560x600.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 996469af01b3a9e93ee860effa0fa9637ee16e9e0aebf97a994830dac66036e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Sun, 15 Oct 2023 03:07:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652b576f-74e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkqZc%2Bcite%2FTZ6jN62Ub1cBhs8g8R3V%2FqdjT%2FWG6db7mR22gNHfrdFKIMHU9mXrgg5kT7ONxSB%2Fh4Co%2FEeSqSsxsuQbUvhLxfev1IqBMvF3hjW8eo91zl1ENCuwe1pzzHZ7VvpLvo9AGcZX1Vgh1j6H3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f2f368a-FRA
content-length: 29929

GET
H2 200 00-8-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 25 KB
25 KB 597ms
576ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/00-8-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2436b5758ca63ce8aedbbdc1d473625f5b57aa3ec699b635a21dad1242627b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 07:12:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6530d6e4-6420"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8bDTV%2FJBHg6N8SRT%2FnkHSx4nxA%2BJUrxqTfoRhXkRww2GvrB3%2BvnXMbpu2f3ikudHCxJJmw%2B5a3EPIGCSZVPevLhVNikdHKvz182UT7bFnCgAPCPO1n653bR6Hn6QxV8DXg6cTYuZTZSWO7iSrJXQXPT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f32368a-FRA
content-length: 25632

GET
H2 200 00-8-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 439ms
418ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/00-8-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1c8113ac4af844d4c162ff246c97a3ce8c862bf1442e0469983e4498059d032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 07:12:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6530d6e4-c71"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lsFa9FlENCNcGYqRY0vYNpwiMTznhgo%2BoXCshVKGyllpqQmvdFGnzolN3g3nsM7%2ByG8op6tvISzWBqazEK4YwUShqXdPhnUj4IjJTKGwFkUoiesU93%2BU25%2Fc54iTME9YxqgANJf9y2NAoCnf%2FHbj9zT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f34368a-FRA
content-length: 3185

GET
H2 200 Ram-Temple-2-1-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 20 KB
20 KB 564ms
544ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/Ram-Temple-2-1-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f2a3f5f704e060832d3e169b6c3f830d4a902a9c163192aaaca620c0fa940d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 06:57:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6530d36c-5033"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtJTeKtAIwjL57jwj8TLkCYQYu1ZR8s2r0ILa076%2BZQ3Gk%2Bbcn0%2FA2MKopvmznzp0dlZQXZWEQNR8Z0oZJdz%2FADAT582gF6FpMMUTnkKi6FbzQdgy7ZCiRcVdlp9bPaplFv2Pkr7omIRIzqbnDIZJGts"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f35368a-FRA
content-length: 20531

GET
H2 200 Ram-Temple-2-1-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 2 KB
3 KB 452ms
432ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/Ram-Temple-2-1-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ce164c8d436426e64ddb926993163b660aeded9b7470113b2c89b3dec0dbf17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 06:57:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6530d36c-9cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7n1QjTAQzBZSCuV5sJvI5i4A19D%2FmuhjXLbgL0GJ%2F14xB2iCZvWk5wCWm76R3%2FnXX6ivWGBCQUcTuj%2FwnoDkOa4j%2FwmRjVKZsr2P6Cl8igsEWlYBpiatmAnNg%2B7AtwcizeogdXI7sp13iXeIe5AZqj4c"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f37368a-FRA
content-length: 2509

GET
H2 200 amit-1-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 450ms
429ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/amit-1-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9976059e047c01c11cf55670308d59931ad68451c4f9f608cb83c064fc4be005

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 03:03:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65309c9c-b8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sjsms4i7vlHs0SY76%2Fyoe%2B63fSOSZKpCKpQCilWs9leHWZmJeIwApLRZIIRe%2FWSacmpqKWEc5wwHmbzdSnqffW2vbZPT3DNYS5k1K0ExK%2BWhLYw3FElrSBWN47RuX9qmd9GdegIDYPT7HyzPAXPb5MpG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f38368a-FRA
content-length: 2958

GET
H2 200 F8tpYTRacAAELFE-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 453ms
433ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/F8tpYTRacAAELFE-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3071ba0ca5cdfbe893dd2093f85957808905ee77eb1ba306019b4d9f6f1e0861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 13:17:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652fdaea-aa3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ocw7QTcpbNZBIaPHYW609vxFk8vAAClk61ksZ5iNdWIipm3wRnmC9ntfxnjspEZw5RlzG7RvFNg%2Fi5hTKrBgou%2Fu9NwQD1PKspuHMjRI7QqzuVSuUiY0Yqyfq9AzcxPJndMddQAYT%2FspsmsGOE3tCf2g"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f39368a-FRA
content-length: 2723

GET
H2 200 815861a1-aecf-4a0b-b172-931f6acbd47c-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 445ms
425ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/815861a1-aecf-4a0b-b172-931f6acbd47c-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f488d97531c87bd09dbaa830558d165c19ad8448c5fd15da9049a0f6476e201

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 13:12:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652fd9d3-be1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwtWa%2FV4zOFLvgiofapBt5Of%2Fi2nc%2B54OOqETtXnB1%2BapZPL1RFbV9v0fydG1FeWOHujYLRMrGyHB%2FL4xtDmBUt2uDJC55Do8R%2BVz80cVOhFoLsS1%2BnLuVwwAjV9W7PIkaoCQQowOaK4vtQk%2BBXC%2FypV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f3a368a-FRA
content-length: 3041

GET
H2 200 presidents-1-560x600.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 33 KB
34 KB 571ms
551ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/presidents-1-560x600.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c1bd33e59392d388d5b1081da6c3b14c61d84250fd115e01418762d4a4be5e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 03:14:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65309f10-8548"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1h32yC4dStNHazYwTCzzBdlf4ONLBo1whhR2Ax%2BeBKAHLdoJ8Vl27w0pSJwB0f9ja%2BHuTDxBQW5eCT%2BC21a9cS2bha18HprB0ka26l%2B%2B%2FgvxXuXyAxiOvv5t50ZqqkumCpRWM%2BUA1wHSKaYqTxLvRO9Z"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f3b368a-FRA
content-length: 34120

GET
H2 200 sunak-1-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 19 KB
19 KB 576ms
556ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/sunak-1-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1270711c569d50ac8275d22b3cdc2b6db216954e8cd73e7a324e2036c6678512

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 02:54:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65309a83-4bbe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7za%2FO0B30mA3jCLkUi3LnjM0pR9Zn3QEY0K4pLGOBJVz4nEhfzXYIsAL12yDEB9NZH1P1sl1o%2FINSwuA87Eh1P7HfWARlnqUZ0PzBFS1FEDqec753tH2qqxwOCGeVHKSfXy0MAt55wirKlgTvSNC96zE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f3c368a-FRA
content-length: 19390

GET
H2 200 sunak-1-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 446ms
426ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/sunak-1-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7eb792f92ac032761ab7b74e42e33ba37896e7fae4200ac1974ce635455755b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 02:54:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65309a83-a9c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdhsvV4M4O4QJfw5vosXIkTNIT5mVNak3sBSu8GWfBMMCC0jyvTzxJQwDlgThidadgZNd%2FwOnxRFnUol8EQ3RAJbfBtIGbaPd7PcsgqeZbrT4HAH0T%2FtopAqxIhJ2X2OpWB17VHsXjyLN%2ByH%2F0a19x%2B3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f3d368a-FRA
content-length: 2716

GET
H2 200 isreal-america-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 21 KB
21 KB 554ms
534ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/isreal-america-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b84963b4284113bb71813fc3e64b0337d52e7418f499515a138e5693702f5d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 10:27:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652fb30a-536a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFq%2FktTXYW0JDoA0g7LPY5GEi06BGAzKiZz4t4G3X%2Bl6Lcscz3H4Ud8PoagU5bqzSfLeYBdurGBmOnhqyC02iwGXlobTIOqYe1ik3GZULS0X%2FwDD6VhzT%2FDHSdFnoti1YrihzaVlZKE1gh2%2Bos8%2BbfIO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f40368a-FRA
content-length: 21354

GET
H2 200 isreal-america-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 450ms
430ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/isreal-america-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76a0bad828de65dc2afed92d6821c9cc5d7e031aeb309a544367c7c0320a28b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 10:27:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652fb30a-c2e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LQJnSScbW5fXYMMnU%2BsrOk%2F9CTXNwo4FVq9bSFV4I3IrQ0hpMaDnuGrpB%2BKwCHjsP9Qyp6SvMhuX4nZtSQA80%2B54im7TFwVCL7P5TgwwNr1kCXu66marWjHmJyGW2rds2ZCutbMYIR%2BlQUSnMlK4UeV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f41368a-FRA
content-length: 3118

GET
H2 200 WhatsApp-Image-2023-10-18-at-11.15.18-80x80.jpeg
uat.newsroompost.com/wp-content/uploads/2023/10/ 2 KB
2 KB 443ms
423ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/WhatsApp-Image-2023-10-18-at-11.15.18-80x80.jpeg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 413889bd5c5b362bda200d15065261d157557529bde4cd4d42938d30ca37498c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 05:46:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652f712c-802"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8GlIEP9ajUnWdPkLtFwrOiHcu8wIC%2BHLWK5GnMOpVXis7bVZsUwHhgaS1I4hJUJWgDnx9YVkTw3sWseJ7aZQ3tdqb0mSzEGnzLZizxXeh3wWzuB84%2Fo4xvIwlg56VMCN1frT7MmIot52dbWPenNxHbU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f44368a-FRA
content-length: 2050

GET
H2 200 biden-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 447ms
428ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/biden-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77f71046a29a7a628d54e985fa8654247ae56d6a6abe631c5c7dd07a6293688e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 03:11:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652f4ce2-a2c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgdH8FuZnQRHbDtJ5MUmlknjKWYA%2F2ynbQYxZpKPrUA6RfkUhQvvIG2zrTn2mtSCEAbtwTMfA3KnMKYD%2B7o3FlbkRrjV4WtPu8oTHUy9pLSibHnSWDcCpuXogC0PUQvj%2BDYhIeIFdye7VbTClwJu8yEk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f45368a-FRA
content-length: 2604

GET
H2 200 hundreds-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 2 KB
3 KB 450ms
431ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/hundreds-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7681fd5fb602dc578333732afe21a1e182886b5c39636f32556698a1775e0388

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 02:59:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652f4a1a-8a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2B4SzSCmU%2F7XcIhqHLfYY3up4liZ9OVoWR%2BmdatSQaohsb7PHOfjd95hMIC3BWwPuL3kH7Seen3%2FBfX26hiwsuPneYvHfTb2BL6DgnBDSER31dsrE5SmlFl8duQV2VIDLSkaOeIRWD2bzBVzfGR5HI5e"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f47368a-FRA
content-length: 2214

GET
H2 200 feat-2-560x600.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 34 KB
34 KB 562ms
543ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/feat-2-560x600.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f79a091fcc5e0a54a93ce8edd66cb29fc5914c1885770b9949455f5e4c5cb442

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 11 Oct 2023 08:07:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652657b6-870a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6BZEdcEHW%2FtxA3%2FJhCIVDSir0bEv9ll2MOMcPOTUUJeShVjmVJD895JZoem%2FB4TqdHQZQkfEeIPR7QDWFXW86HRDYjk46XUM44sfgWaX96HRgFXTCO3I9UeagZ%2Fy%2FyJqrwhT%2BL5n5gOSC9GXQFxs2CF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f48368a-FRA
content-length: 34570

GET
H2 200 Physics-wallah-App-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 16 KB
16 KB 565ms
546ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/Physics-wallah-App-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d035448a3fbf0a616d09697d5a4b10785e809603e201b0e3c9e2ee34f59ef39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Fri, 06 Oct 2023 08:39:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "651fc7b0-3f79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=isDgK9H7MexqXUa1X9OPN3vso1hgErUpze9AzaqM1OYebL5UwBN66Ar7iC2L%2BoAWk5yjXzva6iHlfIfRwCF3OR8tlwjHnx%2F9NnEPynNITjSiRhh%2FtiPwGM9Afv0daYPNDXoRk56ggqVVIrQyW%2FaL8Ea6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f49368a-FRA
content-length: 16249

GET
H2 200 Physics-wallah-App-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 438ms
419ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/Physics-wallah-App-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd83679af3081bd362863ef383f510dcd19208e18ccec9fa84e38f117f5f58f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Fri, 06 Oct 2023 08:39:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "651fc7b0-a6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTR9vHwslFU%2B3oOFqplnxKYP5d%2BKmoeFASBtNube%2B%2Fu6rFx%2FJrok7byLAK8tOfxlPU4MeAKzhFmo2PU7wcnV85M07C6LIvn9lqdhPiRRALs00ORSoV9BpLlYcxQuj%2F2QWIaIjnYjgNAjDeDoCf6%2BL%2FHZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f4a368a-FRA
content-length: 2669

GET
H2 200 image-2023-09-21T183629.983-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/09/ 16 KB
16 KB 574ms
555ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/09/image-2023-09-21T183629.983-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40456be013e4c5ced63d18505de57929aea8b03c14e0985cddb92eecc86b8822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 21 Sep 2023 13:06:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "650c3fdf-3ed1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDgoW2rLJJfO4P2HVjPal4VDBU0pNUPE3d2cn1pRjc%2F7jx9qgbv8EgEGp9IJh%2BY7CL67lK3DyYg4BAbzIIVA7A32M3GxyC33evslSnsYaoZrNzCLu8b53wJSV8UYtF3qYWp9Y2kisbeBSILysDjCbi%2Fk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f4b368a-FRA
content-length: 16081

GET
H2 200 image-2023-09-21T183629.983-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/09/ 3 KB
3 KB 454ms
435ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/09/image-2023-09-21T183629.983-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71dbdcada8f54ed95697e7ea9161827f487212477c5ac3903ebc8f09735c8b50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 21 Sep 2023 13:06:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "650c3fdf-a8c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KbNYzWG8uosejP%2B1O27nTw5Z%2BK%2FZlJPNbAZxFALmoPEDMI167CU%2F3uG5m5nm2vmV3hBIkaA%2Bp2o9cNw7PQbeVeXFlVZ2NHTIYjhOyl07NpehwYZR3APsh70eVk%2BiEdgiqDp%2FslDRmsiY78a%2Fn5Cmx2Ew"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f4d368a-FRA
content-length: 2700

GET
H2 200 gandhiji-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 441ms
422ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/gandhiji-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 446a7de54bc1cf1dd3e90e6d82858871e5fe17d7de0157e7ce71be135afd4423

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Mon, 02 Oct 2023 05:02:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "651a4ef2-b26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ImI6fgiRkgGCexN2KVC9xBamjPFgRySGjOKnQYx9Upv%2Byic3N0Bn%2B5FqJE%2FWxK4rfEFBWAj3lGUNi8AMzTSDO8KHDbCQkCqP8KvDPLcsTZ2eS0355MGJWihuZLDaO%2F%2B5KwammZ3Ji8vxCPdyBrqqq8H"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f4e368a-FRA
content-length: 2854

GET
H2 200 balbir-1-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/09/ 3 KB
3 KB 457ms
439ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/09/balbir-1-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 732456a0aa5ee02c8aa22544ce58ea3d4c6a033bd18915cb1642c3f40a5a7e58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 27 Sep 2023 05:26:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6513bcfc-ab2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2u4kAn86dyx53acNPy3qhe54Bi4vyPJ3acOHJDRD7mfF%2FgHYh8pW0PF6xRQn1yOGJFWh5uaUttqmxl1XIpbMaZ9mp%2B4ZATUYFrtF8IecfQuNUqTG4zI2jpSoNhq69fgmGBMuOgCxD6jr3wKjYneYngb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f4f368a-FRA
content-length: 2738

GET
H2 200 Canad-a--80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/09/ 2 KB
3 KB 441ms
423ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/09/Canad-a--80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d538e0e5cb0b6da90251761e5c35d6e4f36f3555364b15ca090be347bd6660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Tue, 26 Sep 2023 13:18:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6512da09-98a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScZgLOXJtQjOTcFhdlYybprwlMofPttqzjmkkHn5dtaNwFyMSGIWKhteeNYfCxhC6JR%2FPX4QyZ7tVrt34WPL3sIlE%2BA5E5bhUVglw8kisKDKLidSnZzU6g3tYvmLTE74WIRolytMMNjPskpH%2BgOlFNuP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f50368a-FRA
content-length: 2442

GET
H2 200 DUSU-election--80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/09/ 3 KB
4 KB 439ms
421ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/09/DUSU-election--80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e91a21282f698ca148d2d04b7f28ed2f6a1759cb67f03c13074cc3185646ca83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Sat, 23 Sep 2023 08:05:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "650e9c4f-d74"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6vTOBtRMbv95ICtcv1WTSWzOwd%2BDy9NukTTQ0Idq7s5wrNaE99Oj1YF8QtynDi6crKJO42AFHVzhz7AqYYGo3ceEDNFoX9%2BqHgnA%2BOg0t%2FFB48%2BvlGQyrbcUEu%2FVDj7s1%2B0mfzPyM4nzLmjecigxgxh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f52368a-FRA
content-length: 3444

GET
H2 200 feature-5-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/09/ 3 KB
3 KB 450ms
432ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/09/feature-5-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebdc92febcfa7ee9dff30ebfe8255e78a72da20ec78671cd77e97d770671ecbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 20 Sep 2023 10:35:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "650acb04-a4d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4BexZB%2BdfZt8onsthhwpDiccThJQQqGUQuTFgzSuZ2Mq1VhuTULO6tNgTDiAbY1bixv5Dvrhlcb17TcWLMIkDaJm4T%2BQOuZuq0alRW0VD9vvbBiJl3Dc6BV9cPUL9GstuTW6VQQAqfHh16V6FhpeisA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f53368a-FRA
content-length: 2637

GET
H2 200 exam-jpg-1200%C3%97800--80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/01/ 2 KB
2 KB 445ms
427ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/01/exam-jpg-1200%C3%97800--80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d0e54ef9173044342bb053da4531c949c1ee033caf7e4fe060adf276c3eca00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Tue, 10 Jan 2023 05:20:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63bcf587-831"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C87YpDFDSdJNtIM%2FG1%2BJaPu4ESALBN6er5tcvMDVKa1hQ4dhlCqUtxlz9kIEk74PtwAX60ELWJpWgxs1tBZ8ByEkN%2BdvXqXjd631MHPE8ikuJIoyAiBFcvnAsGY4T0EqyaFAr5FsBGnnAZUbSJMutYVu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f54368a-FRA
content-length: 2097

GET
H2 200 WhatsApp-Image-2023-09-24-at-11.51.07-2-560x600.jpeg
uat.newsroompost.com/wp-content/uploads/2023/09/ 69 KB
69 KB 675ms
658ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/09/WhatsApp-Image-2023-09-24-at-11.51.07-2-560x600.jpeg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 935bf4c7f13833b4912e640b4ee259a99aa088389659685df7bd97781bbf2cf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Sep 2023 06:25:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "650fd65d-112df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2UTx2SSHSZklBVT9A%2BQLaYiiJTH%2BXb7MVRNrIC%2F%2BC8nhnPr64%2FPoxem3fgz7nmVKF6Jdg44qcjzWsPdXUYbuYfxv7rt2cxxdVGv0bWwyK3MmubYSRDG1Sp9OZfdw7uStcIGg2vteBV108d2IEAPbdji0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f55368a-FRA
content-length: 70367

GET
H2 200 flip-sale-1-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 20 KB
20 KB 576ms
558ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/flip-sale-1-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b824398f431a8d2c37fa56e79b1d9af6ecd80a2cb80604647eb3f7c804ff923

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 11:00:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652fbadd-4f14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61tq2AKyGRMXA6Khvlopm7GKmVCySBo1eouhk%2BkbKCi97wbVlft1uQDAvsRPFBr30SwPAVluwrHPWPBkknnnviNbmw2oPmZpDYz%2Fg8G%2F2kkgyL%2B9ClT6KxRtlabShYvbarsAyTHlb9I9%2BBrHu9MIvUVG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f56368a-FRA
content-length: 20244

GET
H2 200 flip-sale-1-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 2 KB
3 KB 440ms
422ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/flip-sale-1-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9ae194c2271e66951ca2e203e001dcf07f2dc11bc58aeaaaf7644720d346b8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 11:00:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652fbadd-945"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KQtXODnqZ7T1yxP5MyA7sv547dsEITjhlLacaRDfGMIs7h1f%2B0cnwabsEv4ycW4F6HydIkk88PL%2F6S1vTPNW0vt3731Kdx9ABPypp1%2B7ShJZ2Ipb1kEc36d2kk4XkawaqFjaxb2Pi8nl9rrBw8bUpCB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f58368a-FRA
content-length: 2373

GET
H2 200 Satta-King--400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/09/ 24 KB
24 KB 572ms
554ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/09/Satta-King--400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79519a8e96d3739857b63ba9eee5218bac697ff1e30caad1fd253d205d3599f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Sep 2023 12:16:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64f86d8f-5e47"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBVaprkyhrko%2FGksRonY6Sn%2FTuUYQxTmRG12H8igtEU3arhnaHHitp0dXD2j%2Bd%2BcPLZC3aGls0B1l2xOeTzBANkpjPOAbb2IUeXK1bwv8AaevAeK0U8hye7M9mbKiNGtolaAjMMmbxi4tfnby3T4VtYy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f5a368a-FRA
content-length: 24135

GET
H2 200 Satta-King--80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/09/ 3 KB
3 KB 454ms
437ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/09/Satta-King--80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2609049985362af24b8dfb961bd94e4bf7ab6e82ffed40ac7bdd7975c01753d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 06 Sep 2023 12:16:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64f86d8f-bc5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0aP0U9UGOR6b0%2BfnKamf%2BpbZQ3dGEtztvDktR%2BqomuXfetcgTfk5FBa6Msy%2FgvIe7sdayL4JmUM7V1eExPqbMIV5az6rU2qKW2WK8aqh4aHZLKNUHUgbtBUXvWhnAfSphQgHcWYq5BWBLUbLcZV7Xcm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f5b368a-FRA
content-length: 3013

GET
H2 200 300X250.gif
newsroompost.com/wp-content/uploads/2023/10/ 36 KB
36 KB 573ms
556ms Image
image/gif 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsroompost.com/wp-content/uploads/2023/10/300X250.gif
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c990ce89266d15d8cc53e7e1d2364fffd56433468a7099076b35e393b37c4e69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 04:35:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652f609b-9072"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wCC053TsKudM0Gq5I9Op3FLEz792%2Fn8P0yacvWnqRUTY%2F3Yq8kOFu4vm2%2BWL1cFT%2FGyB8CqSxQb%2Bn3%2BtnUj8TKdZ85mL2TkuuJs9BduLwrbTqWxdSnKtx602WD1G81GifcUhRQyE6VmKDr4ZZrw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
accept-ranges: bytes
cf-ray: 818988532f5d368a-FRA
content-length: 36978

GET
H2 200 Delhi-Satta-King-Chart.jpg-final-1-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/02/ 4 KB
4 KB 456ms
439ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/02/Delhi-Satta-King-Chart.jpg-final-1-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 625faf6ab4228d1e60d27c715573eedab87a6d90a5b283ac36d79ecd22dcd956

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Mon, 06 Feb 2023 03:49:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63e078c5-e09"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1dnuYGrcvbVaQbHZ1R3yCS3vka2PoZ6dZO7P1F0O2Jvy4ae6TDA46ieX7mL9kMC3iZG81nyuYeHfHCRJrCF6LXMsdK%2BJb1G9VM3CKACFhJp5Q0wdR18%2FlWG5A9iEItGhU%2FduJBsu1fHoO%2BJx4Z%2Fz7P4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f5e368a-FRA
content-length: 3593

GET
H2 200 Hero-Motocorp--80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
4 KB 462ms
445ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/Hero-Motocorp--80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7101c8be2eedf0a5fe2406d9abba60706a8e086cbc65c4b793daf58b83006387

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Tue, 17 Oct 2023 12:20:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652e7bfe-c73"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w84%2FU%2BwLhUNGYuZBW6U1N1Py4FeocvCzJxWXkN9wJkYU3Kjq7RH1KEl7udrpBxg4hmSRySocBn9hNv14q7UEETf%2F6DZf4xjaabx99naMeXaSsd5QAu3obtWV93NyUgtbzrxqHn%2BQs9Oq5OTUjNZRC2dk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f60368a-FRA
content-length: 3187

GET
H2 200 Satta-King-4-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/05/ 3 KB
3 KB 436ms
419ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/05/Satta-King-4-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbc98908cfc2082692f4209b5aa6a87f97a4e6206049c4c649b4ac69d15a41a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 25 May 2023 11:09:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "646f41fc-a3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTbyReKAG9f6HAfvi%2Bnf9WE4jwS2fMc8KCFR%2FeoHXVCccLlWdM0T4dZRPkF8Bpfz2abfpdPeViF%2FuQSd7N7TEAhf1C1%2Beayb%2BHMDIjOp1qI1qk1j7IAQ1Mv4%2FEcXLxF744bq%2Be3KS4d5MXN8BCv%2BD27u"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f61368a-FRA
content-length: 2619

GET
H2 200 facelift-1-590x354.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 30 KB
31 KB 572ms
555ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/facelift-1-590x354.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71717ff75ac950953ec92111b9e599ba2e075cfe3e2f7fc9e4c6ddf8839141b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 08:11:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652f9323-79c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7k5Ebrv1gVf7JFIWh17a9x2aKpG%2BrGu3S5JmNQJv1mAHcCXA82vJz4Nc8osPbViGZdq5BmrtQmdx9hLUz4TyPDKiTVxrNAbJrjoJ2RBZictXdwbkxE442I0jK3DPnDIpGoqxhTUhKHLipDT3%2BUrLjCJl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f63368a-FRA
content-length: 31170

GET
H2 200 facelift-1-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 17 KB
17 KB 562ms
545ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/facelift-1-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7ba8adcc2aacd23fde3800037f200e13001046c5925753d9e5f37029dcfc3d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 08:11:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652f9323-4249"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ArGa%2Fs26mji1cD5KPx0TcrF4E9ZtqLhJHdPM7VfPkrwBsuLtuf0YHY%2FJENRFm5akxxKcqB7oKNZOpjDCVjx7LBQJzg%2BGl78%2BuGJB%2BOuLyldN%2BZDbWS3kHvpHtEbGBtOvu8xPkUyw71p9LdnEwdcKd5Fp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f66368a-FRA
content-length: 16969

GET
H2 200 F8ia_OoWAAAiEI_-590x354.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 33 KB
34 KB 568ms
551ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/F8ia_OoWAAAiEI_-590x354.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d956818b2591500cd0a8af6965a49187b3ec70b76b425db94655fe27c28b8091

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Tue, 17 Oct 2023 13:16:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652e892b-8535"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2G%2BXJV2Ljxf5dwjLf%2Bs7e%2FDeT7O%2BU7S1G87vT5t9oDI0lf9qs5yruJHEn3WODi1VvUwZeQ3to%2F1bRnbMZmQk5r4X%2B8E3KAaQ%2B8lp2%2BmDCh9XQQv4IGUWe9l%2F2wk26Iuc3pdNcTmTOoy4dEIn%2BrgszN6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f68368a-FRA
content-length: 34101

GET
H2 200 F8ia_OoWAAAiEI_-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 18 KB
19 KB 191ms
174ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/F8ia_OoWAAAiEI_-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a58650bf18155b0760467c4d4ce619478cb3a2345cd04fa6037c8540dd35976f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Tue, 17 Oct 2023 13:16:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652e892b-48bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vA18a06r9uLSnGr3xjG1mkweMplCkwplHcesFz%2ButLjadUQTmTxbXE7k0YbsV3VIy0Ixg7JLglM12YfERUgxPelMg9oNcxwxuogq7TSd0VWNXuUzU%2BoUCV41iyW831xsJ819YLJ52uybiDjeHZRytQIw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f6a368a-FRA
content-length: 18621

GET
H2 200 bmw-1-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 23 KB
23 KB 592ms
575ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/bmw-1-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 215aad6246698324127d1f47f11ce094bd7115a614aebbb970c159b7ae3324de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 08:08:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6527a976-5c21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63%2BWppNE8qNVDaOCkEviYUH01dnt3FzGrD7d234tdxrcW1DzsO4ssQoNow7c3OI65M6VdLPqP0dIIRwHHb58I%2FpZo%2FioSMS2Px76z1kPw%2BidhsrMJRJTbu6bWR2BRew9Ns2icD1hsp06jPo5sMyWW7lA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f6b368a-FRA
content-length: 23585

GET
H2 200 bmw-1-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 443ms
427ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/bmw-1-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd8fa7bdd260d208d29934076ec260aa85950625d3906aa4f0aaa52ecb7458c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 08:08:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6527a976-b79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0Qf1dflvkOa3A0mZx6l2MFKaGBDq8%2FkHdcMdz86R0j2F8xQfA9NgalAg%2B97ezwcBRny2YdCV2w5cwXV%2B5WVRAMDYjUQlrWLtggOpKXSG47HSMzzGTfnuY1cQWwG6O2kWZAC41UZlyyqdr3aT1Ei%2BT8Z"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f6e368a-FRA
content-length: 2937

GET
H2 200 Air-India-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 17 KB
17 KB 580ms
564ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/Air-India-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a76aef3f79584430f5200c3c58684f2606a1bbba2767e643d68428c1ad6bb7ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Sat, 07 Oct 2023 07:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65210516-446f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=togR3MpYtQGOF2DbKflICX%2FfmT6FUd%2BRF0PSLmf7JQvTCUFWwF%2BDvmUvuJXPGCdErpXCoy9cMzgxb%2FMs%2FtFQ%2BJsdz%2BygfrVDWllLoiqBOEic9iO%2F6cffND8rRQeTqdyRtMQ8RSCR4NveKqmgf7rN%2BWcp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f6f368a-FRA
content-length: 17519

GET
H2 200 Air-India-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 2 KB
2 KB 454ms
438ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/Air-India-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9e16c57bdbaed4c54fe42a918f857857217c6efd787dde4d397f6b4a66e443

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Sat, 07 Oct 2023 07:13:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65210516-8aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDroOsW61O5s8sXyK5S7VveO7tQwaPngNES089c%2FNreuDMeaAIZXKYCAIbZBDJHvFnaxvdbayVsc2gk1lk0KUkLiAuQnf1gJi2JeU3X15aQ1szx%2FXJRp517K%2B9W0nzIilB1QfjuNLr8Aq4S3l7Q0a4IX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f71368a-FRA
content-length: 2218

GET
H2 200 solar-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 27 KB
27 KB 585ms
569ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/solar-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5787789ea04a68ff4a71d83cfde57972a27ef4dabd962179d34156dc6dd47e44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Mon, 02 Oct 2023 11:06:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "651aa422-6c7f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e75Ld%2F9m4A3g%2BaY4xG9IpILmqxRa2WMETP0%2BGS5z1rRvaSCLRojBUGK2NEVLBCnVhZKDyAfj9Bge%2FgUuDxOu%2FvcQNGBTpFQPh9U7R5Nu083h7WzVSzbTj0ghUqVKX1H%2BSfh4NqyhfmRMjV0Kf2KWUtqh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f73368a-FRA
content-length: 27775

GET
H2 200 solar-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 449ms
433ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/solar-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 347389c3d82225f20421fc81d5184f8d089ce96cece4b7d313f5ee528f007974

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Mon, 02 Oct 2023 11:06:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "651aa422-c4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fB1hgE2y7SMc%2F1W8IvGgLYyAgP8Q6yAA%2BjzP33TcSVoeScdNUsNPGALAC3JTyXVEz4AaVyFTOBgieFR91%2FR3d3DWv9jWH6YJsICZ8YpBJOAxQg6r09XxJpEIhNu0ADKLx%2FKlfgs1V%2Fw4r%2FWgaJr6rW28"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f75368a-FRA
content-length: 3148

GET
H2 200 waf-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/09/ 22 KB
22 KB 566ms
550ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/09/waf-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f540bce5242bc1385d9c69098f65afeb921d2de36e4d12142e956f7ce1d1727c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 28 Sep 2023 08:39:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65153bc8-56f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gowOsOfDYNIF0EdVMrZBleSqGufW2uQqOjwJ0Ux3OP4h6Bq2i%2BwPtJ1H8Go96ya%2FzV0%2B%2FGgyGGfpir3vfxBimz9KfGCvlE9rK0D6H8ewib0aDmw0uhWmXyhd7tTQeCvHHKRmcP6DMQhIz9SgPpLEmF7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f76368a-FRA
content-length: 22264

GET
H2 200 waf-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/09/ 3 KB
4 KB 457ms
441ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/09/waf-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f24c25c0d69d17703aa7000582fccd8b22217bb1adbb9d650fcc6f9fdb210baf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 28 Sep 2023 08:39:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65153bc8-dcc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LuaV%2BBtiwwlN%2FSQXapJz%2BA%2BzULQNi3Y71FeG56blxqYXvOhzhh529Tmo5wD8HtJorhSHN26pi1mjXSd4tudoa5f7wda8NhBmlhkwCUvgk3Rqslo%2Fh6mcY8nPtA6bOIe3ZKImiLqWYcZGE4xOKrD2Fi54"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f79368a-FRA
content-length: 3532

GET
H2 200 event-1-590x354.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 17 KB
17 KB 562ms
546ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/event-1-590x354.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66fae96ec52bc978e833e6aa6f167cfdd56208ee676be273c60ad608cc65d334

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 06:22:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6530cb32-4334"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XTBtnUb37LscbUnqFg5nWo5c9hfT8RVcMQ9uWTq2WfqmMjCbKwKzPoctBxmT9RVdHMWPE4oZ3rB98MdtA4yuraz1rBtS8LicUbWDPtQYNHoDiTYqOpML6l4NZb4WokkbCUalX1x0N6dHMo%2FFWCq8%2BnK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f7a368a-FRA
content-length: 17204

GET
H2 200 event-1-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 10 KB
10 KB 449ms
434ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/event-1-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61fe4eeb815f7415bcec0e853a700c0f9a41b13060aa75f1472f8af449255d17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Thu, 19 Oct 2023 06:22:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6530cb32-26d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BjOREcr%2Bq4NmCtigps%2BH4vI76PzBZM2NypbB%2FmeSvjKy%2FMyIf89Nde6vK2TvSfiz3gE5UoLeuzVyCOM0d7P4l07VfYiSeiwqmmQLAY0jI%2BZiyqG5pioCjAXVqNJZYIPwZ4TpQAo3xokFxawaDevDYW4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f7e368a-FRA
content-length: 9942

GET
H2 200 x-1-1-590x354.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 19 KB
19 KB 575ms
560ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/x-1-1-590x354.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abf9247cea30ede0659679f4737da8c59d22d3a94352f2736a97dbccafe3c9ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 11:13:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652fbdcd-4c08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTlANCxQjAdSQoD3PTP2KCU%2FP79FsvVHGK%2FW%2BKrpVBIzlMGRQoHDHpwPv%2F5tLhRcbPBolD2njd3grjTXZ%2FQPNkNuZCkzIbTQrcOiwvEvkjsV9F3uD%2Bfz%2FCJKO1F3Srd3xPn9BChrUf3I3jU%2FKoQsEZ4a"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f7f368a-FRA
content-length: 19464

GET
H2 200 x-1-1-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 12 KB
12 KB 572ms
557ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/x-1-1-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 304e77d7f34200a0b72a3b6e91b9c1f825db86aab1234cf56f36958bba571944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 11:13:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652fbdcd-303c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2EdKd%2Bpmjn80ulUOnHawnreTOAx5JHnzRpPJjVAHf8zDjuwGxeHkhZGElltkByg%2FdOEwJ4NYPml9Q40fBpcaW7ZLUjvAh%2Fn3ymMG%2BNMWbQawrvfIh1rGqTgjtcIOZ98M2gyWMbErrtp%2F%2Ft8X56FmaPcM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f81368a-FRA
content-length: 12348

GET
H2 200 tab-1-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 19 KB
20 KB 582ms
567ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/tab-1-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ff423ff2842d15df4773ebf8c40fdec0cf584ed5f38af26ca707ea2333efc19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Tue, 17 Oct 2023 12:31:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652e7e9f-4d06"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1hDT5XymHNkVKQOemZontnrqmvPk5ezn3qXiSroADGM3xIfosyZHZWd4%2Bmf7r7eQjCBdr6j%2Bu325w5txm5q%2Fev7CE1Dr5eOpurNSTCg1rpitqT2pu98ACfXcL9Hcwf8Vr2udXeUCCiLWsOQ6adaLRrI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f83368a-FRA
content-length: 19718

GET
H2 200 tab-1-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 440ms
425ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/tab-1-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eaa258aa4a3110171a7076531dc1ff21f2e9e7992a78794bbd93c7def2765c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Tue, 17 Oct 2023 12:31:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652e7e9f-a63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNP4XS3RsoMhoIeV7StMxn%2BIHFZ63Sw6fYGCPRXRIap69eCVdcDlYB0PAzqftntqwacS9%2BHxGw86FcnVO3TUbLSgmWL3sXTX5BYWsoFgR49JJ9v6MnDPe3vwDPH2WX30iA2B%2FGdm8l3b%2BkE3fVHP3UvB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f85368a-FRA
content-length: 2659

GET
H2 200 17.1-1-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 21 KB
21 KB 588ms
573ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/17.1-1-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb86a1869ac6b898004b3accc1a1bc7fa37c6e14a271bb548ec4efa442228c93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 11:17:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652d1bb7-5387"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMbjJJmn94USG6fxMFioH82xwdOFjCkth8UnLlDSj29zUfU2lGenO1tantiNOOT4HF7wMF%2FraQZx0Z%2BP3RJNQgHbFjn1TbNGxDKytizK%2FB%2BIg0jJaOdBTID3ZAAAoIzT%2Fwv2CfkWNpwwMTZfqQKtI5Oj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f87368a-FRA
content-length: 21383

GET
H2 200 17.1-1-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 454ms
439ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/17.1-1-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8968cffc7a2b9f5bd24dcf79a2dbe96e35e35f423848bb5a8a6ac13b7984e02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 11:17:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652d1bb7-c42"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGbc%2Bf5nta2Vqy5Ekveln%2BqI%2BV1DIDHE6ZBuKaFDczeKxQ%2ByshYahg8Rj54k7vmSUt17Jn399LBIMVWoVNduaF8R7UbBm15wMIKXGcxqmZtjHhtB6bepPVQ30cE6ropwkHx%2BtUOZXsDWkR7P%2B73mwzT4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f89368a-FRA
content-length: 3138

GET
H2 200 whatsapp-1-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 17 KB
18 KB 580ms
565ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/whatsapp-1-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00844f13ef0cb0f17998b903296b2af48690e8a72c8ee1bc5fa3dde1f62d4441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 05:32:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652ccae2-45c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwOkufFi%2F7dOHkENaU%2BwUF7s1%2FvUpFIXHJaihcZ9en8e%2BRdkhb5cYslZLa7d3utn1VuDXeyiy52HNZhhEM7JnJRklw0C7btJqaXU81bov0Re2plyG%2FZl3fRJljjJpInnOSi7NTX01apvanUSjqHPHXLE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f8a368a-FRA
content-length: 17864

GET
H2 200 whatsapp-1-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 449ms
434ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/whatsapp-1-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07863c3e4c62c347c6fdd0f338db95b38e9e3639e1dbf047e155ec5a59f99c89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Mon, 16 Oct 2023 05:32:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652ccae2-bec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWVl%2FVsZqPpCTaqoEDaiFDNAVASyI%2Fqpp1Eb9qLngZYksCmI190prBja3oV%2BZ00QhM6ltU4Cnr0YnL47r%2FAgSsEURxeSXDU4%2B5PxzPXPftXs3ljqZOJHQ878sBfioLW37bQ01c6iQH8i7lN2FW0YXxvi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f8b368a-FRA
content-length: 3052

GET
H2 200 microsoft-1-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 26 KB
27 KB 568ms
553ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/microsoft-1-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7746296f9075097e2729b764af95cd862419401f86f7335808a31856da76aa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Sun, 15 Oct 2023 11:10:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652bc89d-6889"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNnRHAU6z8bDYmntHBlHIkbotw1uF3Z7PphOl2u4uIPc3gOQTg8nQa%2Fy0fqDcESiUuYNjmlpOQ%2FTPHbsDHdoYDoYBbKt93jQ9QBIwTmiN8WAfbj0Y2aGI1%2BwhzDSJvEeZn9uUundiOppam%2F%2BwlaPvchl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f8c368a-FRA
content-length: 26761

GET
H2 200 microsoft-1-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 459ms
444ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/microsoft-1-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c13c4d84e1985c53fb35f782c9a0a3aaf1e47555aeed471c7e0cbde0d7444c61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Sun, 15 Oct 2023 11:10:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652bc89d-bfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7CNR08fCQQw8Fv9FPd4EUgFSasRHMkHQ%2BFub8%2BGf5c5PB9cFNlTv1Zzxw%2BY%2FUvJPozsTgNsG1HGnjGaNwSSF9u%2FS02NheBGCAB3phjKGe3o0uOfkOWoMwC2dC3Z5pZOwQ8%2FdUjQmSpxPIpoV7VT3RpY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f8e368a-FRA
content-length: 3068

GET
H2 200 WhatsApp-Image-2023-10-18-at-17.23.15-590x354.jpeg
uat.newsroompost.com/wp-content/uploads/2023/10/ 34 KB
34 KB 577ms
563ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/WhatsApp-Image-2023-10-18-at-17.23.15-590x354.jpeg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83a70561bd7624f817767f1b33bc160a2af2779276019d1558a51e95f4e3bcc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 11:54:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652fc77e-8801"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YgKx0dBilD8s%2BLIUYbSxli8WyZvbwDgEvYVY19fJ5WCKorNx3ptiOXcxroMQpe9sW4FEdXndRKI1PWOASKkM%2FNtX4v4B7stHXMl%2BxTKN%2FgURJyg1WSP7oYS7NDAnSjz303ShVI56sv6zILRfpIogV6Gt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f90368a-FRA
content-length: 34817

GET
H2 200 WhatsApp-Image-2023-10-18-at-17.23.15-400x240.jpeg
uat.newsroompost.com/wp-content/uploads/2023/10/ 19 KB
19 KB 562ms
548ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/WhatsApp-Image-2023-10-18-at-17.23.15-400x240.jpeg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd5b95871c1663600999eafdc7dbe63f77597ed291286259eab1f5c7e8ea5d3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 11:54:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652fc77e-4ade"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vepnZKhhljWAFArgnjkSD5wUqSPYtA19UGJWkunPnl7aiUsVxqfEFsTBq0%2B5S7fCz%2BM2FY1kvINDBFpLcnujwXr5sCMutwadc8SjPQiGT6E61zZBpXr24tQ95TJbljb2YACDyLFJfm%2B3MUGIau0UL%2BV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f91368a-FRA
content-length: 19166

GET
H2 200 WhatsApp-Image-2023-10-15-at-16.44.04-590x354.jpeg
uat.newsroompost.com/wp-content/uploads/2023/10/ 62 KB
63 KB 696ms
682ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/WhatsApp-Image-2023-10-15-at-16.44.04-590x354.jpeg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 619753e148fab3c6f0d698fa57195c1275f90a73f523f5816d927affa63f1d9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Sun, 15 Oct 2023 11:17:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652bca37-f947"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QddOda%2FtEx5VLG8ypdSaC6CiVyauSeThh9HRodp0Ch7bO5YwuRSVI%2BRpEodQ5uT19w24hEWq2iITJbnFwSLbE20Vatw%2FeZLAUZ7oIZZCtYCV3Bx0eB%2B9NRwvt0oJyiB0TVg3HYIXfzoKSysK3GIKtfzX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f95368a-FRA
content-length: 63815

GET
H2 200 WhatsApp-Image-2023-10-15-at-16.44.04-400x240.jpeg
uat.newsroompost.com/wp-content/uploads/2023/10/ 34 KB
35 KB 580ms
566ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/WhatsApp-Image-2023-10-15-at-16.44.04-400x240.jpeg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b58afd0685c0fd44b2cb455228c766239dd84f5765d5e1b6479e769e4689123

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Sun, 15 Oct 2023 11:17:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652bca37-89f7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdFfgAGQnLq5c2g774m5swmp%2FAYmBPkrb2DW9nPo29Zw%2FU2aQQh4Anl4o6dHnQCsIksTzjzNcUGj%2FwrKD1aLHN7RDR5dwvpYTTpdjwsZRARepiM2%2F8Y55w6rWWgz%2BNgHpOmQiFjSbEeMVRv0X4objC0G"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f98368a-FRA
content-length: 35319

GET
H2 200 feat-3-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 24 KB
24 KB 561ms
547ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/feat-3-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 297f55278b6c970346f9cb8d19defb97c1a6be650dbf36e3f5091d45ff4fa339

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Fri, 13 Oct 2023 11:15:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652926d6-5efc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iezdKZbgcqGcm9xbOA2Pk%2BusO50Lf73lV5kVJL5GNKgjJSZ9hZ74ZqQlRpZXL7UKeEo1uCW164GB0jt1estG7Rog3e7B5raM7KM4%2F9kFo7IUMyhb88I9VsuQu6CSvexgCMi4y2xlG3pdzZLClD9I7Jn4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f99368a-FRA
content-length: 24316

GET
H2 200 feat-3-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 454ms
440ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/feat-3-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acbdd93539bc6cf0e01c7b2d844a30332301d54294265ea9d9eb4a3dfd3afed8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Fri, 13 Oct 2023 11:15:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652926d6-c5e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zoDYQTQrSMKmZcSHNrSYT0yGXyRJxkaSdARNC1%2BPhHsZYR%2FRBRDE5fbUCDJXTU60lwtgZTNg9%2FBY2sq29YwF82gsF%2FsK14xbXE1TJF5RGYZ2AaNixSwLFrG8L8t%2B%2FpQFL8CedXXOZfWwW%2B3oddYcRhHM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f9a368a-FRA
content-length: 3166

GET
H2 200 supershoes-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 19 KB
19 KB 574ms
561ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/supershoes-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f42e69998426304ffcc22a5846795e4e220c111c4d160c651b6f34a6853b778

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 11 Oct 2023 04:46:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652628a4-4af4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5zFGg9ox22X8Wh7oIZHhO90coH9T%2BdCyXaYwQt%2Bg1XThBDQw%2BUJd%2BdkpTG7Ggsqb3RdGadMPnZwVWmd0dkEqkYbflRD6Ccl4zPlBHCycSmXXfE3goxIzQV%2F1ASe0T7g%2FeYMgCdfpc7YGDJ4JfRNMdy4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f9b368a-FRA
content-length: 19188

GET
H2 200 supershoes-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 2 KB
3 KB 438ms
425ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/supershoes-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91ce993c35a93209f606c16f6794219a3c1b27c720d161f65c3907d8c7da0e20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Wed, 11 Oct 2023 04:46:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652628a4-9af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2Bw%2FdGZvz8nZ4ee92QeR4VKzq8iYtSDUtD3ljihHKYPglWdi1hvKzoLpBNxUo6IQcWeCzjX0LeztSbAGhNhrTuKRVbN%2BbSYxKrXfNkWXWAHl8GAyaL7p3FLUybfYaHxyOgIIIy8k%2FlD3V6skTK9Gddfn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532f9d368a-FRA
content-length: 2479

GET
H2 200 feat-1-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 12 KB
12 KB 203ms
190ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/feat-1-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68c70681360f6f89aff1a9de2c9818784b12aa68825950ffe371a5e22d64e845

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Tue, 10 Oct 2023 06:47:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6524f375-2fb5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rIKlnYw2IPszRe7JsuYtDuOIh%2Bwm%2FLD6VIvo3nBH%2BGpq7BhmI7qt7CjdnFS2KNtkmhvbFB%2Fm4zE5azQ2QZw4aofr0O9%2Ba94k8soIpM1S9FWMGXmG%2Bc4KRVg5vEiu%2FNX7A%2BV88jfyJYpXBrkL7Nved%2B5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532fa1368a-FRA
content-length: 12213

GET
H2 200 feat-1-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 2 KB
2 KB 454ms
441ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/feat-1-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dce8b55ac207e4021fd8f147de2f22bae9b3b35b8a665647f4576cc73f01ddf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Tue, 10 Oct 2023 06:47:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6524f375-7ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFqdUhPxs1BlNqJi9eIEgYQskWQXBE4jvSO0twyhbOPwJDH4p1FcCM1PK1nRRc9V5IpRr3KFbu0rsILLvc7aklK54xhjjawTfO83yo1hwe470AtOu4Ib0vcjR8bi29RK8k37W8rs098VvhpLUHSZvPjy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532fa3368a-FRA
content-length: 2030

GET
H2 200 roti-world-largest-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 25 KB
25 KB 575ms
562ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/roti-world-largest-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71f3fd5dbe93b5cffdcc5124c89a318af683cf7b810fba1454a6b424d35ed2d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Mon, 09 Oct 2023 12:01:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6523eba5-63aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0q%2Bbd%2BYmHn83AbEn1bPCzKg2GmV%2Faar9G0TKcq54EsJ%2FuaVLOODojKTT9cUQyL5PsfLOJWH7EPAtv40KwgFLpnbye8yYeTFVhXzdrmd1RQIts%2FlG3EOrabKAVpkzLfhVY5utC2AWNfV3D%2Bn6M2%2F6YOJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532fa7368a-FRA
content-length: 25514

GET
H2 200 roti-world-largest-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 3 KB
3 KB 451ms
438ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/roti-world-largest-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 384999affba051a3fda5f888f92ed0e61983e8c9a1607c3f6dbea173f4c0bb90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Mon, 09 Oct 2023 12:01:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6523eba5-b6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FGTmEWcgRygBL%2Bgq7eQp6PHs9rXQ8kbLik7Sy7yv3wgkc25Pwt%2FUZIOufd7B%2FaUJ8k1f4xHwTTuinrSMh6jEhONpstwDOkeStpBir0ellMCktKUYzq%2BPOabNiYa9j0v0RSdxYdfjuL9KX57V2tRzQjN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532fa9368a-FRA
content-length: 2924

GET
H2 200 Astro-AstrologyHoroscope-Daily-Aura-Message-sunsign-2-590x354.jpg
uat.newsroompost.com/wp-content/uploads/2023/07/ 62 KB
62 KB 689ms
677ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/07/Astro-AstrologyHoroscope-Daily-Aura-Message-sunsign-2-590x354.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38b1c5d6224fee87c54a35f762ca5c260e6a68552e601ff82acaa14359286005

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Sat, 22 Jul 2023 08:01:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64bb8ce4-f82e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABL7RTYjgMK4yGuEDxnyCNJF7bwJvOcDabsCCvNBzOIq4xao%2FWWGNEDKNzVekBBjgduPnr5jNprE%2Bd1PsAznzbGbD9gOqGurYVvZMGryvz4L246IJbxyPdsIfYtU9mumPaPRN%2F2NHtd2s1uab227Vd6w"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532fab368a-FRA
content-length: 63534

GET
H2 200 Astro-AstrologyHoroscope-Daily-Aura-Message-sunsign-2-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/07/ 30 KB
30 KB 571ms
558ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/07/Astro-AstrologyHoroscope-Daily-Aura-Message-sunsign-2-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ea12771a008e20e8db549fd5d757f22b7486169add5b41c14f1f8c55e1caa0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Sat, 22 Jul 2023 08:01:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64bb8ce4-7686"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6mQ3bRiiFEFZtpV6p7yIECnCtMEv47W5Ktf2VPhCVPs5uyY2GbbGHcY76fHIYErTfSQMq3Qh1UiohRVx9ARcauVbsse%2BQUgNb%2BlZfSShM8spwhrrH2xhxjDRust8Spdh3Ws7Zmnuir3WrQz8%2FWKcpARC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988532fad368a-FRA
content-length: 30342

GET
H2 200 Astro-2-590x354.jpg
uat.newsroompost.com/wp-content/uploads/2023/07/ 37 KB
37 KB 751ms
546ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/07/Astro-2-590x354.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45dc89343744d799bce1730bb7979c5ad5877aeef41fee79e4a29e85370f8083

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Tue, 25 Jul 2023 21:08:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64c039c5-9271"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOOK6PDJGwSSAWMNHFCZuyw4ArClMIl56S4VKx8Bo%2BbXTqaWbVQ2t4gYpCfpLJhN36RK7EfS6CEye7h8hUJ0Dp5uZ7vGFsJgcrnXIG1wF1jQkLCUbCZD2tQZbD8TLwnfGy7ruK5tUWS4AOsg50HsejSQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988544953368a-FRA
content-length: 37489

GET
H2 200 Astro-2-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/07/ 19 KB
20 KB 887ms
534ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/07/Astro-2-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d1daad03bee2600bcac30291135cb7742871df90b7b308d4118c20169bf155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
cf-cache-status: MISS
last-modified: Tue, 25 Jul 2023 21:08:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64c039c5-4dc3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUs893MQhUKtCUMYr4Own3pmvjOPC%2BEao67dPF50ERfsleUMAnIBo%2FKlA3LCaVGEo28vH2szEDv6G3jQlfNES6W5fc2CVdhQr30N%2FaxmAZ4i8bKKwiYZbZyiyqWrQjBtoj5N%2FrTXbQdS%2FGeUb8uS%2BTlJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988553ac7368a-FRA
content-length: 19907

GET
H2 200 Astro-2-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/07/ 3 KB
3 KB 789ms
389ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/07/Astro-2-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a52ae074154359571785a0a2c8719e3ee2f492d6eb55ac33b6a81bf1798647e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Tue, 25 Jul 2023 21:08:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64c039c5-a20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=he9AXyU5wO3H7Aq62p1kyTJHCC6v2cWR46%2FwdizqCEKrLwrDRGjWA9PiV1S%2FRm9dwPpZ8oTxcZnIX4Usq5tT9R79PLXxgJlGPdfNwkdtUsh6DMGxDarLkBaNYP08VlzZEK5F7AE7ylTRAoGmBAtIqNv3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988557b4d368a-FRA
content-length: 2592

GET
H2 200 Astro-AstrologyHoroscope-Daily-Aura-Message-sunsign-1-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/07/ 34 KB
34 KB 676ms
266ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/07/Astro-AstrologyHoroscope-Daily-Aura-Message-sunsign-1-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d599d4894993449116a9dbcc01b4e460732cdb4449e975b82055e98aa0e9d5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Sat, 22 Jul 2023 08:01:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64bb8ce3-8794"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zn7Lu3HxuH7QceRFdefv8SFdbVe3S8BudP0HEcFyNhVrj%2BxsX0kVfio0Qf0RixRiHX4iF1GoVmAOD%2FdLwYKiJ03soc0uf2woHTgwb5jRClunuC5ZFBrYH37WtMfyS23NSKpNO3ZVkPxSniUaWt8VftWx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988558b73368a-FRA
content-length: 34708

GET
H2 200 Astro-AstrologyHoroscope-Daily-Aura-Message-sunsign-1-80x80.jpg
uat.newsroompost.com/wp-content/uploads/2023/07/ 4 KB
4 KB 819ms
408ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/07/Astro-AstrologyHoroscope-Daily-Aura-Message-sunsign-1-80x80.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23ad85488a229053d05d45bbe65ae089f9c42ee38d060c31d3e4121fa44f7900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
cf-cache-status: MISS
last-modified: Sat, 22 Jul 2023 08:01:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64bb8ce3-eb8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KN8BaPIYatHFfKDxWVD4eufD4b6pNR9YIIG9D6A0Zp5%2F0VAstS2IB6GqIU7Wp6%2FEHgS8%2FUyOky%2F8RYgKNw9r0BG25rMGZVDjTepWnc%2F5c03yPH19IRuRcXo2wkNAslWJJWzBvDNFOQ7MPo9GS5q0cbBG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 818988559b7b368a-FRA
content-length: 3768

GET
H2 200 WhatsApp-Image-2023-08-11-at-14.32.17-e1691744706139-400x240.jpeg
uat.newsroompost.com/wp-content/uploads/2023/08/ 25 KB
26 KB 958ms
511ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/08/WhatsApp-Image-2023-08-11-at-14.32.17-e1691744706139-400x240.jpeg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 477d22dbfe1efb30e7488c274fae2eebca42bea530bd3f08f5ec7495aa6dbd37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Aug 2023 09:05:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64d5f9c2-64fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oa8E1pLQZB%2BOKgXfBGCJS8T3q6eWPpo0Eu5lkbpsrbHBB1259abOyAs2yuSM8U6E%2BSJGbgGrUNDZODIVURVcOkcm3gKp0l4IBu91g3u80aMFwlyU%2BXfSQUgs7LdeSxDTy2z7%2BnBWZ8ywV%2BTFMbDPKVzH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 81898855cbc6368a-FRA
content-length: 25851

GET
H2 200 WhatsApp-Image-2023-08-11-at-14.32.17-e1691744706139-80x80.jpeg
uat.newsroompost.com/wp-content/uploads/2023/08/ 3 KB
3 KB 854ms
407ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/08/WhatsApp-Image-2023-08-11-at-14.32.17-e1691744706139-80x80.jpeg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 126b8bc81ad9d4c2af638660cc13dd5b21a09bf43038da05a3abef4586d92238

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
cf-cache-status: MISS
last-modified: Fri, 11 Aug 2023 09:05:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64d5f9c3-c5b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqtkC1q54WUwMFgPCR%2FHvbhwPjhR8MOmLeyvmmvCQQUUFaCabg4JtNn3WwnSBH3qrLdJ8OkqtT5%2Bc6ktwl6NQrior9CR0JO7MyHZ66D9oHJSKKjSRXerTKM2V%2Bhcfj5bvDLLZrkdJzVzu4MDmovPNDjB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 81898855cbc7368a-FRA
content-length: 3163

GET
H2 200 core.min.js Show response
uat.newsroompost.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 555ms
555ms Script
application/javascript 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.newsroompost.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 16:36:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63dbe690-53be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oV1X5WernbOQEsapnJJPs%2FuOjzEIX7OklmlA5yTIHaxbs038BEDIE3s%2FaVwZs0ug1mr7MpCWEBhxLKdRWxy5R5qozM04Cy03b9ZZBclbyIHSFrsonY2%2BUDGdrkhrkd%2FkVkIw3ZdA5dY5OK7cZvcy7Ha%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 818988508b23368a-FRA

GET
H2 200 jquery.sticky-kit.min.js Show response
uat.newsroompost.com/wp-content/plugins/zox-alp//scripts/ 3 KB
2 KB 398ms
398ms Script
application/javascript 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.newsroompost.com/wp-content/plugins/zox-alp//scripts/jquery.sticky-kit.min.js?ver=6.3.2
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 10 Oct 2023 08:23:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652509f2-aee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xo8c4iUw6sjtVZQ6y1WPr82HRrcbOqajwa0faJdWH%2BM34ZbpY8Tap5xZUQ%2BRIjYLPTJKP44tNUWk%2B5ONmD33nrJgzZorl5t1Td1AW7BBEyXLzxTg26yi0stdOdaM5m52s0WzpmgzxCNz90zVw9a%2FbXMD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 81898852be6f368a-FRA

GET
H2 200 jquery.waypoints.min.js Show response
uat.newsroompost.com/wp-content/plugins/zox-alp//scripts/ 10 KB
3 KB 413ms
389ms Script
application/javascript 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.newsroompost.com/wp-content/plugins/zox-alp//scripts/jquery.waypoints.min.js?ver=6.3.2
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42656c5a534309426b3c5452b07c4013df29165e754e36e51d724ad962bebc1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 10 Oct 2023 08:23:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"652509f2-28ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkn%2Bu3PLgQn4ucwtOcoiDDGIsB9FvrTi7BBv%2Fqwmt137uFuvZFKl61xjRyXx1KqYSH3S3fNy5J3zspb%2BtkVpEx9n6Tfxa%2FjNh1e6RF0gwAuY4JFLas4e4t5jnqYIZMDutGJi39SsHgkho0vAxu6OFy12"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 818988530ef2368a-FRA

GET
H2 200 mvpcustom.js Show response
uat.newsroompost.com/wp-content/themes/zox-news/js/ 0
305 B 424ms
400ms Script
application/javascript 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.newsroompost.com/wp-content/themes/zox-news/js/mvpcustom.js?ver=6.3.2
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Mar 2022 13:25:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "622607c1-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAxDm8LnbU%2BbuFCCugEGBd1TQTyBoPn83%2FSzfLygSWt1pNWJ3mTht9mmoReO%2Fmf0ZcgcASe48skKvzvQDATKbVz%2FB%2BxhHaNxPeIdBoPFiwUJWHa5SLTNz%2BPf%2Br0MjrF8A4LoiUWlzMEl0gQAPuSzWwag"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
accept-ranges: bytes
cf-ray: 818988530efd368a-FRA
content-length: 0

GET
H2 200 scripts.js Show response
uat.newsroompost.com/wp-content/themes/zox-news/js/ 120 KB
28 KB 787ms
763ms Script
application/javascript 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.newsroompost.com/wp-content/themes/zox-news/js/scripts.js?ver=6.3.2
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69751f40928d2926f8edc62099a3a00383d97846b0ec1bbd15232fea3cdb657c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Mar 2022 13:25:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"622607c1-1e1e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hy3%2Bvah%2Fn4pEbegPeErjFAMITkRRCvG08tCfXnc0xPnDtj9SI6kUSMnurfFGSVHfUZ%2FqOnSYuazfyuWuQKHamhJ3kkXsSFv1uGuYwctLXWJpLFmUEmcWsEksFwmp9wKWVvCTbPwYH%2FSIP0TpKrXlnuGn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 818988530f06368a-FRA

GET
H2 200 retina.js Show response
uat.newsroompost.com/wp-content/themes/zox-news/js/ 3 KB
1 KB 422ms
398ms Script
application/javascript 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.newsroompost.com/wp-content/themes/zox-news/js/retina.js?ver=6.3.2
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Mar 2022 13:25:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"622607c1-c20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgry8TtS30csnfq52tPsM%2F5NHAtBIb%2B0GZ%2FoqF14KeLFZrkre9IdmCfHd0ZAcB%2BDvkgLqdP%2FdQgirCExleGwF2iIfzdGa%2BuWhpITNdX8jz1nI%2FKolPQGTDYtlnKVQtbfx0MOQ9TstF0Ns1JibrGA9%2F5t"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 818988530f07368a-FRA

GET
H2 200 comment-reply.min.js Show response
uat.newsroompost.com/wp-includes/js/ 3 KB
2 KB 448ms
424ms Script
application/javascript 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.newsroompost.com/wp-includes/js/comment-reply.min.js?ver=6.3.2
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"625095f6-ba5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VT%2BnacD67ZpBypLWDhd%2Bin5G4CkATkYJr6R8HNtfKsqMg4SO1OjRQEPeeMtfBYSeeFjb8oMnt4LKzdkg%2FFMzig3iiDUFoUTfWY6IBr5OVgKsEOiNL4HqsrqGWb%2FwVSXXbq6zsfJvgGPbcNa3iyxLosy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 818988530f09368a-FRA

GET
BLOB 200
OK 33134a8e-278c-41ee-8e37-f5fcef4736c0
https://uat.newsroompost.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://uat.newsroompost.com/33134a8e-278c-41ee-8e37-f5fcef4736c0
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 43ms
9ms Script
application/javascript 18.66.112.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-41.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 10:05:17 GMT
content-encoding: gzip
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 24181
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: jR5xH1MpkizZF9sVXYvMU6uw3kIgawZ7mTp7X6V5ageP1aJr8qnRgw==

GET
H2 200 fa-solid-900.woff2
uat.newsroompost.com/wp-content/themes/zox-news-child/font-awesome/webfonts/ 76 KB
77 KB 831ms
673ms Font
application/octet-stream 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.newsroompost.com/wp-content/themes/zox-news-child/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/wp-content/themes/zox-news-child/font-awesome/css/all.css?ver=6.3.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://uat.newsroompost.com/wp-content/themes/zox-news-child/font-awesome/css/all.css?ver=6.3.2
Origin: https://uat.newsroompost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Mar 2022 13:55:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62260ed7-131bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=um5HEPJCjAFHX8xmvPH9LE1J8a3GipPcqvoItbH4JfzeepOutA4FDvD2K3cUFb9GuiLMooEoXFnFsqnHuEvcr%2FeM1y%2BmgvmBvKdUUut68%2F9BQru4rYLLT%2BedLTj65gj0eKigTCHmLFEzFQJmt7uIUoaM"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 8189885408de368a-FRA
content-length: 78268

GET
H2 200 buE4poGnedXvwjX7fmQ.woff2
fonts.gstatic.com/s/tinos/v24/ 27 KB
28 KB 167ms
76ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tinos/v24/buE4poGnedXvwjX7fmQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700%2C900%7COswald%3A400%2C700%7CAdvent+Pro%3A700%7COpen+Sans%3A700%7CAnton%3A400Tinos%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CTinos%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CTinos%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CTinos%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CTinos%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CTinos%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8e3b03a30279836255de18c24e692e9d1d90a6be03d6ca3c3ec6ef41e146454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://uat.newsroompost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 16:55:02 GMT
x-content-type-options: nosniff
age: 594169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28080
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 16:55:02 GMT

GET
H2 200 fa-brands-400.woff2
uat.newsroompost.com/wp-content/themes/zox-news-child/font-awesome/webfonts/ 75 KB
75 KB 835ms
652ms Font
application/octet-stream 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.newsroompost.com/wp-content/themes/zox-news-child/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/wp-content/themes/zox-news-child/font-awesome/css/all.css?ver=6.3.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

Referer: https://uat.newsroompost.com/wp-content/themes/zox-news-child/font-awesome/css/all.css?ver=6.3.2
Origin: https://uat.newsroompost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Mar 2022 13:55:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62260ed7-12bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CeZCrZC%2FOR73Y2Vzdo3peSRnYPanGArmpkLuXVbwvQC8aPo1R7LkyyrBHYNLiqWdu88A6CEmkW3dOCPcp7Zb2JAipyPCrBVyISyYMENZ16%2B8CAsZQ6ssvSt93ujNuSwkpENrtQSwXU1dJXSXppG%2Bg3dQ"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 818988542917368a-FRA
content-length: 76736

GET
H2 200 buE1poGnedXvwj1AW3Fu0C8.woff2
fonts.gstatic.com/s/tinos/v24/ 25 KB
25 KB 129ms
38ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tinos/v24/buE1poGnedXvwj1AW3Fu0C8.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e2e32d71d3d13fb4b2a5ece0a5415a91b093ead0234ce54487390ca5d4275cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://uat.newsroompost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 11:44:59 GMT
x-content-type-options: nosniff
age: 180772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25136
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:03:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Oct 2024 11:44:59 GMT

GET
H2 200 danish-1000x600.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 57 KB
58 KB 1052ms
629ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/danish-1000x600.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b34723692436375effb4fd50a78615943f4df82786ccd67604c04ef9a0e92bde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
cf-cache-status: MISS
last-modified: Wed, 18 Oct 2023 13:11:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652fd975-e484"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvykaQwYr5dgBkSAi6UKXYAAMJqcDh86rFVbf4eYqSBvBryCBfBkz8HyrzLer%2FyIAFjPg0SKWCpHWosldVQq5T1DvpfSr6smBAgk6Ai1sJ0OvKDHgV%2FwB3nA9Na8U4rqBR3vHQJRhAOWyuRORaQOH3kr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 81898855cbc8368a-FRA
content-length: 58500

GET
H2 200 garba-entry-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 27 KB
28 KB 901ms
509ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/garba-entry-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbc6709cb87ccd83ed946b3abc753536925cb001ba3f559ebca172e4131a13bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
cf-cache-status: MISS
last-modified: Tue, 17 Oct 2023 09:00:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652e4d13-6cc6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LYKb8EeXWPSDCFciKbKDF%2FzMx3z07uXKtS%2FpFWrhyId5Ne9ZbQoclgfgrtFaHZ7CfvPMYknHuZ9tUbI342%2BHcPj9T12OYNZ%2BOhPgnp88iDhkW8P6S69REN8hIvSf0kTsrY6y%2B%2FIuz5yUeVV%2BenmKTpZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 81898855cbca368a-FRA
content-length: 27846

GET
H2 200 Odisha-based-artist-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 32 KB
32 KB 909ms
518ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/Odisha-based-artist-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7970fc874ac17e4b2a26fd531cca4457122e8d3d6462be6d387305f4bde7f73c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
cf-cache-status: MISS
last-modified: Sat, 07 Oct 2023 08:46:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65211acb-7f87"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bkJimuOB9imrHBYfe11uLf6HL1nu6xzf5oGE%2FsVINtaI27n4qGd9eSCBCXEokIbRj2DBdYmNUhg1EvX9lweJclNTiIfq%2BZ3sUsOKEBHbsvADAxmkUz1VU9oFauWF04iQu21kwzpFUcjmWwmIFdhtFJK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 81898855cbcb368a-FRA
content-length: 32647

GET
H2 200 maths-teacher-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 18 KB
18 KB 925ms
534ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/maths-teacher-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 039aac686129500b6103569d409f28868cef6bc33d1d554dddd8cfda4d6137f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
cf-cache-status: MISS
last-modified: Sat, 07 Oct 2023 08:42:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "652119db-469c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cj8hzAjfrpvb3G1lEfiDhmX90aUmbzWs%2BqPHlDqeKkonBONoXzA3%2FZjn2HuhuERJ8NR0HkIG2OLF08vQdU2roUBfo%2BTMF%2B1bf0GKzvf%2FPzugouveZW2m5OZiFxeZxf5mkPmA1y2H69j0O%2B3T%2FnJSPy3n"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 81898855cbcc368a-FRA
content-length: 18076

GET
H2 200 nandini-400x240.jpg
uat.newsroompost.com/wp-content/uploads/2023/10/ 22 KB
23 KB 904ms
512ms Image
image/jpeg 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uat.newsroompost.com/wp-content/uploads/2023/10/nandini-400x240.jpg
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f2c0462c5dbcff8bcd1cca6e3ec4d92eff19b9205f341ee2dec02caabad1c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
cf-cache-status: MISS
last-modified: Mon, 02 Oct 2023 10:45:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "651a9f64-59fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCUPipEgjOeyRqWQcmTSDWKrsei303O5AJwnX0YjCgiUXnxJey%2FBy%2FzcOK9GZqXnOHor5eGoyzpawkWNetvqfo6zMgC76%2Fk1pwqa4nncZP50I9gGWW%2B%2BOVJoETGpR7yicaa%2Bg4HRNo3bZix%2FsdWOHjOQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 81898855cbcd368a-FRA
content-length: 23036

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 9ms
9ms Image
text/plain 18.66.112.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=30196624&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1697723871251&ns_c=UTF-8&c7=https%3A%2F%2Fuat.newsroompost.com%2F&c8=Latest%20News%2C%20Breaking%20news%20%7C%20NewsroomPost&c9=
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-41.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: 2DAl7taJgbCxgKFT5vP4KL05xCWS-Pc8MdrPA-sqbld1do8RVy8PqQ==
x-cache: Miss from cloudfront

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/ 394 KB
134 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1781853254296294&plah=uat.newsroompost.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1781853254296294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

296fe153b89017f52e7e90be00779572abe50de9432f23adffad78cc36c86d52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137107
x-xss-protection: 0
server: cafe
etag: 714171954047356600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:57:51 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame E6AC 10 KB
5 KB 48ms
38ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1781853254296294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uat.newsroompost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3696
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 12:56:15 GMT
etag: 2603938475786422795
expires: Thu, 02 Nov 2023 12:56:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-45370355-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-788449987

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ed4cd84e3a9aa771bf2608e958a9964a70c6a5688cc43f33f0c82377063f3d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65252
x-xss-protection: 0
last-modified: Thu, 19 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Oct 2023 13:57:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
83 KB 59ms
58ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F7MQXQTFXZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-788449987

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c144f93ddc2054d209777b4869aaf8d565d86709ebe5979e3d19d09496d77f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85343
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 19 Oct 2023 13:57:51 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/788449987/ 3 KB
2 KB 219ms
79ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/788449987/?random=1697723871503&cv=11&fst=1697723871503&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuat.newsroompost.com%2F&hn=www.googleadservices.com&frm=0&tiba=Latest%20News%2C%20Breaking%20news%20%7C%20NewsroomPost&auid=1803553293.1697723872&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-788449987

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39300b5f6aa6c98ecce3bab085c4a412b5bcf08e8e08405032906188f9a24091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MYBB1ZXH0R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-788449987

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6fb38d5ac31f91a44431b713efc6561f3ffeac821a89e8f96090687b062c96ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93813
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 19 Oct 2023 13:57:51 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/788449987/ 3 KB
2 KB 192ms
55ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/788449987/?random=1697723871512&cv=11&fst=1697723871512&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuat.newsroompost.com%2F&label=en2aCPnXm4AYEMOV-_cC&hn=www.googleadservices.com&frm=0&tiba=Latest%20News%2C%20Breaking%20news%20%7C%20NewsroomPost&gtm_ee=1&auid=1803553293.1697723872&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-788449987

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

44403e2614853dddbbaf3ffd7a3de1ee72b34088bd08d24dd09ac71d612187de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1573
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 119ms
20ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MYBB1ZXH0R&gtm=45je3ai0&_p=1052426716&cid=1944785838.1697723872&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697723871&sct=1&seg=0&dl=https%3A%2F%2Fuat.newsroompost.com%2F&dt=Latest%20News%2C%20Breaking%20news%20%7C%20NewsroomPost&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MYBB1ZXH0R
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uat.newsroompost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 100ms
21ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-F7MQXQTFXZ&gtm=45je3ai0&_p=1052426716&cid=1944785838.1697723872&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697723871&sct=1&seg=0&dl=https%3A%2F%2Fuat.newsroompost.com%2F&dt=Latest%20News%2C%20Breaking%20news%20%7C%20NewsroomPost&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F7MQXQTFXZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uat.newsroompost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 54ms
14ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-45370355-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 19 Oct 2023 12:11:04 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6407
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 19 Oct 2023 14:11:04 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
609 B 137ms
46ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=uat.newsroompost.com&callback=_gfp_s_&client=ca-pub-1781853254296294

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1781853254296294&plah=uat.newsroompost.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e03221044d71b90c4b2696644d63824c29d7267fad3f4b39095933b111b15863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4D8B 10 KB
5 KB 462ms
458ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1781853254296294&output=html&adk=1812271804&adf=3025194257&lmt=1697716671&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x540_r&format=0x0&url=https%3A%2F%2Fuat.newsroompost.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697723871449&bpp=3&bdt=1086&idt=274&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2750611247394&frm=20&pv=2&ga_vid=1944785838.1697723872&ga_sid=1697723872&ga_hid=1052426716&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078237%2C44805112%2C44805534%2C44805681%2C44805920%2C31078301%2C44806255&oid=2&pvsid=758522786356559&tmod=1256683079&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=317

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96fc8e926197a5ab0442e79b06a25dedfc3b6df49bdfa13a429019b02803b65c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uat.newsroompost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4349
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:57:52 GMT
expires: Thu, 19 Oct 2023 13:57:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
www.google.de/pagead/1p-conversion/788449987/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/788449987/?random=1176942770&cv=11&fst=1697723871512&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuat....
https://www.google.com/pagead/1p-conversion/788449987/?random=1176942770&cv=11&fst=1697723871512&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuat.newsroompost.com%2F&l...
https://www.google.de/pagead/1p-conversion/788449987/?random=1176942770&cv=11&fst=1697723871512&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuat.newsroompost.com%2F&la...

42 B
108 B

55ms
54ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/788449987/?random=1176942770&cv=11&fst=1697723871512&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuat.newsroompost.com%2F&label=en2aCPnXm4AYEMOV-_cC&hn=www.googleadservices.com&frm=0&tiba=Latest%20News%2C%20Breaking%20news%20%7C%20NewsroomPost&gtm_ee=1&auid=1803553293.1697723872&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEtmRHFRWVE5TWZ4Nm9DQS1LNm1BUkltQUpzVHh5TnpWVDJyZmpyV2JBZE5WbTJxbm5YOTB4ZmRJbTNyTllmbHl1eXotc29EYkFNGlpDaEVJOEtmRHFRWVEzTFBTbjU2cXlLN3JBUkl1QUlRSS1DUFFPVnNWOVZWQldkNkp0c29ZeDBoTnhJREJiamVkRjc4dVd1TDNkUnF3dm9jNFpvaTRuZXRyblEiEwj6wbCiooKCAxXyjf0HHbvQAzI&is_vtc=1&ocp_id=3zUxZbrWKPKb9u8Pu6GPkAM&cid=CAQSKQDICaaN4SkeS7LLWA4CtOLMJ3yFPH10VmJtbg3Mt4mH85KwPLE958wT&random=3489910869&ipr=y

Requested by

Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:52 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/788449987/?random=1176942770&cv=11&fst=1697723871512&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuat.newsroompost.com%2F&label=en2aCPnXm4AYEMOV-_cC&hn=www.googleadservices.com&frm=0&tiba=Latest%20News%2C%20Breaking%20news%20%7C%20NewsroomPost&gtm_ee=1&auid=1803553293.1697723872&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOEtmRHFRWVE5TWZ4Nm9DQS1LNm1BUkltQUpzVHh5TnpWVDJyZmpyV2JBZE5WbTJxbm5YOTB4ZmRJbTNyTllmbHl1eXotc29EYkFNGlpDaEVJOEtmRHFRWVEzTFBTbjU2cXlLN3JBUkl1QUlRSS1DUFFPVnNWOVZWQldkNkp0c29ZeDBoTnhJREJiamVkRjc4dVd1TDNkUnF3dm9jNFpvaTRuZXRyblEiEwj6wbCiooKCAxXyjf0HHbvQAzI&is_vtc=1&ocp_id=3zUxZbrWKPKb9u8Pu6GPkAM&cid=CAQSKQDICaaN4SkeS7LLWA4CtOLMJ3yFPH10VmJtbg3Mt4mH85KwPLE958wT&random=3489910869&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/788449987/ 42 B
455 B 138ms
59ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/788449987/?random=1697723871503&cv=11&fst=1697720400000&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuat.newsroompost.com%2F&frm=0&tiba=Latest%20News%2C%20Breaking%20news%20%7C%20NewsroomPost&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1370578678&rmt_tld=0&ipr=y

Requested by

Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/788449987/ 42 B
455 B 137ms
51ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/788449987/?random=1697723871503&cv=11&fst=1697720400000&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuat.newsroompost.com%2F&frm=0&tiba=Latest%20News%2C%20Breaking%20news%20%7C%20NewsroomPost&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1370578678&rmt_tld=1&ipr=y

Requested by

Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/ 421 KB
132 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e2f8c21cbfea3e52e2b6b9f3783656232fb21e92f5c665e882887f0b547639c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 10:29:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12530
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135102
x-xss-protection: 0
server: cafe
etag: 524636607866283267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 18 Oct 2024 10:29:01 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 19ms
17ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1052426716&t=pageview&_s=1&dl=https%3A%2F%2Fuat.newsroompost.com%2F&ul=en-us&de=UTF-8&dt=Latest%20News%2C%20Breaking%20news%20%7C%20NewsroomPost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1653663314&gjid=495980931&cid=1944785838.1697723872&tid=UA-45370355-1&_gid=810323756.1697723872&_r=1&gtm=457e3ai0&jsscut=1&z=1679439279

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://uat.newsroompost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uat.newsroompost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 70ms
18ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-45370355-1&cid=1944785838.1697723872&jid=1653663314&gjid=495980931&_gid=810323756.1697723872&_u=YADAAUAAAAAAACAAI~&z=1192545136

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://uat.newsroompost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 19 Oct 2023 13:57:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uat.newsroompost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 76ms
76ms Image
image/gif 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45370355-1&cid=1944785838.1697723872&jid=1653663314&_u=YADAAUAAAAAAACAAI~&z=1449527833

Requested by

Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 77ms
77ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45370355-1&cid=1944785838.1697723872&jid=1653663314&_u=YADAAUAAAAAAACAAI~&z=1449527833

Requested by

Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 149 KB
24 KB 711ms
710ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=758522786356559&correlator=1526348961884452&eid=31078704%2C31078819&output=ldjh&gdfp_req=1&vrg=202310160101&ptt=17&impl=fifs&iu_parts=21746656699%2CNRP_Eng_Desktop_Homepage_300x250_4%2CNRP_Eng_Desktop_Homepage_728x90_1%2CNRP_Eng_Desktop_Homepage_728x90_2%2CNRP_Eng_Desktop_Homepage_300x250_1%2CNRP_Eng_Desktop_Homepage_300x250_2%2CNRP_Eng_Desktop_Homepage_300x250_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=300x300%2C728x90%7C970x90%2C728x90%7C970x90%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C300x600&ifi=2&didk=2021963866~2021963871~2021963870~2021963865~2021963864~2021963867&sfv=1-0-40&sc=1&cookie=ID%3Dfc7f81e417cd37b2-22ad0f7cf6e200bf%3AT%3D1697723871%3ART%3D1697723871%3AS%3DALNI_MblJY-HHX_EwYVFdjRJKJrF72AgGw&gpic=UID%3D00000c9c8f16de81%3AT%3D1697723871%3ART%3D1697723871%3AS%3DALNI_MbKsd8eXN3gDxGEyQYZMEbcZmtXFg&arp=1&abxe=1&dt=1697723871978&lmt=1697716671&adxs=650%2C600%2C-9%2C1080%2C1080%2C1080&adys=831%2C15%2C-9%2C1239%2C3380%2C4087&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C-1%7C1%7C2%7C3&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fuat.newsroompost.com%2F&vis=1&psz=1600x300%7C800x0%7C0x-1%7C320x13%7C320x13%7C320x13&msz=1600x300%7C800x0%7C0x-1%7C320x0%7C320x0%7C320x0&fws=4%2C4%2C2%2C4%2C4%2C4&ohw=1600%2C1600%2C0%2C1600%2C1600%2C1600&ga_vid=1944785838.1697723872&ga_sid=1697723872&ga_hid=1052426716&ga_fc=true&dlt=1697723870363&idt=1580&prev_scp=refresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue&adks=2530931900%2C1797372829%2C4132768623%2C2271847231%2C2531517929%2C4235984658&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74b2b05c1850ddb6210cc6f77f37ca172e45ce64fe2e325fb482b3a26f42b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24547
x-xss-protection: 0
google-lineitem-id: -2,6063204634,6063204634,6063204634,6063204634,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138398443147,138397977288,138398443150,138397976967,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://uat.newsroompost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CCF5 6 KB
3 KB 211ms
45ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uat.newsroompost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:57:52 GMT
expires: Fri, 18 Oct 2024 13:57:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 wp-emoji-release.min.js Show response
uat.newsroompost.com/wp-includes/js/ 18 KB
5 KB 275ms
274ms Script
application/javascript 2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uat.newsroompost.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by: Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63db0985-4904"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TAUguKFsoXNbv6wnbTNhNF9%2FUnSxvlRQOyzh4%2F2hThUbqIXT149iCpfHvA8j0xipRb8hcRt8Uvqbv1j7fym%2F5aFe8PkEeF0aBMWKI9rurzTtSEE10PG48p8Gq0DRqprAZ9PvMA7ruqg5zR4Edv1QFtoh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 818988585fb5368a-FRA

GET
H2

200

main.js Show response
uat.newsroompost.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/ Frame E386
Redirect Chain

https://uat.newsroompost.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://uat.newsroompost.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js

7 KB
4 KB

18ms
18ms

Script
application/javascript

2606:4700:20::ac43:4aa0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uat.newsroompost.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js

Requested by

Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/

Protocol

Server

2606:4700:20::ac43:4aa0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da3414a2dbe3f4c6b4a07a2d696029d0e0866681717179d9f02309a44f64dc9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmAInH9Wb1hznsMCfJNdTE%2F0o16iMa6hx4NOEIFpKbUk4EM%2B1a79sdPAlkE5qq5aN2uLG%2F5sQDK2O%2BLUtKbxtAUTBebSdHDchhi58zRMHd8My89jT7PPiGvs6uFo2wyHbV8QizAJrigGgq8GZ20cp4oM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 81898858f8b0368a-FRA

Redirect headers

date: Thu, 19 Oct 2023 13:57:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtAppcx4n6bo4bH4D4VwuKfkaT5XYWYT45CooqGCvwzU34yhX2Y5wkbDgGmCIsLNiHjPGCU7%2Bv3pyUOuqhjho6JD%2FHhZT%2BGAFpIAe32XMieI0xuj24HJ%2BIfpv0UcbMdr4BH4fqxYEBX%2FwnaqVW98Ll4N"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/7ff8d35b/main.js
cache-control: max-age=300, public
cf-ray: 818988585fbd368a-FRA

POST 81898849d9bb368a
uat.newsroompost.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame E386 0
0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 87ms
86ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

207ffbdda8b2145aa66dcc5a408becb7e9a064ec113516f04430608f965bd7e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12130
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 162ms
49ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Oct 2023 13:57:52 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 143ms
142ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1781853254296294&plah=uat.newsroompost.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://uat.newsroompost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1791 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uat.newsroompost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10351
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 11:05:21 GMT
expires: Fri, 18 Oct 2024 11:05:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 411F 829 B
981 B 60ms
54ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2946eca607a150b8c6d0a2bacfddd7fa12be7c80b9b9836e46ecae946c925a91

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cKTHD47B0H1ioQ8zzA2qdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat.newsroompost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cKTHD47B0H1ioQ8zzA2qdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:57:52 GMT
expires: Thu, 19 Oct 2023 13:57:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1791 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 10:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Oct 2024 10:02:44 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B155 0
0 75ms
74ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDRRfQM3FwPU2cl0l3Pl6JWiQkIECd8YkBCdZJP-1bpmXZ9HpNdVmZHy-s3hfGR2hPhYxCOtFTyvShKbHZUx-H-k2ufr4VyEq-FfVbZAGyPE8cZNo_-JSDjiWvwaCpU6NtD6ON6mydpn3OcDTHHCp0nMOJkiP8ejWGUiyB74tFScInV9jLCrr7be5--pfLvrhq0teXNZxjS8lJiVU4CoY-I75A8mIIkmZNvpi3RxwGGf1wTVzDE6MyvtOZ9IWhcJXNEmXhJO3eIwjMWRLCZoh3ObyfIRkBaaZGeCRJG8bNp-9lhiYaM2BYkJ3bHCQUsmQfNlwgP0MWyC9l4uPsOYBHNg3RSJ36mZYVYwlWo_MdZvrsEL-qkb3YKX1LCUDlXNSlt7LKqHBVPA&sai=AMfl-YSPXYLxPeo_JGau6z4qAw9Y5bm6wi7bAvot_S1AscOeieYG2PCdQP70HZYabYs24osxoVWoePnpJq2_78HXCbtoinx8PLHdXbJqX9hYDcuS6lef4FSSBuCL4QjZDj8&sig=Cg0ArKJSzPH_mU19fepSEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B155 90 KB
29 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13de903d49cccca76bab2663f5960ca5007d83e05ed60f10e7ea638e9bc0781f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29387
x-xss-protection: 0
server: cafe
etag: 628 / 19649 / m202310160101 / config-hash: 14863387668746949887
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:57:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B155 187 KB
59 KB 167ms
59ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:57:52 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
16 KB 349ms
348ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=758522786356559&correlator=1526348961884452&eid=31078704%2C31078819&output=ldjh&gdfp_req=1&vrg=202310160101&ptt=17&impl=fifs&iu_parts=22654691416%2Cnrp_unfilled_all&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x300&ifi=8&didk=2021963866&sfv=1-0-40&sc=1&cookie=ID%3Dfc7f81e417cd37b2-22ad0f7cf6e200bf%3AT%3D1697723871%3ART%3D1697723871%3AS%3DALNI_MblJY-HHX_EwYVFdjRJKJrF72AgGw&gpic=UID%3D00000c9c8f16de81%3AT%3D1697723871%3ART%3D1697723871%3AS%3DALNI_MbKsd8eXN3gDxGEyQYZMEbcZmtXFg&arp=1&abxe=1&dt=1697723872750&lmt=1697716672&adxs=650&adys=831&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fuat.newsroompost.com%2F&vis=1&psz=1600x13&msz=300x300&fws=132&ohw=1600&ga_vid=1944785838.1697723872&ga_sid=1697723872&ga_hid=1052426716&ga_fc=true&dlt=1697723870363&idt=1580&prev_scp=empty%3Dtrue&adks=3103229117&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69b5c6ab2ebb2c660f9e649ffe106c468cc3379ad9f626f9fc6afaeddd568dea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16006
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://uat.newsroompost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 29B5 0
0 75ms
74ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfu2qjjyoWiUuxjGOfDnaYXq-6gKxJkeEbxHRYGt43AMPZTgGKIZ5vFbnJKu6dYRZVhlbX4HhLnzsNGCQLUyjJACJPzX8B4srj6qU3swP8RJUnt-y33m8sKiMNnwv5q8XBJ6nlho0lrkFUVxyAPV7gvz3fvDvz83bqTpP2zmlaGx4teFaUpRUsiv83sDzoWiiQrqjdabYJ48vm6m9OzPO7GTqUeJ-veg89Xe-xA4_5VdfJUeyYT1szea-NzIPmoXyb6ffMOzmkEfbyLk6_BruksrG2hPb3AmrGgLic1ylhTxrwpvrE2fb1ZzFgnTO7krUmvnLJKHaQzfh6iJVjT2JVGL9Ss0ALadL7cORn6qW2MnQOMttphkeodt36fWFdM-N8mNvH_i22FUBzK6rX&sai=AMfl-YTZipEaWyDDwnRX0m_cV_YKo2sftFb4a98vzKBGNwKqChUWDeGCWxWkbIwwDSbnwCVSTNNx4GzpBpIB-52ScSsNk5OwAymRJf1N3Kh25tyE8oIJx-g2ogjhws5cNrE&sig=Cg0ArKJSzLaSaWAz0KZVEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 29B5 90 KB
29 KB 153ms
152ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c85bd0c13f476ce9368b8cadef8dca0a9e72ce5b40e05edc97b2043d2fabc87f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29390
x-xss-protection: 0
server: cafe
etag: 272 / 19649 / 31078904 / config-hash: 14863387668746949887
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:57:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 29B5 187 KB
59 KB 216ms
141ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:57:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F2EB 0
0 77ms
75ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOVoGFHuW6ZzzGtgw3gQeGrhLnTjIuSw-c_AwIldDU3M4Ni1YxeBg5asVpINDmrnxANXoBL-kd6xEzmTTYAaM8mMks5jMI1hYSyB3mMpcGdbJu9i5fyVIkRrP2I8AjaxsOgOCqrJi_Y7FbOTbz3iMvT6r3PPFfzeVYopruqRZb35EAnoijjuDvdU0wL8RgcrriRqpXdGuSJTMs8x5VbSXI-LukwMqF2QYebOpvgQic68RZp2LM4RVI_9no0eGGkWk5DSHYURBDMpn0eWlsoCCnJ8o3NleQjxQZaosRu6w08A19qA3ZsyGz_tN2j3MQmQrPi-z5eT8VIIvr0WzWhxoIFQxwQ5nLOW3_6vBXa44Oq6MUeeZJUfcFOsPLe6zOw1dUqHshaxhdkKFA5Lpn&sai=AMfl-YR7zzBK73SqUiC5EGhfRtE6daZ7Xi9yH8nXnwZEQYPIMzaBTlk-mNJTA1NtU5-4mX020PuvJRCC2faSZvVqOGlJq-xQgqre4HyJf3yk6inWlKWqkVhPfQi-gn_LUMs&sig=Cg0ArKJSzI05GLb7-8v8EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F2EB 90 KB
29 KB 152ms
150ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afce9a028c2123fbe335067a6138c6b440844702a0f080e6737302a1c556f5c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29387
x-xss-protection: 0
server: cafe
etag: 684 / 19649 / m202310160101 / config-hash: 14863387668746949887
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:57:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F2EB 187 KB
59 KB 186ms
122ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:57:52 GMT

GET
H2 200 container.html Show response
7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 93BD 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uat.newsroompost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:57:52 GMT
expires: Fri, 18 Oct 2024 13:57:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 3061 194 KB
56 KB 135ms
86ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTE14AAA2kkK3oDOAA18n_Rv3YnRkJwZd8lOOw&u=%7C4v4bc%2Fo%2B1LYYzJ2Y4YMooi%2BL7QvtoU%2FghXxy9athUCA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcEx6o_OgiyXAlqag-brSrvdRdxHGpTdBCQZI5r6gdh2-TAyQC3jr-N2O3UaCJGz8fpd4p4SRI3MOQwXZLvlDOM6EfWg1IWew5Enn_JakQFOc7st2SMGmjEayMUqRXuHbi6UtZ6P39iJKgPFEGcAndgzlXjut6UMSKQvRsVXmTWrJv68g34zfntCPnkIYeFCghIijHFq4aakezh_vkzcNloURk4cSUOQiL4xLgfIYnvOUO4c70hu1HhS-AQFpaNqVfj0CheYGYKK8CtegR81ON7aLBp6upDVOtI_M27V8gVL55Fv-KDsQFO826z43LYsIeolWJptf8QXd2Le6LUuYdPsx1Psb_9DILnl6Iu4Hi7bUyMILFZ5OpQBdySlax2AFym5nVHtJqmfaMZsomK2XHfV_5DXmHxcm629N3wqP7tZivLAHk0L02-yMRhRh0FSQ7mbpCeQa5nfxY-Iin2Qxbx9RktjOK-S_i_BigNZcEiQZYmkJcC6wyueh8XmnN7Bsl91nhTUH6gV6tU4WHTrebEInDv5WESxzfa2&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtUOI4DUxZcm0A86B-gaf-bWgAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyMDYyNjIyMzI2MDcwOcgBCakCCIfFM7W0sT7gAgCoAwHIAwKqBK0CT9DkxHgu0GUgpJ5Dya2aL_PeCyjNGr9xPknyO1rccv-zHvd2sddk2n2wqCnh8e531sj0Cn6SHRGlCjGY4kTiucv9JQt2ifNF6h9RQ3WHziMeXhUAFOa4FqQTF4SmVgrkRx6Z3RuaQQ2yDQB3QteuxtgCKEOU8R022K1iLIYeB6GL-p9utopr35fSBmnNXTgMLM_bLvYQPZleOKQDNykiES4CyTyM6JB5Zc4yWt4MniYjje0AonKFYjIa_xDLZF8nbFi9oDbKf5xY7i9kY88d_ki9VXhvtp9MKq1DFVmU95QpyWlFDI9d4sIV-9NjewEIU5PRje_zfJuILygXYgpoAwFIMK7f7tS_nmszOgettjJVj6o-pg1VyDpCuMWciq2kAJZLvPaqiNP_yX7KZeAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ZUC8oNYwIkwOx4qBp9-6FOL1tQQ%26client%3Dca-pub-4620626223260709%26adurl%3D

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6dbb37931bbbc36e2f8ed5ec1c95ad6c2607b71a4dd041e4e4aad5c12842fb34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:57:52 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Hf7W7nDYeskX71Xry2jWuEfxgrl4VqJhNvU3qlhFg9K2PWmLiuS0C-zXGQi0R-AIeY_c1DO-10NMKc_eDkrfzz9acIOadvcJ1QDZZE1x7BlOkyBZmJdnycLBJydHvBOX1kKs_Lm2A2wnYzYQeQvSpRypKUqIo7PKdS1889lLy56mJWsD_J158DPC1xP4-_NOxK_lHNJylx2agkSuCbxNqh8pQD1cFzR1v1GhIcXlF2Ri8GlnC_8-OPjjkviUagEJDm3yog"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 64959504
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 93BD 3 KB
1 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 10:02:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 10:02:36 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DBF6 1 KB
643 B 39ms
38ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16068
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 09:30:04 GMT
etag: 48472445140208031
expires: Fri, 20 Oct 2023 09:30:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 93BD 20 KB
8 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:35:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 22:35:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 93BD 0
0 43ms
43ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTvp8pePn-aIY43919TE0W-twqPsGNsiPrz9qVmpLRh58ZWIE3ODi2xG6dTNrQ9gKX6Irnc98Tnd-_QY9WEv2mXIiBZ4g
Requested by: Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 93BD 24 KB
6 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 545023
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 12 Oct 2024 06:34:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 93BD 187 KB
59 KB 142ms
142ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:57:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 411F 0
0 148ms
148ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=758522786356559&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/ Frame B155 421 KB
132 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e2f8c21cbfea3e52e2b6b9f3783656232fb21e92f5c665e882887f0b547639c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 10:29:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12531
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135102
x-xss-protection: 0
server: cafe
etag: 524636607866283267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 18 Oct 2024 10:29:01 GMT

GET
DATA 200
OK truncated
/ Frame 93BD 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04b6dfe2981fc237656e937e78a400b1d56184226ac86fffef08d522c9b8d004

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame DBF6
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBlohIezeDUQlMTDaf0ipfo&google_cver=1&google_push=AXcoOmSEHc3IPRJfAgXxFPQ4yyuZRNzpkqJSo6hDDh9itFsaA5HRyRnSHlXEtsHzq-LejROeobIyzD7mZ6S82HziJft-A9kWFoWEJz0X
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU3ODUzMDI3NjE1NTU4Mzg1OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJdRfN7jGq2YTXJcW8hbBEE&google_cver=1

43 B
398 B

74ms
14ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJdRfN7jGq2YTXJcW8hbBEE&google_cver=1
Requested by: Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 19 Oct 2023 13:57:52 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJdRfN7jGq2YTXJcW8hbBEE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame DBF6 0
104 B 122ms
27ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHHWVXrOZiv43RyjtvCfLuo&google_cver=1&google_push=AXcoOmQ0Dh0yh4vIUYtwhIF2bs50BJegpyTgjWSNc0gcyPjQTZb5XFb26ZlpSkQO69Jzx0fmhYKyPjNBUeR-yuU2YzrS3lUFDet3474
Requested by: Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:53 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DBF6
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECUBqnAzjTLJeZ0F7qnpSC0&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECUBqnAzjTLJeZ0F7qnpSC0&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QjBCOTlZQVMxUVR0eDc1&google_gid=CAESECUBqnAzjTLJeZ0F7qnpSC0&google_cver=1&google_push=AXcoOmRfInfpiyfeFwg3C0r2DYnR-egFPhOFYKdXxImmk5j...

170 B
243 B

46ms
46ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QjBCOTlZQVMxUVR0eDc1&google_gid=CAESECUBqnAzjTLJeZ0F7qnpSC0&google_cver=1&google_push=AXcoOmRfInfpiyfeFwg3C0r2DYnR-egFPhOFYKdXxImmk5jlKRIIiJ-quvQlzdqTx5UeWKfF_pN1I0hBGQqEgqdBaD3ZksCOW3imOsU

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Oct 2023 13:57:52 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-031606d58fcbc7991@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QjBCOTlZQVMxUVR0eDc1&google_gid=CAESECUBqnAzjTLJeZ0F7qnpSC0&google_cver=1&google_push=AXcoOmRfInfpiyfeFwg3C0r2DYnR-egFPhOFYKdXxImmk5jlKRIIiJ-quvQlzdqTx5UeWKfF_pN1I0hBGQqEgqdBaD3ZksCOW3imOsU
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame DBF6
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIH1BTcqsUNK3LXJ4ICzYl0&google_cver=1&google_push=AXcoOmTmX2r7qi3-UtBqsRVNpHwkjoDgX3-ziv9wTaM_vAXnK7oqxE4RAv_2PSzHi1uOTmg1Sbugig2AP6otn7Q63Z14yTiPF3XSJ...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIH1BTcqsUNK3LXJ4ICzYl0&google_cver=1&google_push=AXcoOmTmX2r7qi3-UtBqsRVNpHwkjoDgX3-ziv9wTaM_vAXnK7oqxE4RAv_2PSzHi1uOTmg1Sbugig2AP6otn7Q63Z14yTiPF3X...

43 B
434 B

224ms
205ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIH1BTcqsUNK3LXJ4ICzYl0&google_cver=1&google_push=AXcoOmTmX2r7qi3-UtBqsRVNpHwkjoDgX3-ziv9wTaM_vAXnK7oqxE4RAv_2PSzHi1uOTmg1Sbugig2AP6otn7Q63Z14yTiPF3XSJjI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTmX2r7qi3-UtBqsRVNpHwkjoDgX3-ziv9wTaM_vAXnK7oqxE4RAv_2PSzHi1uOTmg1Sbugig2AP6otn7Q63Z14yTiPF3XSJjI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:53 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8189885f98b5907c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:53 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1625
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIH1BTcqsUNK3LXJ4ICzYl0&google_cver=1&google_push=AXcoOmTmX2r7qi3-UtBqsRVNpHwkjoDgX3-ziv9wTaM_vAXnK7oqxE4RAv_2PSzHi1uOTmg1Sbugig2AP6otn7Q63Z14yTiPF3XSJjI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTmX2r7qi3-UtBqsRVNpHwkjoDgX3-ziv9wTaM_vAXnK7oqxE4RAv_2PSzHi1uOTmg1Sbugig2AP6otn7Q63Z14yTiPF3XSJjI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8189885e4f5f907c-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame DBF6 70 B
149 B 121ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBaS5FEOLpHjydXxzNRCEBA&google_cver=1&google_push=AXcoOmQ1fwj-PSBqVpU5Fs9yhCbibLI42nq0_i8sCmlUZNyhmbyzGy5idX5vZ5Wplhd-NrL1EFs_nGUbfsqtuMtLgOsN7HWFojR_G7w
Requested by: Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DBF6
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEITYKD_iYlEI6jFcjLENzEs&google_cver=1&google_push=AXcoOmR6OGL6bdsB1y6PghaL7xR_UPE6_XDSb4OMz-tt_4oj_dgAPinFnlsORCvHVsgcF7i8l0e1z7qm...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEITYKD_iYlEI6jFcjLENzEs&google_cver=1&google_push=AXcoOmR6OGL6bdsB1y6PghaL7xR_UPE6_XDSb4OMz-tt_4oj_dgAPinFnlsORCvHVsgcF7i8l0e...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY2ODQ3MDk0NTc0Nzg3NjQ4OQ&google_push=AXcoOmR6OGL6bdsB1y6PghaL7xR_UPE6_XDSb4OMz-tt_4oj_dgAPinFnlsORCvHVsgcF7i8l0e1z7...

170 B
232 B

51ms
50ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY2ODQ3MDk0NTc0Nzg3NjQ4OQ&google_push=AXcoOmR6OGL6bdsB1y6PghaL7xR_UPE6_XDSb4OMz-tt_4oj_dgAPinFnlsORCvHVsgcF7i8l0e1z7qmoj-I-dimVSvPh_X3vw3TgWlK

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY2ODQ3MDk0NTc0Nzg3NjQ4OQ&google_push=AXcoOmR6OGL6bdsB1y6PghaL7xR_UPE6_XDSb4OMz-tt_4oj_dgAPinFnlsORCvHVsgcF7i8l0e1z7qmoj-I-dimVSvPh_X3vw3TgWlK
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame DBF6
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFaCZHf64gV3...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRyiwb98ueuuwH_Cf3x3Y6h42rD-rzzQQmIAoe2KLWfkzyP8cgsBi5Hnq0FepD83lW7ApWXyvCF0dRwLzKu5kgWCnsWafspIzT8OA
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&google_error=5

23 B
163 B

57ms
57ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&google_error=5
Requested by: Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Thu, 19 Oct 2023 13:57:53 GMT
pragma: no-cache
date: Thu, 19 Oct 2023 13:57:53 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DBF6 0
139 B 143ms
44ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LuLne08Qau8MckKe4MQA-L1bkExFVjWqXL0dIc6YJ-Hi63Rg3JqJNnYa4irUHiCywJn6676A

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/ Frame 29B5 421 KB
132 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js?cb=31078904

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e2f8c21cbfea3e52e2b6b9f3783656232fb21e92f5c665e882887f0b547639c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 10:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11832
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135102
x-xss-protection: 0
server: cafe
etag: 524636607866283267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 18 Oct 2024 10:40:40 GMT

GET
DATA 200
OK truncated
/ Frame B155 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2182c67a3e7987ae08bf359358a8a6f5b31813fcf66a6370d32511cb28686fee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/ Frame F2EB 421 KB
132 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e2f8c21cbfea3e52e2b6b9f3783656232fb21e92f5c665e882887f0b547639c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 10:29:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12532
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135102
x-xss-protection: 0
server: cafe
etag: 524636607866283267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 18 Oct 2024 10:29:01 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 3061 2 KB
1 KB 62ms
18ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTE14AAA2kkK3oDOAA18n_Rv3YnRkJwZd8lOOw&u=%7C4v4bc%2Fo%2B1LYYzJ2Y4YMooi%2BL7QvtoU%2FghXxy9athUCA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANZE5PA-gwcEx6o_OgiyXAlqag-brSrvdRdxHGpTdBCQZI5r6gdh2-TAyQC3jr-N2O3UaCJGz8fpd4p4SRI3MOQwXZLvlDOM6EfWg1IWew5Enn_JakQFOc7st2SMGmjEayMUqRXuHbi6UtZ6P39iJKgPFEGcAndgzlXjut6UMSKQvRsVXmTWrJv68g34zfntCPnkIYeFCghIijHFq4aakezh_vkzcNloURk4cSUOQiL4xLgfIYnvOUO4c70hu1HhS-AQFpaNqVfj0CheYGYKK8CtegR81ON7aLBp6upDVOtI_M27V8gVL55Fv-KDsQFO826z43LYsIeolWJptf8QXd2Le6LUuYdPsx1Psb_9DILnl6Iu4Hi7bUyMILFZ5OpQBdySlax2AFym5nVHtJqmfaMZsomK2XHfV_5DXmHxcm629N3wqP7tZivLAHk0L02-yMRhRh0FSQ7mbpCeQa5nfxY-Iin2Qxbx9RktjOK-S_i_BigNZcEiQZYmkJcC6wyueh8XmnN7Bsl91nhTUH6gV6tU4WHTrebEInDv5WESxzfa2&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtUOI4DUxZcm0A86B-gaf-bWgAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyMDYyNjIyMzI2MDcwOcgBCakCCIfFM7W0sT7gAgCoAwHIAwKqBK0CT9DkxHgu0GUgpJ5Dya2aL_PeCyjNGr9xPknyO1rccv-zHvd2sddk2n2wqCnh8e531sj0Cn6SHRGlCjGY4kTiucv9JQt2ifNF6h9RQ3WHziMeXhUAFOa4FqQTF4SmVgrkRx6Z3RuaQQ2yDQB3QteuxtgCKEOU8R022K1iLIYeB6GL-p9utopr35fSBmnNXTgMLM_bLvYQPZleOKQDNykiES4CyTyM6JB5Zc4yWt4MniYjje0AonKFYjIa_xDLZF8nbFi9oDbKf5xY7i9kY88d_ki9VXhvtp9MKq1DFVmU95QpyWlFDI9d4sIV-9NjewEIU5PRje_zfJuILygXYgpoAwFIMK7f7tS_nmszOgettjJVj6o-pg1VyDpCuMWciq2kAJZLvPaqiNP_yX7KZeAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0ZUC8oNYwIkwOx4qBp9-6FOL1tQQ%26client%3Dca-pub-4620626223260709%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 13 Oct 2024 13:57:53 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3061 2 KB
1 KB 57ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 13 Oct 2024 13:57:53 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 3061 308 B
636 B 16ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 13 Oct 2024 13:57:53 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 3061 293 B
621 B 15ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 13 Oct 2024 13:57:53 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 3061 43 B
348 B 232ms
15ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=i-tknzPWUKG6-nh8SFpaxkpkDWMAPets_KBZV7Ly5JR4h8yLH0XF61k9nfn404U_eJc1ZTzM0rPvjuJ_-ZwUVT12-BViDMVKIOMoqgU06-YNIYovRiQOGRx-qWEoIQIIPa8sLHubfsirqeyytI8mP9R4Z5z0mFuvp3UyQxg_QRfoqtivPwEotf43rx9TWYzb9miAZqBLtCQEjnREfl0MRrTFT1JU5SHRiKP2ptrGdEmuLzaCRgvdD55t4c10aKR8TJRuSMso44vKtgPiO71vn6W3ol6GfGAn1Iv-UvZjHqs05vcEDtboDJuhKLWTnF4Bi-1l6O6BwNzhIvoNMMu0P3Vw7PnX172HuUnYnyKhn-5t-9XAD0iHUd0jLcMlfaSve7zzaqlX9zLt7NiAiwTLRtHabVWQt6aqWD0E8n0nf3WTWzoK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:52 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1670253
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F2EB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b2d59e8812d84af8a1a3ab2f84e7101503fb72866bbb50941aa8ec218804727

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B155 38 KB
16 KB 172ms
171ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3503056711083824&correlator=3497177111355643&eid=31078704%2C31078931&output=ldjh&gdfp_req=1&vrg=202310160101&ptt=17&impl=fif&iu_parts=22654691416%2Cnrp_eng_desktop_homepage_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&didk=392479037&sfv=1-0-40&sc=1&cookie=ID%3Dfc7f81e417cd37b2-22ad0f7cf6e200bf%3AT%3D1697723871%3ART%3D1697723871%3AS%3DALNI_MblJY-HHX_EwYVFdjRJKJrF72AgGw&gpic=UID%3D00000c9c8f16de81%3AT%3D1697723871%3ART%3D1697723871%3AS%3DALNI_MbKsd8eXN3gDxGEyQYZMEbcZmtXFg&arp=1&abxe=1&dt=1697723873147&lmt=1697716673&adxs=600&adys=15&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=cojqs11iy7uk&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fuat.newsroompost.com%2F&ref=https%3A%2F%2Fuat.newsroompost.com%2F&top=https%3A%2F%2Fuat.newsroompost.com%2F&vis=1&psz=0x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1944785838.1697723872&ga_sid=1697723873&ga_hid=1724152221&ga_fc=true&dlt=1697723872734&idt=404&adks=368073688&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a248406a2cf58b18ef89799a9d9b0981c006988d7f1c792da92cfe2a1f9b9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16359
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://uat.newsroompost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9885 6 KB
3 KB 62ms
46ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uat.newsroompost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:57:53 GMT
expires: Fri, 18 Oct 2024 13:57:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 29B5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc25dc2a48afae7849ba152e4572f060561483dc44f858c584531f0287bb8376

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 3061 12 KB
6 KB 16ms
16ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 13 Oct 2024 13:57:53 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3061 9 KB
9 KB 260ms
173ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=132&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2Fde7bb98efd3a445e80511badf471eccc_eu_oveckarna_vertikalni_hneda.png&v=3&w=596&rid=4&s=tjTSKSsIG8TQAGicRvuOPnYH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

69bd2df73c3c16a1a57407663d6598ffe1a349461a214c5e2aa816cb0fbcff44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9479
expires: Thu, 03 Oct 2024 11:32:38 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3061 4 KB
4 KB 122ms
36ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F3984_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=qha8S_p0EyJ8g6mGfoHFedeB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

47d28f2d8e65dc2ee8bf14064d39a5915f75fca7c1c91b922f6955fe7fc02f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 4054
expires: Sun, 05 Nov 2023 04:56:44 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3061 121 KB
121 KB 131ms
45ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F7%2F7227_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=XyBphPaouJ3jqeXn7iJf73Go&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4813b68e3f6258ca16f1c73b3652abd5156caebe242074f3df41f09c2a6fc3d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 123690
expires: Sat, 04 Nov 2023 22:38:41 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3061 18 KB
18 KB 124ms
38ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F5%2F7205_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=Se2Qgo8KcgUmr5FN-aX6FRaz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f9c8796516af78ee9f53c91aaeeb28cd54e33dee0fb377e7a65be204558df0da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 18698
expires: Sat, 04 Nov 2023 22:38:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3061 22 KB
22 KB 110ms
24ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F3%2F11463_102.jpg%3F1637921162_2&v=3&w=400&rid=4&s=Y7TV4IKYmPwHaoQnJZw2a1ST&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5fd058e8362e305341a3ff93766fd9e3863bd93e79ef24e04089564e528c5a1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 22540
expires: Sun, 05 Nov 2023 04:26:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3061 15 KB
15 KB 203ms
117ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F1%2F11461_102.jpg%3F1637921114_2&v=3&w=400&rid=4&s=Mk6aCbOMrkhsLsruILQ6XPcB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ee87e6547702fb6ef8a6f9d5ef54c46594c7481654f383a9ba9c17867932172c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 15494
expires: Sun, 05 Nov 2023 04:35:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3061 17 KB
18 KB 49ms
47ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F0%2F2200_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=6OORgUOI7KJbx7_gxHpfZNi1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5c66d67fff1bb62059630c5c49de873b28548398847a2beff2f3f006c4388c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 17770
expires: Sun, 05 Nov 2023 04:46:14 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3061 16 KB
16 KB 61ms
59ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F2204_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=RzvWYVAWiQBN3-EATcf8H9O6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 16076
expires: Sat, 04 Nov 2023 21:55:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3061 3 KB
4 KB 62ms
60ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F4%2F14484_102.jpg%3F1661517606_2&v=3&w=400&rid=4&s=KRhrsFBZCKYtK6BJGxisaza_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e61982666f8e828ba57941c43933eb441d35a92113c597d977c236e846b4463b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 3432
expires: Sat, 04 Nov 2023 12:20:26 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3061 5 KB
5 KB 62ms
60ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F7966_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=R4KBWrseKDiRDhar-WwL6lEp&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

14392c9baa0d1e691f861f1bfa0cda3caf6d3080edfabda0a2c276dfa13f2afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 5320
expires: Sun, 05 Nov 2023 12:40:59 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3061 34 KB
34 KB 67ms
65ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F8%2F3988_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=7uKpbnGQTDT5zDbjmkmr2u2M&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

85b7284c4d8e54216be4082addda18358f663a0ec0bbeddfeebffe2a45fc9b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 34510
expires: Sat, 04 Nov 2023 22:38:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3061 14 KB
14 KB 64ms
62ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F5%2F9735_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=tHT-jGV8JLYccQ5bkz6ccC1C&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fe49f1b4997817d63f64401507f107b2a7c825c996c3d4b199a2609b9496db6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 14474
expires: Sat, 04 Nov 2023 12:24:31 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3061 8 KB
8 KB 67ms
65ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F5%2F6815_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=cP3RcmAAclhzeVYgmwTg86IH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b49a1fe5b5e90f4df81c0e8afb82350e4f194e8dc332a12a2d1cec3191b4bffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 7950
expires: Sat, 04 Nov 2023 12:50:11 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3061 7 KB
7 KB 65ms
63ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F0%2F6770_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=PLDTV4kvXVZe99oiasdtWBjK&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

040f47e85ae4a1d03ac48e6c8a4e6df5509c846f37bc296da9ab15de5146c818

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 7056
expires: Sun, 05 Nov 2023 10:00:35 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3061 19 KB
19 KB 45ms
43ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F8%2F7878_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=9kqOA88XsVhv3QEwmz1G955r&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

43bc6e0a3ad31b901cca8daa150674bcbcf50f7459081e74682b9cedaa52974c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 19710
expires: Sun, 05 Nov 2023 03:26:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3061 15 KB
15 KB 45ms
43ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F5%2F14345_102.jpg%3F1660025517_2&v=3&w=400&rid=4&s=3-o09WX0lA8Ctj7mI9tOkEaM&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

36c4f072d3c0284654277f864fb3c2d4ae52dcb98a5004ed49a502c58dd3c20e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 15454
expires: Sat, 04 Nov 2023 22:03:01 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 3061 0
128 B 97ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Hf7W7nDYeskX71Xry2jWuEfxgrl4VqJhNvU3qlhFg9K2PWmLiuS0C-zXGQi0R-AIeY_c1DO-10NMKc_eDkrfzz9acIOadvcJ1QDZZE1x7BlOkyBZmJdnycLBJydHvBOX1kKs_Lm2A2wnYzYQeQvSpRypKUqIo7PKdS1889lLy56mJWsD_J158DPC1xP4-_NOxK_lHNJylx2agkSuCbxNqh8pQD1cFzR1v1GhIcXlF2Ri8GlnC_8-OPjjkviUagEJDm3yog&sds=2&rev=88955&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 19 Oct 2023 13:57:52 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3061 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 13 Oct 2024 13:57:53 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 3061 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 13 Oct 2024 13:57:53 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 29B5 40 KB
16 KB 172ms
172ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2399776790690184&correlator=3609158423175646&eid=31078904%2C31078932%2C31070232&output=ldjh&gdfp_req=1&vrg=202310160101&ptt=17&impl=fif&iu_parts=22654691416%2Cnrp_eng_desktop_homepage_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&didk=392479039&sfv=1-0-40&sc=1&cookie=ID%3Dfc7f81e417cd37b2-22ad0f7cf6e200bf%3AT%3D1697723871%3ART%3D1697723871%3AS%3DALNI_MblJY-HHX_EwYVFdjRJKJrF72AgGw&gpic=UID%3D00000c9c8f16de81%3AT%3D1697723871%3ART%3D1697723871%3AS%3DALNI_MbKsd8eXN3gDxGEyQYZMEbcZmtXFg&arp=1&abxe=1&dt=1697723873347&lmt=1697716673&adxs=1090&adys=965&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=67gfrppfxvob&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fuat.newsroompost.com%2F&ref=https%3A%2F%2Fuat.newsroompost.com%2F&top=https%3A%2F%2Fuat.newsroompost.com%2F&vis=1&psz=0x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1944785838.1697723872&ga_sid=1697723873&ga_hid=1956877204&ga_fc=true&dlt=1697723872766&idt=512&adks=439322361&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js?cb=31078904

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5c37a52eb2b280bdda815c6b420a97b016fffe66be8eba03b3d6b5c8cd455ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16664
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://uat.newsroompost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F957 6 KB
3 KB 76ms
47ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js?cb=31078904

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uat.newsroompost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:57:53 GMT
expires: Fri, 18 Oct 2024 13:57:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 67C9 6 KB
3 KB 47ms
46ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uat.newsroompost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:57:52 GMT
expires: Fri, 18 Oct 2024 13:57:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F2EB 0
20 B 141ms
141ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=cmpMet&pvsid=3394093679484277&vrg=202310160101&nw_id=22654691416&nslots=1&eid=31078931%2C31078933&pub_url=https%3A%2F%2Fuat.newsroompost.com%2F&fc=0&tcfv1=0&tcfv2=0&usp=0&ptt=17

Requested by

Host: uat.newsroompost.com
URL: https://uat.newsroompost.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F2EB 38 KB
16 KB 174ms
174ms Fetch
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3394093679484277&correlator=441908646896877&eid=31078931%2C31078933&output=ldjh&gdfp_req=1&vrg=202310160101&ptt=17&impl=fif&iu_parts=22654691416%2Cnrp_eng_desktop_homepage_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&didk=392479039&sfv=1-0-40&sc=1&cookie=ID%3Dfc7f81e417cd37b2-22ad0f7cf6e200bf%3AT%3D1697723871%3ART%3D1697723871%3AS%3DALNI_MblJY-HHX_EwYVFdjRJKJrF72AgGw&gpic=UID%3D00000c9c8f16de81%3AT%3D1697723871%3ART%3D1697723871%3AS%3DALNI_MbKsd8eXN3gDxGEyQYZMEbcZmtXFg&arp=1&abxe=1&dt=1697723873458&lmt=1697716673&adxs=1090&adys=3410&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=5rcewi8gca8w&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fuat.newsroompost.com%2F&ref=https%3A%2F%2Fuat.newsroompost.com%2F&top=https%3A%2F%2Fuat.newsroompost.com%2F&vis=1&psz=0x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1944785838.1697723872&ga_sid=1697723873&ga_hid=1416715730&ga_fc=true&dlt=1697723872780&idt=666&adks=439322361&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f70082d13737518caf37aefb53c52b92355e7d38290c483c412c399c667b2ad4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16157
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://uat.newsroompost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4D85 6 KB
3 KB 104ms
46ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uat.newsroompost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:57:53 GMT
expires: Fri, 18 Oct 2024 13:57:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E56A 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uat.newsroompost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:57:53 GMT
expires: Fri, 18 Oct 2024 13:57:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1791 0
10 B 37ms
36ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Hz4mqw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 7D16 229 KB
61 KB 98ms
95ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTE14AAMNyEK3r4LAAQZVm_-AhN9xtvQTTajLg&u=%7C4v4bc%2Fo%2B1LaKKhwy7J0KaGPa4Zo2WdCUFVOlGZt88zo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MgBRA06n4_YKg1oYOaEv-yaWt-0vzAYTp8FngXdkYeTdvT474OcKaxVveDlVZMqqorRHSPYj8RZjf4XKGMbOB62P3KLtjtVkM3ezIsyj2dvYC440u7D2BQTK3Xzgx3SINPxyfZRcSmUM5Ss8SqLCKqF3SBLa75DPCS7Av9wPnbeGt9xJGGwYPIrTqUi_1xfrzEDXBvwAr-9S5sVngPj945lnttlKHUh82kwUTOinCNfmIXY58BCD6MbIdD36e-fnoHxizz9J9Sd-9tcbc5vOfihGio5LSvJNJ5snXDFLaLkxTlF2jhJN2F-PGry7qGLxF-8nEv3f2YPltbZX0PKfTs20VnL9nwR4a1cmBgREiVnJpxERviHHzsPj3OWLS4kxmneMnBjBoSRHO5B2CUaj-4WBW1bsRoT912En5kBI7MrNeJ1ihAA19MZTz-N7rGJ_tMuVBBM99VjNjN1co_DGtQ_srw5N55v20Um_0MA5WC3sDwvj258pJoAtU_lG6IYBeyJWJHziICAwXdcMTgSMT_9OCIBLew1RMnO-OB1krNxV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4sJ54DUxZaHuMIv8-gbWspDAAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMDU0NzQ1NDMyNTAyMzLIAQmpAgiHxTO1tLE-4AIAqAMByAMCqgSZAk_Q9gUH_X1JtVfb_flLGkQmcOrz5AtO80Pa-RxadcKuFvPzWhrD9KTY114CYIsnhMjL0n8WxQhXgykZ2CUaq6f4XuRRO21zOGtst1abhKQCGjmffqSXssCi6LmGebOexGHLUPBFo2dZt9wqdNa-cKfmCb1KjIyXAJqZlmVKODTGQmbxoKyXcjnGqA5Rnj7xJtofO9yOeCdiYAaHfiaytzctxMIOiqtPmqUHQETMMhgjb3wPt8E8Zjoc441wZxyFyg2eMKBDw5_k6C2F6sxOeqhcyXIr5SWjXcdHuOh-ltgoLtwLDKrPShLlRVwXbXDUYUCwqo10F1TCL5ohb6vpgInr-b_PGtD9SRkwlsoQ6eM6fb_tgu1WzMaw4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3BoWZFXmqLKukGCWb5yAymkH3R0w%26client%3Dca-pub-4305474543250232%26adurl%3D

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c5e7e8da627f5bcd6c344d0ce930e5e60062909305a4437ea788b73c028ad97d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:57:52 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=JVjkdHDYeskX71XrPmNcQ1xA97jC4wG3j5rb-6T0rUFG2ZTALotbMUAjqOQVy-NpW_1Hyd5I3FuF7uLq7rbcWoD21eVSLFnfkFp7eVV4Ds_4xK5cazo3LT0w6KuoOEzlZCaCNL-CrUBhzOW6qOFZoSNrMc_wOBmd7at8LDIXNvq60MBcvGaZgEomnTFLc-naGXK05lakYlp0uDcIdz99XCLfPTwMuRYjtdPM5KPkg8-Z-d2vEFBkJwSnqLHWKTha0ZCSqQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 71968159
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 67C9 3 KB
1 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 10:02:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 10:02:36 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2B9A 1 KB
643 B 42ms
40ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 09:30:04 GMT
etag: 48472445140208031
expires: Fri, 20 Oct 2023 09:30:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 67C9 20 KB
8 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:35:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 22:35:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 67C9 0
0 47ms
44ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCVh0YzgAPhkuqLi3DfYXSFggjRP-S-Ew8CPk3ooaYs-b57baEIsGpRrDRmjLwpB16WoLN7ExBJ5xOQaxukrJMaVJ93A
Requested by: Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 67C9 24 KB
6 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 545024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 12 Oct 2024 06:34:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 67C9 187 KB
59 KB 73ms
71ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:57:53 GMT

GET
H3 200 container.html Show response
ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 41EA 6 KB
3 KB 47ms
46ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js?cb=31078904

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uat.newsroompost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:57:53 GMT
expires: Fri, 18 Oct 2024 13:57:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame F984 2 KB
3 KB 122ms
67ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h85s28x61x14qavwh4da953r6gpb7xvqf0zap62xpj484ns178ys8a4381nhkt2jwgg819wcb1v52qy6jzdzwc3k02fbf5aqs0v3zan572t3yayathzzws3mrd8p8aysjfk7qs9bvb0hr8bwef5r5dq0wwtbwh5wmcz283t067mmm7tb7yagwcs3nj40wy5sq18b0dt96fx5ec82avej5y85srwz2skwj3emtbxhdh5ywmfgn28dkvvvc51zmxamnz6y9qdpn76kv7s5b46g7czknxm52f1kbwe8z9byhxgswzze9m9jygmbdjbp0574m2pj9fvwdjh0a6rpqth4g04rt5tn2k8p1xnjac2wxrzdztbjdz7bw17p6b3anfn0d4qsfcr4h52aa25ytakvv7hzeewnhsn6an015k8sdgyx5zhm1pg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCervQ4TUxZeP-C5KtgAef8oqYAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSfAk_QtDcXXYXq9tSUwNzicKybzqVPFFyawhLSf3D7yCnujraNTmP21XQVj9zIB4lOWKpOjBAsqj0D9xZ2Rp7zLUcFf7vtCybrj-aFrVIgxpNxKBaMYIwAMBgcdvwUtMvdtAms4s6ZyVXEUyLCQudXOAgKYT-HS9isX8upVnChnBaVWZ7l9DXJLck3CpAsHBGK07Uxl-ncXcp0QDe7BDVLDZPIONYvwlLqCduG12ZtSPvHPQMenC-OkIRj_KndnBrSr62jQ4P1cP32OHDt6nh8KrZ8sEVWjhEzgzLv3pgNFXRSd37lGAt49u6ohzc6vHanowEOV1Ga6drOPbhL_R9-aNdSItQJz0o4pOoESV_CN9KQv9E4i2VD2PuavCIkdY_h4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kY9i0i6fVBwFjGSNS9-z3JMlUGg%26client%3Dca-pub-1781853254296294%26adurl%3D

Requested by

Host: 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com
URL: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35583e01dd030aad86e607e24f93bed6a0111353abb803539dd21894a2b54c1c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81898862bd845d61-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:57:53 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame E56A 3 KB
1 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Host: 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com
URL: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 10:02:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 10:02:36 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2207 1 KB
643 B 46ms
39ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com
URL: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 09:30:04 GMT
etag: 48472445140208031
expires: Fri, 20 Oct 2023 09:30:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame E56A 20 KB
8 KB 42ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com
URL: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:35:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 22:35:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E56A 0
0 84ms
78ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaReXSwGCVdvCfj2Moip_QE43XdGlgoiphkQMlGp5jFjvb5Ze-ab6Z873oxb8xV6HWcNULacC9FwXLVjuUA98XaqCspAOA
Requested by: Host: 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com
URL: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E56A 24 KB
6 KB 44ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com
URL: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 545024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 12 Oct 2024 06:34:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E56A 187 KB
59 KB 84ms
79ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com
URL: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:57:53 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 93BD 0
0 81ms
79ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTi5V4DUxZcm0A86B-gaf-bWgAcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNDYyMDYyNjIyMzI2MDcwOcgBCakCCIfFM7W0sT7gAgCoAwHIAwKqBKoCT9DkxHgu0GUgpJ5Dya2aL_PeCyjNGr9xPknyO1rccv-zHvd2sddk2n2wqCnh8e531sj0Cn6SHRGlCjGY4kTiucv9JQt2ifNF6h9RQ3WHziMeXhUAFOa4FqQTF4SmVgrkRx6Z3RuaQQ2yDQB3QteuxtgCKEOU8R022K1iLIYeB6GL-p9utopr35fSBmnNXTgMLM_bLvYQPZleOKQDNykiES4CyTyM6JB5Zc4yWt4MniYjje0AonKFYjIa_xDLZF8nbFi9oDbKf5xY7i9kY88d_ki9VXhvtp9MKq1DFVmU95QpyWlFDI9d4sIV-9NjewEIU5PRje_zfJuILygXYgpoAwFIMK6d7PUtHvjjB6F9kejZr0OaqCpffjBsoEcoQpAC8ilVkO4yQkffIOAEAYAG9aedkJiV_rhwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ2MjA2MjYyMjMyNjA3MDkY6pNu&sigh=Nvm0E4omro8&uach_m=[UACH]&cid=CAQSPADICaaNJMIYv-bthb1JkKQSeSxAKteOtrEDasjetwucs4HsuIZAf8TMvKqkac0eoYlnZpTeCJMYb-1FIRgB&cbvp=2&vis=1
Requested by: Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 93BD 0
126 B 95ms
16ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=ko7EGN2BMKwC-gGdg2ICAgAAAIpxq6eLja0_t3r0AxDfNTFlJoLus1_2cJX6NQAAEgAACgpBUVVEQVFFQkFR&wp=ZTE14AAA2kkK3oDOAA18n_Rv3YnRkJwZd8lOOw&cbvp=2

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 162253
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7D16 2 KB
1 KB 49ms
47ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTE14AAMNyEK3r4LAAQZVm_-AhN9xtvQTTajLg&u=%7C4v4bc%2Fo%2B1LaKKhwy7J0KaGPa4Zo2WdCUFVOlGZt88zo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MgBRA06n4_YKg1oYOaEv-yaWt-0vzAYTp8FngXdkYeTdvT474OcKaxVveDlVZMqqorRHSPYj8RZjf4XKGMbOB62P3KLtjtVkM3ezIsyj2dvYC440u7D2BQTK3Xzgx3SINPxyfZRcSmUM5Ss8SqLCKqF3SBLa75DPCS7Av9wPnbeGt9xJGGwYPIrTqUi_1xfrzEDXBvwAr-9S5sVngPj945lnttlKHUh82kwUTOinCNfmIXY58BCD6MbIdD36e-fnoHxizz9J9Sd-9tcbc5vOfihGio5LSvJNJ5snXDFLaLkxTlF2jhJN2F-PGry7qGLxF-8nEv3f2YPltbZX0PKfTs20VnL9nwR4a1cmBgREiVnJpxERviHHzsPj3OWLS4kxmneMnBjBoSRHO5B2CUaj-4WBW1bsRoT912En5kBI7MrNeJ1ihAA19MZTz-N7rGJ_tMuVBBM99VjNjN1co_DGtQ_srw5N55v20Um_0MA5WC3sDwvj258pJoAtU_lG6IYBeyJWJHziICAwXdcMTgSMT_9OCIBLew1RMnO-OB1krNxV&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4sJ54DUxZaHuMIv8-gbWspDAAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMDU0NzQ1NDMyNTAyMzLIAQmpAgiHxTO1tLE-4AIAqAMByAMCqgSZAk_Q9gUH_X1JtVfb_flLGkQmcOrz5AtO80Pa-RxadcKuFvPzWhrD9KTY114CYIsnhMjL0n8WxQhXgykZ2CUaq6f4XuRRO21zOGtst1abhKQCGjmffqSXssCi6LmGebOexGHLUPBFo2dZt9wqdNa-cKfmCb1KjIyXAJqZlmVKODTGQmbxoKyXcjnGqA5Rnj7xJtofO9yOeCdiYAaHfiaytzctxMIOiqtPmqUHQETMMhgjb3wPt8E8Zjoc441wZxyFyg2eMKBDw5_k6C2F6sxOeqhcyXIr5SWjXcdHuOh-ltgoLtwLDKrPShLlRVwXbXDUYUCwqo10F1TCL5ohb6vpgInr-b_PGtD9SRkwlsoQ6eM6fb_tgu1WzMaw4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3BoWZFXmqLKukGCWb5yAymkH3R0w%26client%3Dca-pub-4305474543250232%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 13 Oct 2024 13:57:53 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7D16 2 KB
1 KB 48ms
46ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 13 Oct 2024 13:57:53 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7D16 308 B
636 B 15ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 13 Oct 2024 13:57:53 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 7D16 293 B
621 B 16ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 13 Oct 2024 13:57:53 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 7D16 43 B
347 B 17ms
16ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=HGPdCk7lkFM4GsNrNTZN3T0bXD9dJLT-kskkyYB2XtcMn-t_EfAghE99NnPxQab0mbDDQXLV65irH8x_lTGtTXsvFDn8rKL8GmpjOAAEavc48L7FpbDfdJiDIiBfFawcPIt-ZuuQEWwYmJUsJYD0bYUzbflDEt_KVGw0O6XBIJy5YBg2WBHofXhIw-Ot14kk7SSuZ4UAao5JOdwR0wZlWu7SzOmURCnLOaXih0cdGD-ZkhPBW-jwes2kLKnUG2d4OKwPclSU_TC7nI-IBpWgDOuTeKNL8Xifq04kS3cdr74Q4O0c2SFS51Byjoy8496p75vB5iQ44_PyAStLoT295rLlNHSbi1gZmp9Xx8RBlg_jcP05dH5GbZO7QXMDKjU6VPAks5mrtGPE93i3UF6qGTwO9J8FCwIJh3FXpk7XY0qd7KZe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1639684
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F2EB 0
0 171ms
73ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpUeRrlBHNbR4J1SnEhIXYVc4WREUOaDsO6IJ2BqZ_YIU8_5ujGOT1g1xJxdptVAWWPvETG3U8TLzwgTZD8n2QaZuJ6paUbYYdJ1wg3A93hdNAS49TFciIjhysjhifXQfGg4DiGLN17I-UGS108ssBON6Z0LXy2gqcvdOToXEdpstr3OpyA2XMO-TQqd7GWmFQM8l5Pr5fqsuR4xsIOsdVOFqz1HOMK0FjlrtLRAm9BAMH186sKCvsvB2tiAiH6RJBtQp5QuKZGqbkxIyUTf7_7GMbJasaw3m0by5kmSmQfzJtrP6AHtr8_iJ4cl5X_wCRUxdaAOByjcJddSKjnum7wEs6pV4KU-zVL8jeXb9AaUl-F4KdRRw2JrpArXZbCTTSB_9q_1p7gfVe3La77Ho&sai=AMfl-YSDZ8gFeDlgg9mDxFHuNn4sOa70rDCb7FohymA24HRxrOi9KhCjvd4b6dHT8GXqg817KZAeUT04269CfHj5AAC1aFlAJuBK2CAVb81rOYrYfUOb3oMCyLgw9yJb5zk&sig=Cg0ArKJSzAA_tnYs7uxfEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Oct 2023 13:57:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F2EB 16 KB
12 KB 113ms
112ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310160101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60c7d7ce5461641fea330e06349ed188e254d9c5d132693b6baa0fee3a19216e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12194
x-xss-protection: 0

GET
H3 200 container.html Show response
e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5AE0 6 KB
3 KB 45ms
44ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uat.newsroompost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:57:53 GMT
expires: Fri, 18 Oct 2024 13:57:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 67C9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8690b45fd1b419e1aadaabf28810bac7c559877605b6ee8f34e6c6dd3dbae9e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 2B9A
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJdRfN7jGq2YTXJcW8hbBEE&google_cver=1&google_push=AXcoOmTgttnuNwDBgffMLBcpVsVNFJwPKUTJ7GckVOT1yKGbnPrd-CgUW1a4VZR_vLpgRM4r_GySCr7WsCxgGXRGQfTGH982vlA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU3ODUzMDI3NjE1NTU4Mzg1OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJdRfN7jGq2YTXJcW8hbBEE&google_cver=1

43 B
398 B

14ms
14ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJdRfN7jGq2YTXJcW8hbBEE&google_cver=1
Requested by: Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 19 Oct 2023 13:57:53 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJdRfN7jGq2YTXJcW8hbBEE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 2B9A 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B9A
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEOm0s1Zet1I_PuaiGfiTisw&google_cver=1&google_push=AXcoOmS75M0nL-Ls7h91zZo_owI8XYWJfubYdcpcTeW2Sm0w-dRAaCxWQR3knDWfGZPDiKb4dsVSaADkTH0Shzp1T99Bq9POW39n
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=41ECC616BC50425BBD03D32167B38B95&google_push=AXcoOmS75M0nL-Ls7h91zZo_owI8XYWJfubYdcpcTeW2Sm0w-dRAaCxWQR3knDWfGZPDiKb4dsVSaADkTH0Shzp...

170 B
188 B

50ms
48ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=41ECC616BC50425BBD03D32167B38B95&google_push=AXcoOmS75M0nL-Ls7h91zZo_owI8XYWJfubYdcpcTeW2Sm0w-dRAaCxWQR3knDWfGZPDiKb4dsVSaADkTH0Shzp1T99Bq9POW39n

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=41ECC616BC50425BBD03D32167B38B95&google_push=AXcoOmS75M0nL-Ls7h91zZo_owI8XYWJfubYdcpcTeW2Sm0w-dRAaCxWQR3knDWfGZPDiKb4dsVSaADkTH0Shzp1T99Bq9POW39n
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 18 Oct 2023 13:57:53 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B9A
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEE0rxeHhrD3ShoEhJ4svKSM&google_cver=1&google_push=AXcoOmSE-2x87Er5Qt7p1WFouk6JRH8YPKGBK-qaNgJ2tilhPE2s48kS1sk7AEIonyVMijbZ25wTOKIWXsl4t6...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MTY2ODUxMjE5NjY1NTI2Mg%3D%3D&google_push=AXcoOmSE-2x87Er5Qt7p1WFouk6JRH8YPKGBK-qaNgJ2tilhPE2s48kS1sk7AEIonyVMijbZ25wTOKIWXsl4t6PRNX...

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MTY2ODUxMjE5NjY1NTI2Mg%3D%3D&google_push=AXcoOmSE-2x87Er5Qt7p1WFouk6JRH8YPKGBK-qaNgJ2tilhPE2s48kS1sk7AEIonyVMijbZ25wTOKIWXsl4t6PRNXQcv9JFQ498

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MTY2ODUxMjE5NjY1NTI2Mg%3D%3D&google_push=AXcoOmSE-2x87Er5Qt7p1WFouk6JRH8YPKGBK-qaNgJ2tilhPE2s48kS1sk7AEIonyVMijbZ25wTOKIWXsl4t6PRNXQcv9JFQ498
Date: Thu, 19 Oct 2023 13:57:53 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B9A
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEGZIPN1ARY8iP01mn3QTnGg&google_cver=1&google_push=AXcoOmSmcd0H4f3vpx_3XfIBUNVfrvdoabEFc4rKi0ceztuCQCYxNEM7XXAyCatW49ZhQEHC3fn9-FY5wXWgqgZ_6NX3YoF...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGZIPN1ARY8iP01mn3QTnGg&google_cver=1&google_push=AXcoOmSmcd0H4f3vpx_3XfIBUNVfrvdoabEFc4rKi0ceztuCQCYxNEM7XXAyCatW49ZhQEHC3fn9-FY5wXWgqgZ_6NX3Y...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSmcd0H4f3vpx_3XfIBUNVfrvdoabEFc4rKi0ceztuCQCYxNEM7XXAyCatW49ZhQEHC3fn9-FY5wXWgqgZ_6NX3YoFjjyE

170 B
188 B

61ms
60ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSmcd0H4f3vpx_3XfIBUNVfrvdoabEFc4rKi0ceztuCQCYxNEM7XXAyCatW49ZhQEHC3fn9-FY5wXWgqgZ_6NX3YoFjjyE

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSmcd0H4f3vpx_3XfIBUNVfrvdoabEFc4rKi0ceztuCQCYxNEM7XXAyCatW49ZhQEHC3fn9-FY5wXWgqgZ_6NX3YoFjjyE
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

rmpssp
sync.1rx.io/syncpixel/ Frame 2B9A
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEA...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTeDQgO95VOgid1BM-Co2zbNKtq9XtBA6z47wKrJSoa3I-qdJJCmgbtG9NjUuAJqZygT0svyILw_WPjFAUEyAi-D-LYDb2_&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-0b42021a-07a9-47ee-8a12-b6e847dc8be9-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTeDQgO95VOgid1BM-Co...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTeDQgO95VOgid1BM-Co2zbNKtq9XtBA6z47wKrJSoa3I-qdJJCmgbtG9NjUuAJqZygT0svyILw_WPjFAUEyAi-D-LYDb2_&google_hm=AwtCAhoHqUfuihK26Efci-k
https://sync.1rx.io/syncpixel/rmpssp?sub=google&google_error=5

43 B
154 B

30ms
30ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/syncpixel/rmpssp?sub=google&google_error=5
Requested by: Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:54 GMT
cache-control: no-store, no-cache, must-revalidate
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.1rx.io/syncpixel/rmpssp?sub=google&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 2B9A
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEG4qSjPFuYa5lzJTMX9Xrds&google_cver=1&google_push=AXcoOmQmq5K6R2c3b1O0IgBR6ICM-ogQBRb9iCMkzJSg1SI5I3XBTidGMDsqB-pRpziUHkNgUdpoGdtLg66...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQmq5K6R2c3b1O0IgBR6ICM-ogQBRb9iCMkzJSg1SI5I3XBTidGMDsqB-pRpziUHkNgUdpoGdtLg66XG7CI5bxm_JknMcSq-A
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

40ms
36ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2B9A 0
12 B 63ms
63ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ILOWZk784VzhIcj6MR4HYXaewrEYZeLtGxZ7vM_XRSf5JjtjmhBiwSgifob7hYnaBwhTbOjQ

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 7D16 12 KB
6 KB 26ms
26ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 13 Oct 2024 13:57:53 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame F984 115 KB
14 KB 35ms
26ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h85s28x61x14qavwh4da953r6gpb7xvqf0zap62xpj484ns178ys8a4381nhkt2jwgg819wcb1v52qy6jzdzwc3k02fbf5aqs0v3zan572t3yayathzzws3mrd8p8aysjfk7qs9bvb0hr8bwef5r5dq0wwtbwh5wmcz283t067mmm7tb7yagwcs3nj40wy5sq18b0dt96fx5ec82avej5y85srwz2skwj3emtbxhdh5ywmfgn28dkvvvc51zmxamnz6y9qdpn76kv7s5b46g7czknxm52f1kbwe8z9byhxgswzze9m9jygmbdjbp0574m2pj9fvwdjh0a6rpqth4g04rt5tn2k8p1xnjac2wxrzdztbjdz7bw17p6b3anfn0d4qsfcr4h52aa25ytakvv7hzeewnhsn6an015k8sdgyx5zhm1pg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCervQ4TUxZeP-C5KtgAef8oqYAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSfAk_QtDcXXYXq9tSUwNzicKybzqVPFFyawhLSf3D7yCnujraNTmP21XQVj9zIB4lOWKpOjBAsqj0D9xZ2Rp7zLUcFf7vtCybrj-aFrVIgxpNxKBaMYIwAMBgcdvwUtMvdtAms4s6ZyVXEUyLCQudXOAgKYT-HS9isX8upVnChnBaVWZ7l9DXJLck3CpAsHBGK07Uxl-ncXcp0QDe7BDVLDZPIONYvwlLqCduG12ZtSPvHPQMenC-OkIRj_KndnBrSr62jQ4P1cP32OHDt6nh8KrZ8sEVWjhEzgzLv3pgNFXRSd37lGAt49u6ohzc6vHanowEOV1Ga6drOPbhL_R9-aNdSItQJz0o4pOoESV_CN9KQv9E4i2VD2PuavCIkdY_h4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kY9i0i6fVBwFjGSNS9-z3JMlUGg%26client%3Dca-pub-1781853254296294%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h85s28x61x14qavwh4da953r6gpb7xvqf0zap62xpj484ns178ys8a4381nhkt2jwgg819wcb1v52qy6jzdzwc3k02fbf5aqs0v3zan572t3yayathzzws3mrd8p8aysjfk7qs9bvb0hr8bwef5r5dq0wwtbwh5wmcz283t067mmm7tb7yagwcs3nj40wy5sq18b0dt96fx5ec82avej5y85srwz2skwj3emtbxhdh5ywmfgn28dkvvvc51zmxamnz6y9qdpn76kv7s5b46g7czknxm52f1kbwe8z9byhxgswzze9m9jygmbdjbp0574m2pj9fvwdjh0a6rpqth4g04rt5tn2k8p1xnjac2wxrzdztbjdz7bw17p6b3anfn0d4qsfcr4h52aa25ytakvv7hzeewnhsn6an015k8sdgyx5zhm1pg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCervQ4TUxZeP-C5KtgAef8oqYAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSfAk_QtDcXXYXq9tSUwNzicKybzqVPFFyawhLSf3D7yCnujraNTmP21XQVj9zIB4lOWKpOjBAsqj0D9xZ2Rp7zLUcFf7vtCybrj-aFrVIgxpNxKBaMYIwAMBgcdvwUtMvdtAms4s6ZyVXEUyLCQudXOAgKYT-HS9isX8upVnChnBaVWZ7l9DXJLck3CpAsHBGK07Uxl-ncXcp0QDe7BDVLDZPIONYvwlLqCduG12ZtSPvHPQMenC-OkIRj_KndnBrSr62jQ4P1cP32OHDt6nh8KrZ8sEVWjhEzgzLv3pgNFXRSd37lGAt49u6ohzc6vHanowEOV1Ga6drOPbhL_R9-aNdSItQJz0o4pOoESV_CN9KQv9E4i2VD2PuavCIkdY_h4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kY9i0i6fVBwFjGSNS9-z3JMlUGg%26client%3Dca-pub-1781853254296294%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 545435
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eb6j6NqflDNeoeIDLkwU0vZ5NaeNg%2FK9IDYLKoZY5j9ZpNbKR6TrrKop21XsTZ3mXZdIfmrCxuqVEfsvrL1cq0km%2FZ4%2BIGJiykP97a8CxVmeb7l8GACOWd1Ivsqr4P9QcL4VaARdn24%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 818988639e925d61-FRA
expires: Thu, 19 Oct 2023 14:57:53 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame F984 25 KB
10 KB 47ms
22ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h85s28x61x14qavwh4da953r6gpb7xvqf0zap62xpj484ns178ys8a4381nhkt2jwgg819wcb1v52qy6jzdzwc3k02fbf5aqs0v3zan572t3yayathzzws3mrd8p8aysjfk7qs9bvb0hr8bwef5r5dq0wwtbwh5wmcz283t067mmm7tb7yagwcs3nj40wy5sq18b0dt96fx5ec82avej5y85srwz2skwj3emtbxhdh5ywmfgn28dkvvvc51zmxamnz6y9qdpn76kv7s5b46g7czknxm52f1kbwe8z9byhxgswzze9m9jygmbdjbp0574m2pj9fvwdjh0a6rpqth4g04rt5tn2k8p1xnjac2wxrzdztbjdz7bw17p6b3anfn0d4qsfcr4h52aa25ytakvv7hzeewnhsn6an015k8sdgyx5zhm1pg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCervQ4TUxZeP-C5KtgAef8oqYAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSfAk_QtDcXXYXq9tSUwNzicKybzqVPFFyawhLSf3D7yCnujraNTmP21XQVj9zIB4lOWKpOjBAsqj0D9xZ2Rp7zLUcFf7vtCybrj-aFrVIgxpNxKBaMYIwAMBgcdvwUtMvdtAms4s6ZyVXEUyLCQudXOAgKYT-HS9isX8upVnChnBaVWZ7l9DXJLck3CpAsHBGK07Uxl-ncXcp0QDe7BDVLDZPIONYvwlLqCduG12ZtSPvHPQMenC-OkIRj_KndnBrSr62jQ4P1cP32OHDt6nh8KrZ8sEVWjhEzgzLv3pgNFXRSd37lGAt49u6ohzc6vHanowEOV1Ga6drOPbhL_R9-aNdSItQJz0o4pOoESV_CN9KQv9E4i2VD2PuavCIkdY_h4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kY9i0i6fVBwFjGSNS9-z3JMlUGg%26client%3Dca-pub-1781853254296294%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 545434
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvZWqCtifFClq4ti2T5hQora%2BGUAL%2FbTCdJFm2VoKMvS7bvPvpp1wW%2BBCT0zx14do7Qw6xaqZfDISEs%2BVknpvXsLclWiYQUp0p%2BesE68E4ZrlwBsiT3GFraVNaV6FnbWW%2BVV8tE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 81898863bea95d61-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 13 Oct 2023 06:27:19 GMT

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame 41EA 5 KB
2 KB 55ms
9ms Script
application/javascript 2600:9000:2251:8600:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=300&h=250&zindex=0&ci=Xm5m1vekkx&ei=GOOGLE_CONTENTNETWORK&ob=0&ai=0DaDXCcU00&epid=R0NuZXdzcm9vbXBvc3QuY29t&fiu=WG1KVFAyNDVlMA&s=https%3A%2F%2Fuat.newsroompost.com&ciu=XRzTeTi6gk&btid=RTNFNzY2RkQzNTVCNDg0NDkyRDVFN0E0RkIzQjE5N0Z8R0ZhWGVYQVF2U3wxNjk3NzIzODczNDY0fDF8WG1KVFAyNDVlMHxYUnpUZVRpNmdrfC0xOTkwMjA0ODQwX0VYfDM0OTEzfHx8fC4wUHxVU0Q&c=DE&dt=2dt0005&sd=newsroompost.com&cip=1&hmt=1&uidu=CAESEFAj3HyqbruhRYjNjK3RmBM&spidu=GOOGLE_CONTENTNETWORK&pidu=newsroompost.com&hmpvu=a9e01ee8-f784-4aef-bb7d-d3547944135e&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XRzTeTi6gk&

Requested by

Host: ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
URL: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:8600:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id: 0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding: br
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
date: Sun, 15 Oct 2023 11:17:37 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 355217
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
etag: W/"a6c8a5bdec77729759b220b95bf503f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate
x-amz-cf-id: smCWIAuM1VG4G8JW-1go8bP8k5-KAvobkI2fL3IJFKkYt8I3_dNg7g==

GET
H2 200 XassetkFJs3ny4.png
ads.w55c.net/t/d/ Frame 41EA 38 KB
39 KB 55ms
10ms Image
image/png 2600:9000:206f:1c00:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.w55c.net/t/d/XassetkFJs3ny4.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=RTNFNzY2RkQzNTVCNDg0NDkyRDVFN0E0RkIzQjE5N0Z8R0ZhWGVYQVF2U3wxNjk3NzIzODczNDY0fDF8WG1KVFAyNDVlMHxYUnpUZVRpNmdrfC0xOTkwMjA0ODQwX0VYfDM0OTEzfHx8fC4wUHxVU0Q&ei=GOOGLE_CONTENTNETWORK&ac=WFMwUE56aXZTMTpYU2YwU29uZW43fDB8MHxFVVI7&js=0&ob=0&ccw=SUFCMjQjMS4w&ci=Xm5m1vekkx&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fuat.newsroompost.com&ts=1697723873466&c=DE&r=G-HE&epid=R0NuZXdzcm9vbXBvc3QuY29t&mi=d2Vi&wp_exchange=NWP
Requested by: Host: ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
URL: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1c00:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d77fe1a9555985d6d3981209d00dbe2d28208cb42917322b57ec2f73b6e075b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id: SLHuFXuOnpUf03k5jtH8203t4E1wMpAt
date: Thu, 19 Oct 2023 08:02:02 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 21351
x-amz-server-side-encryption: AES256
x-amz-meta-width: 300
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 38935
x-amz-meta-height: 250
content-length: 38935
last-modified: Thu, 15 Jun 2023 15:29:43 GMT
server: AmazonS3
etag: "b29dd6c8e5bad4c52ce4a5727083404e"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: U-G5zjrlmsY1LCIgxOskhhMNXxUgquYdVVEE1hyrPT5gyHev3TgkYg==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame 41EA 95 B
928 B 337ms
38ms Image
image/png 154.58.197.185
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=8459201701504418
Requested by: Host: ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
URL: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 , Spain, ASN174 (COGENT-174, US),
Reverse DNS: staticip-hv4m185.hispavista.com
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 13:57:53 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=1000
Expires: Sun, 16 Oct 2033 13:57:53 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 41EA 3 KB
1 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Host: ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
URL: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 10:02:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 10:02:36 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 41EA 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
URL: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:35:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 22:35:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 41EA 0
0 44ms
43ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR9SpM6_V34MCfHwOSW_H24QF-55LPdTfHnRhZ1PmECyleMBR2E6Nzv4XJyDpoU9Ts8zjlBE5hmdm24c4GUUkn-aFdiRQ
Requested by: Host: ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
URL: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 41EA 24 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
URL: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 545024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 12 Oct 2024 06:34:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 41EA 187 KB
59 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
URL: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:57:53 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F2EB 17 KB
6 KB 150ms
150ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Oct 2023 13:57:54 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7D16 18 KB
18 KB 19ms
16ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f9c8796516af78ee9f53c91aaeeb28cd54e33dee0fb377e7a65be204558df0da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 18698
expires: Sat, 04 Nov 2023 22:38:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7D16 121 KB
121 KB 25ms
23ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4813b68e3f6258ca16f1c73b3652abd5156caebe242074f3df41f09c2a6fc3d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 123690
expires: Sat, 04 Nov 2023 22:38:41 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7D16 4 KB
4 KB 18ms
15ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

47d28f2d8e65dc2ee8bf14064d39a5915f75fca7c1c91b922f6955fe7fc02f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 4054
expires: Sun, 05 Nov 2023 04:56:44 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7D16 5 KB
5 KB 17ms
15ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

14392c9baa0d1e691f861f1bfa0cda3caf6d3080edfabda0a2c276dfa13f2afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 5320
expires: Sun, 05 Nov 2023 12:40:59 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7D16 17 KB
18 KB 28ms
26ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5c66d67fff1bb62059630c5c49de873b28548398847a2beff2f3f006c4388c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 17770
expires: Sun, 05 Nov 2023 04:46:14 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7D16 16 KB
16 KB 18ms
17ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 16076
expires: Sat, 04 Nov 2023 21:55:50 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7D16 13 KB
14 KB 18ms
17ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2Fde7bb98efd3a445e80511badf471eccc_eu_oveckarna_vertikalni_hneda.png&v=3&w=596&rid=4&s=MSUQ5ZPjTN-40SGiHLSxOx0a

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6cbe8afbaa101f41446ac5bfc341a559d315cab38a0e88e04fd82a10404f8917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 13661
expires: Thu, 03 Oct 2024 11:32:38 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7D16 13 KB
13 KB 19ms
17ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F9%2F7319_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=QwDf_oxz2YqnFpEv9FkE6Mel&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

76ee0961e6fc5fe6be30f86e379b24c011ada622f43d9bf323548cc656d6cb28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 12824
expires: Sat, 04 Nov 2023 22:56:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7D16 22 KB
22 KB 19ms
18ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F0%2F10130_102.jpg%3F1635951174_2&v=3&w=400&rid=4&s=7b1lmSoR6F-hJPmAoSkS43Z2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a86517a32e34de02184899df16ce7ff27ef1004db110897bf573ad114764dd03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 22064
expires: Tue, 07 Nov 2023 20:37:10 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7D16 6 KB
6 KB 21ms
20ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F5%2F13815_102.jpg%3F1656926593_2&v=3&w=400&rid=4&s=zCLjKA6oT_BXHfH90KvD4fa5&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

19fb949b60ef0320ecf06476f86db2dfad6322d18501b42a785594ad5a16ad80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 5902
expires: Thu, 09 Nov 2023 17:06:47 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7D16 0
127 B 18ms
18ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=JVjkdHDYeskX71XrPmNcQ1xA97jC4wG3j5rb-6T0rUFG2ZTALotbMUAjqOQVy-NpW_1Hyd5I3FuF7uLq7rbcWoD21eVSLFnfkFp7eVV4Ds_4xK5cazo3LT0w6KuoOEzlZCaCNL-CrUBhzOW6qOFZoSNrMc_wOBmd7at8LDIXNvq60MBcvGaZgEomnTFLc-naGXK05lakYlp0uDcIdz99XCLfPTwMuRYjtdPM5KPkg8-Z-d2vEFBkJwSnqLHWKTha0ZCSqQ&sds=2&rev=88955&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7D16 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 13 Oct 2024 13:57:53 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7D16 2 KB
1 KB 19ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 13 Oct 2024 13:57:53 GMT

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame CE90 2 KB
3 KB 41ms
39ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1k3aaxeg6dc7rje1pycvsja3yypxyvwes5dvngxr9tzw7qtw196a6kf581mmta80njgzas99a7nmgrb3q4sj3fqtethy75ckt6amw15886k1092bt56412twh48bhwm32zmvgzb2by8bmnwd9z2a094s4k4mttk289ckmdy82c2rt0vgpcxa3zrna338xybfxzvns5n9pw4bgcyrh5vqf621vm5fbe5592hqfd89ndqng7vfhn24231fktx51p8s74b87894yhf1exszaa0v5de2tf69hw67qgp58zjxnqf76z5phwew3kjt5x47wm2x20j79xfwnt7b6jzrqevmeyca54fa59c90rzs6aw5vyeqyzwewby9xvs138dm06wy5y7913gwa9gyz3q5prphmhpm02rwng9xfkc5yp3czj39wpzy7w7rr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%26client%3Dca-pub-1781853254296294%26adurl%3D

Requested by

Host: e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
URL: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

337cc40c902faf17b8752d67391163f0c6c5b90a79b27ba9d8e7a4fbe8d371e0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 818988646a6765d4-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:57:54 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 5AE0 3 KB
1 KB 40ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Host: e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
URL: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 10:02:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 10:02:36 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8344 1 KB
643 B 46ms
41ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
URL: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 09:30:04 GMT
etag: 48472445140208031
expires: Fri, 20 Oct 2023 09:30:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 5AE0 20 KB
8 KB 40ms
37ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
URL: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:35:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Nov 2023 22:35:17 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5AE0 0
0 50ms
46ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnnyQ7acjW5Nu-CFzuJQ2ReE-Cb4JAs4nOX_3lRg2EYCMApqWpaOgt-Eyvof8f3Ty_xDkszQOUfm4fq3oXrBS8pop1pQ
Requested by: Host: e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
URL: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5AE0 24 KB
6 KB 42ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
URL: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 06:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 545024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 12 Oct 2024 06:34:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5AE0 187 KB
59 KB 108ms
105ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
URL: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:57:54 GMT

GET
DATA 200
OK truncated
/ Frame E56A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15c1325363e42681f23ed19da0f04f08438f3accc85b4a575a1b7f9acade7f83

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2207
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFAj3HyqbruhRYjNjK3RmBM&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QjBCOTlZQVMxUVR0eDc1&google_gid=CAESEFAj3HyqbruhRYjNjK3RmBM&google_cver=1&google_push=AXcoOmQSwwOAti4oRl3LbCr_mFe9BlmOOWT24Rz9rBqznCN...

170 B
188 B

76ms
75ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QjBCOTlZQVMxUVR0eDc1&google_gid=CAESEFAj3HyqbruhRYjNjK3RmBM&google_cver=1&google_push=AXcoOmQSwwOAti4oRl3LbCr_mFe9BlmOOWT24Rz9rBqznCNlK02J5By-OD1_hU6UXVTKalmy4kh28kZvW6gNFZOEhVsaSTOrRfuTig

Requested by

Host: 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com
URL: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Oct 2023 13:57:53 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-031606d58fcbc7991@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QjBCOTlZQVMxUVR0eDc1&google_gid=CAESEFAj3HyqbruhRYjNjK3RmBM&google_cver=1&google_push=AXcoOmQSwwOAti4oRl3LbCr_mFe9BlmOOWT24Rz9rBqznCNlK02J5By-OD1_hU6UXVTKalmy4kh28kZvW6gNFZOEhVsaSTOrRfuTig
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame 2207 43 B
462 B 187ms
176ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEKx_43eCFsmvgX36y-DGfEc&google_cver=1&google_push=AXcoOmQe0QayYAynooa1fuoD8_DgMx05xRucMej2HYFzfWE_QwJHKfdZAYogh2FhQIEHT1jU0WNQCV1Cf8xMF7VasNi23ZnBtKPGVus&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQe0QayYAynooa1fuoD8_DgMx05xRucMej2HYFzfWE_QwJHKfdZAYogh2FhQIEHT1jU0WNQCV1Cf8xMF7VasNi23ZnBtKPGVus%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com
URL: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:54 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81898864be12907c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 2207 70 B
148 B 46ms
35ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAGvkLBJDvq98_0FL5Lle0I&google_cver=1&google_push=AXcoOmS6Iv6wmbQtskQ8KwucOd4iXJCjHgmcmel_JJK2mwU1EdhsAwcnbLu47BHwR5WZCfyf8mWesFUIPFH4UXdoneM9Wc-fPpnbd9M
Requested by: Host: 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com
URL: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2207
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMjRp8xPVPT4WiOb8Bw04uo&google_cver=1&google_push=AXcoOmRsfBtbkGd4JkpXUKuf3StfBjCwrF_RVbe2Pu1Bt78nfA721PZcX8kvm_KDMkHGq7lZ0zn5AXu7BA2...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRsfBtbkGd4JkpXUKuf3StfBjCwrF_RVbe2Pu1Bt78nfA721PZcX8kvm_KDMkHGq7lZ0zn5AXu7BA2ISqKdWQNrD1evUVJo52o&google_hm=Q2pj_u4vSBi6Le5BF...

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRsfBtbkGd4JkpXUKuf3StfBjCwrF_RVbe2Pu1Bt78nfA721PZcX8kvm_KDMkHGq7lZ0zn5AXu7BA2ISqKdWQNrD1evUVJo52o&google_hm=Q2pj_u4vSBi6Le5BFwv9sZA

Requested by

Host: 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com
URL: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:53 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRsfBtbkGd4JkpXUKuf3StfBjCwrF_RVbe2Pu1Bt78nfA721PZcX8kvm_KDMkHGq7lZ0zn5AXu7BA2ISqKdWQNrD1evUVJo52o&google_hm=Q2pj_u4vSBi6Le5BFwv9sZA
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

google_match.ashx
ads.travelaudience.com/ Frame 2207
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESELW0fEy8Yt4q8pb0XdFcbCk&google_cver=1&google_push=AXcoOmTBqG_uev2sJBcdP-qXnIFVGIjdQ5g0gOazy3TGiTNJrJTL5byK042WXmRkWPMUbLuxoHxCw46ryPqz4FmJ...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=We4VRFz-QM02-V0lUg6RgQ&google_push=AXcoOmTBqG_uev2sJBcdP-qXnIFVGIjdQ5g0gOazy3TGiTNJrJTL5byK042WXmRkWPMUbLuxoHxCw46ryPqz4FmJtenI0a9cmd0JpbI
https://ads.travelaudience.com/google_match.ashx?google_error=5

35 B
69 B

22ms
22ms

Image
image/gif

35.190.0.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.travelaudience.com/google_match.ashx?google_error=5
Requested by: Host: 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com
URL: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Server: 35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
content-encoding: gzip
x-engine-version: 0.0.0
via: 1.1 google
server: nginx/1.21.6
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type: image/gif
x-host: tde-deliveryengine-production-7595df5684-npvl6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.travelaudience.com/google_match.ashx?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 2207 43 B
363 B 115ms
30ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRlWqGYDDCBrqFptdf3W-LUOvBOlNcth5gRJq8iHQFK9BdCrXl5Pozo9ei9pVIvISHOjk_vI21-LwFFuCylGjPgOQJdzReVxyE&google_gid=CAESEJzauKJeMRbaVl0u1D3iY3g&google_cver=1

Requested by

Host: 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com
URL: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:53 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 291819
expires: Thu, 19 Oct 2023 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 2207
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAl5qFKvfxt0...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTKQZCe-RGqhYndTiiCzpCp7uOhMxrt5jA1VAAsvxkGJLDMDxd4KF2K_3TlAI8llYPLei_khv37JHKzvphNhH9QwEFS2zcytZE3
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&google_error=5

23 B
163 B

85ms
84ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&google_error=5
Requested by: Host: 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com
URL: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Thu, 19 Oct 2023 13:57:54 GMT
pragma: no-cache
date: Thu, 19 Oct 2023 13:57:54 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2207 0
12 B 54ms
46ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KXbprQ6HgkU2L3Hm6d0HKxCjaGw6NgoF1OWmAXP9SO5fMVvjJUOBeXvjzpgMf0oXbtjgSBTg

Requested by

Host: 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com
URL: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame CE90 115 KB
14 KB 69ms
61ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k3aaxeg6dc7rje1pycvsja3yypxyvwes5dvngxr9tzw7qtw196a6kf581mmta80njgzas99a7nmgrb3q4sj3fqtethy75ckt6amw15886k1092bt56412twh48bhwm32zmvgzb2by8bmnwd9z2a094s4k4mttk289ckmdy82c2rt0vgpcxa3zrna338xybfxzvns5n9pw4bgcyrh5vqf621vm5fbe5592hqfd89ndqng7vfhn24231fktx51p8s74b87894yhf1exszaa0v5de2tf69hw67qgp58zjxnqf76z5phwew3kjt5x47wm2x20j79xfwnt7b6jzrqevmeyca54fa59c90rzs6aw5vyeqyzwewby9xvs138dm06wy5y7913gwa9gyz3q5prphmhpm02rwng9xfkc5yp3czj39wpzy7w7rr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%26client%3Dca-pub-1781853254296294%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1k3aaxeg6dc7rje1pycvsja3yypxyvwes5dvngxr9tzw7qtw196a6kf581mmta80njgzas99a7nmgrb3q4sj3fqtethy75ckt6amw15886k1092bt56412twh48bhwm32zmvgzb2by8bmnwd9z2a094s4k4mttk289ckmdy82c2rt0vgpcxa3zrna338xybfxzvns5n9pw4bgcyrh5vqf621vm5fbe5592hqfd89ndqng7vfhn24231fktx51p8s74b87894yhf1exszaa0v5de2tf69hw67qgp58zjxnqf76z5phwew3kjt5x47wm2x20j79xfwnt7b6jzrqevmeyca54fa59c90rzs6aw5vyeqyzwewby9xvs138dm06wy5y7913gwa9gyz3q5prphmhpm02rwng9xfkc5yp3czj39wpzy7w7rr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%26client%3Dca-pub-1781853254296294%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 545436
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPmffu3%2B72cUVT1ygmkyH%2BqrMf1CjVhV3OwvBPPqusurKFdLfHYzn%2FdzJT8ia%2Bx5r%2FQuKFWAu9Ejr23DHk8MAKmjv93ewiRdi0Gbz7GNguMYi64A7edl378aUltnl7OU6QSBytsH1S8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 81898864fb4f65d4-FRA
expires: Thu, 19 Oct 2023 14:57:54 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame CE90 25 KB
10 KB 68ms
60ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k3aaxeg6dc7rje1pycvsja3yypxyvwes5dvngxr9tzw7qtw196a6kf581mmta80njgzas99a7nmgrb3q4sj3fqtethy75ckt6amw15886k1092bt56412twh48bhwm32zmvgzb2by8bmnwd9z2a094s4k4mttk289ckmdy82c2rt0vgpcxa3zrna338xybfxzvns5n9pw4bgcyrh5vqf621vm5fbe5592hqfd89ndqng7vfhn24231fktx51p8s74b87894yhf1exszaa0v5de2tf69hw67qgp58zjxnqf76z5phwew3kjt5x47wm2x20j79xfwnt7b6jzrqevmeyca54fa59c90rzs6aw5vyeqyzwewby9xvs138dm06wy5y7913gwa9gyz3q5prphmhpm02rwng9xfkc5yp3czj39wpzy7w7rr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%26client%3Dca-pub-1781853254296294%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 545435
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCbqOz9pAp0e6xbMtlhdqh52A0mR5wsE6jm83FQlpe1MpS5fxuczNC7pshKModtJxZa0JCL0rtyuJcecI5cn2%2Fe%2B1MlJ3hh8dK%2BX3jlIKX5b2m4F%2BR%2Babz4RjBGwrCTfLnf3pjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 81898864fb5165d4-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 13 Oct 2023 06:27:19 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B457 1 KB
643 B 51ms
40ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
URL: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16070
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 09:30:04 GMT
etag: 48472445140208031
expires: Fri, 20 Oct 2023 09:30:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 67C9 0
0 98ms
95ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CSR334DUxZaHuMIv8-gbWspDAAcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTQzMDU0NzQ1NDMyNTAyMzLIAQmpAgiHxTO1tLE-4AIAqAMByAMCqgSWAk_Q9gUH_X1JtVfb_flLGkQmcOrz5AtO80Pa-RxadcKuFvPzWhrD9KTY114CYIsnhMjL0n8WxQhXgykZ2CUaq6f4XuRRO21zOGtst1abhKQCGjmffqSXssCi6LmGebOexGHLUPBFo2dZt9wqdNa-cKfmCb1KjIyXAJqZlmVKODTGQmbxoKyXcjnGqA5Rnj7xJtofO9yOeCdiYAaHfiaytzctxMIOiqtPmqUHQETMMhgjb3wPt8E8Zjoc441wZxyFyg2eMKBDw5_k6C2F6sxOeqhcyXIr5SWjXcdHuOh-ltgoLtwLDKrPShLlRVwXbXDUYQKyix_0hIT_iUoGtSfJaS3l3rV5EP7ly634q2ziVv0WZScnFs2_4AQBgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHQobEhRwdWItNDMwNTQ3NDU0MzI1MDIzMhjXlIEB&sigh=-qEg5PpSEno&uach_m=[UACH]&cid=CAQSPADICaaN-7cDh7mQ6gcTw_dzDMHlS5HS8oS97V7MnMkDsKZWqtp5ep8D2PLNyB2EbeG3VijljFBkgPSZlxgB&cbvp=2&vis=1
Requested by: Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 67C9 0
126 B 85ms
16ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kI7EGMyfE6wCrAKdg2ICAgAAAMp8EAuWQ0RLEOA1MWUJdZT786srA50GAAASAAAKCkFRVUJEd0VCRHc&wp=ZTE14AAMNyEK3r4LAAQZVm_-AhN9xtvQTTajLg&cbvp=2

Requested by

Host: 7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:53 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 145122
server: Kestrel
content-length: 0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame F984 3 KB
4 KB 88ms
28ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1718
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JboNlqhkfqYm0gCPdEAM8uO2Ri23bP8IbYxaK7rvp3cQkLi%2Fq2VSpugkHrffLADiNgTighclPUo4k4FZLd0uS4JMLvmIUWtZz0yI5mkBCLPsWRhnMfzMVATQrIIZL5bqnsSyOIDJWglI4GEFsOwBvo1O"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 818988659b0b9024-FRA
expires: Thu, 19 Oct 2023 13:52:34 GMT

GET
DATA 200
OK truncated
/ Frame 41EA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 952fcf6f461c82dc3bf1a597a0b735c73c21f4fe45817f567413e1c569478376

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 i.match
a.tribalfusion.com/ Frame 8344 43 B
641 B 178ms
177ms Image
image/gif 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEKx_43eCFsmvgX36y-DGfEc&google_cver=1&google_push=AXcoOmSdWbY9CLD78YnsCqh1pQvPDlevBbjjIGn63JzPeoFpHTl8Tzbq9BWxQwnVNcH3fKBkVqCntLfCpO6WcWwk_gRWFzPNFCloUg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSdWbY9CLD78YnsCqh1pQvPDlevBbjjIGn63JzPeoFpHTl8Tzbq9BWxQwnVNcH3fKBkVqCntLfCpO6WcWwk_gRWFzPNFCloUg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
URL: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:54 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 81898865aec4049b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 8344 0
173 B 93ms
20ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEP5yGtmrngMXK9OhV4-ns-M&google_cver=1&google_push=AXcoOmRYFGpK-ntPiS3cNB7HhS9hwXZxxhzl34PKmlCjvGwghIQsDB_DBSYjl0QfQ2aU2EaFVADGQIbwUIUO2xMLJd3jxHH3R3G9
Requested by: Host: e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
URL: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

google_match.ashx
ads.travelaudience.com/ Frame 8344
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESELW0fEy8Yt4q8pb0XdFcbCk&google_cver=1&google_push=AXcoOmS8Mc836YQn5cQiIVbw92AVFhSW9J1RmIdAdd4lezEK5BTpQuFpt2KpS584Q1G-WvbRyM0KkkwuhyJ7zGJG...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=We4VRFz-QM02-V0lUg6RgQ&google_push=AXcoOmS8Mc836YQn5cQiIVbw92AVFhSW9J1RmIdAdd4lezEK5BTpQuFpt2KpS584Q1G-WvbRyM0KkkwuhyJ7zGJG9M6aLxFml6SR
https://ads.travelaudience.com/google_match.ashx?google_error=5

35 B
69 B

21ms
21ms

Image
image/gif

35.190.0.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.travelaudience.com/google_match.ashx?google_error=5
Requested by: Host: e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
URL: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Server: 35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
content-encoding: gzip
x-engine-version: 0.0.0
via: 1.1 google
server: nginx/1.21.6
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type: image/gif
x-host: tde-deliveryengine-production-7595df5684-znhk8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.travelaudience.com/google_match.ashx?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 8344 43 B
146 B 131ms
8ms Image
image/gif 52.29.100.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMNHLZGLe-MoMf9q_oRgiV8&google_cver=1&google_push=AXcoOmRJ_K_dybqUj8T3ghZseeWKOeYLUXVB2sU8ZoWCDUWMjSAmU3B_65edjkekg6EOmqB0dreGH6y6ZKSDQl6mO0jZD1czu1wr
Requested by: Host: e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
URL: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.100.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-100-88.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8344
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEGZIPN1ARY8iP01mn3QTnGg&google_cver=1&google_push=AXcoOmTMJn67jhv-zjY4CfVY_pdjjvETpN2wX3BKrepi4dUDJUU5iCQyG_T687ThDvO2KObIxLt6o7tJy4X_YJDsS-BmFAW...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTMJn67jhv-zjY4CfVY_pdjjvETpN2wX3BKrepi4dUDJUU5iCQyG_T687ThDvO2KObIxLt6o7tJy4X_YJDsS-BmFAWDY0xtjg

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTMJn67jhv-zjY4CfVY_pdjjvETpN2wX3BKrepi4dUDJUU5iCQyG_T687ThDvO2KObIxLt6o7tJy4X_YJDsS-BmFAWDY0xtjg

Requested by

Host: e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
URL: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTMJn67jhv-zjY4CfVY_pdjjvETpN2wX3BKrepi4dUDJUU5iCQyG_T687ThDvO2KObIxLt6o7tJy4X_YJDsS-BmFAWDY0xtjg
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET googleredir
googlecm.hit.gemius.pl/ Frame 8344 0
0

GET
H2

200

report
sync.teads.tv/um/ Frame 8344
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAl5qFKvfxt0...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSylEWEJkIecD-rn8tvynZGoR93wn2_DW3YdpCLnbVCKplJSmRw1q7O_tdlK2oF3qgpoi9dzx6xMqK78ne10wBs_mKwt7Olhcw
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&google_error=5

23 B
163 B

128ms
128ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&google_error=5
Requested by: Host: e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
URL: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires: Thu, 19 Oct 2023 13:57:54 GMT
pragma: no-cache
date: Thu, 19 Oct 2023 13:57:54 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8344 0
12 B 49ms
46ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KXQGJuR7BIy5knPE5mSKZ7Osk4YY9eErLYgK5sYcKbiMCrde-98Vc7IBOxlRxvFNPetIcR6N0

Requested by

Host: e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
URL: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 33EC 13 KB
5 KB 38ms
35ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uat.newsroompost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:38:23 GMT
expires: Fri, 18 Oct 2024 13:38:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 265B 829 B
561 B 45ms
44ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6d3986b9812995eac5cd9a69c96aca0f594afe3f38a88b435157a02fbcc142a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fp8eZVP0fKVQkcyF0vjm5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat.newsroompost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-fp8eZVP0fKVQkcyF0vjm5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:57:54 GMT
expires: Thu, 19 Oct 2023 13:57:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 frame.html Show response
ad4m.at/ Frame F9D7 2 KB
2 KB 24ms
24ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 176045
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 81898865cc5865d4-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 19 Oct 2023 13:57:54 GMT
expires: Tue, 17 Oct 2023 13:36:06 GMT
last-modified: Tue, 17 Oct 2023 09:43:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPvOpOvSp6D2EzsDC%2BYCZPj2XsTlt02ooUQ1OrNh8i1A4eZX4FrOMt2ibOn4n4IfnHAe9LiqdjoJAZ3Rf5%2BUnF5aOvaBN%2FyuqX1fhqDaMmpUXcPtCnTQQ7fgaeiTter%2FGfkeOqw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 5AE0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb306ecb1e73d60c1aa79920a96b7bcbea1706afaaf01a2a555a796d8be65ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 41EA 0
0 82ms
81ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNS984TUxZfu6GPaE1PIPkIuEiAW6iLSPXJzX7u6pCMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xNzgxODUzMjU0Mjk2Mjk0yAEJ4AIAqAMByAMCqgSjAk_Q5voeOvbSSzJ2VB2Z0EJT4DQoK1mB2lSD05EAae9fYB5Cbm_fNyBoaz--OGEPhubNjaVkb1mYyQlK85kUvhpggtm6oIiEW82VLn875pviwyKzHOF_s4IOUfY1RKgrwuQb_MotMuhn1uBcmFkjsU1VsKInW4oRG-i7jfUTS40NDY-WEVc0AYx83peNcbQtl_KlTFH_ZCTp3h48d_7E6jA2_OwVT3i6FCgzSVr7qzSFjOp7FRAjqviYymq9mOoFLFOMCnrGlpS2eUwqvqfWzpS-6aKPvfx-DMdV1W26dC2oame0nrQmNuPxPLawMiQtitsBxPXWVGKC96JwmO_NnZNMwNa-gZWBZJoQwyUeAt37bJdR4ob7B7KJ1_pu8mGcUCPdieAEAYAGm-uK68aOgupLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFx0KGxIUcHViLTE3ODE4NTMyNTQyOTYyOTQY15SBAQ&sigh=oJVwp1ShAMA&uach_m=[UACH]&cid=CAQSPADICaaNJPCWnDWHg8r4U5dW9T69fpgCSckv4xdRub7Qkdaxt31IcU1tUUv_dTcqTXC4Ul_hnDXjaRhOUxgB&cbvp=2&vis=1
Requested by: Host: ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
URL: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H/1.1 200 a.gif
i.w55c.net/ Frame 41EA 42 B
582 B 75ms
20ms Image
image/gif 3.121.79.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=RTNFNzY2RkQzNTVCNDg0NDkyRDVFN0E0RkIzQjE5N0Z8R0ZhWGVYQVF2U3wxNjk3NzIzODczNDY0fDF8WG1KVFAyNDVlMHxYUnpUZVRpNmdrfC0xOTkwMjA0ODQwX0VYfDM0OTEzfHx8fC4wUHxVU0Q&ei=GOOGLE_CONTENTNETWORK&wp_exchange=ZTE14QAGHXsIVQJ2AAEFkKIjOqvGz3UrtxNJ6Q&ac=WFMwUE56aXZTMTpYU2YwU29uZW43fDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCMjQjMS4w&ci=Xm5m1vekkx&fiu=WG1KVFAyNDVlMA&fid=XmJTP245e0&sd=newsroompost.com&s=https%3A%2F%2Fuat.newsroompost.com&ts=1697723873466&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=G-HE&rnd=8459201701504418&epid=R0NuZXdzcm9vbXBvc3QuY29t&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dm=MU1scEdZVXdVYQ&l=ZW58fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=1&euid=Q0FFU0VGQWozSHlxYnJ1aFJZak5qSzNSbUJN&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=i3PRmZvGsa5s7AaiLTOYRg&buid=Xdb4DXiaK1Q&dv=MUxWSXJn&az=europe-west1-b&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEFAj3HyqbruhRYjNjK3RmBM&spidu=GOOGLE_CONTENTNETWORK&pidu=newsroompost.com&hmpvu=a9e01ee8-f784-4aef-bb7d-d3547944135e&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XRzTeTi6gk&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif&cbvp=2

Requested by

Host: ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
URL: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.121.79.42 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-121-79-42.eu-central-1.compute.amazonaws.com

Software

PixelTracking/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0e3fa82937dfe784e@eu-central-1b@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Oct 2023 13:57:53 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0e3fa82937dfe784e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B457
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJdRfN7jGq2YTXJcW8hbBEE&google_cver=1&google_push=AXcoOmR8NfdzBDQH4DcfvnrZud0JSKKIFT9I57ia4NIGoKR2QUtUIlnNklv-Qvs9u9oba61fm0DVX0HtQ-xXNIIExfyAaKKkT7HdWZc
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjU3ODUzMDI3NjE1NTU4Mzg1OA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJdRfN7jGq2YTXJcW8hbBEE&google_cver=1

43 B
398 B

15ms
13ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJdRfN7jGq2YTXJcW8hbBEE&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 19 Oct 2023 13:57:53 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJdRfN7jGq2YTXJcW8hbBEE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame B457 35 B
464 B 58ms
9ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBtGZSeSW576xxhZeF5VqnY&google_cver=1&google_push=AXcoOmTL2vvjkXDSLtbjYQ1FFgaG2VnFZ9jI23XiRhI9IpPKsSpjHJt8p0uIDCa8dL96qADTnOznO4OexzicXQaFb0au82ApmVSib20

Requested by

Host: ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
URL: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B457
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFAj3HyqbruhRYjNjK3RmBM&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QjBCOTlZQVMxUVR0eDc1&google_gid=CAESEFAj3HyqbruhRYjNjK3RmBM&google_cver=1&google_push=AXcoOmTwZdIHuBBXo9v_U2_ZtQcvAEqZk6MQ4W1J7p7UXVX...

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QjBCOTlZQVMxUVR0eDc1&google_gid=CAESEFAj3HyqbruhRYjNjK3RmBM&google_cver=1&google_push=AXcoOmTwZdIHuBBXo9v_U2_ZtQcvAEqZk6MQ4W1J7p7UXVXjBUKxKMWVkrXJlCWqtxU5LU6On4b91H9FBjse0jwR1sGaiZzM7LzSF3E

Requested by

Host: ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
URL: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Oct 2023 13:57:53 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-031606d58fcbc7991@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QjBCOTlZQVMxUVR0eDc1&google_gid=CAESEFAj3HyqbruhRYjNjK3RmBM&google_cver=1&google_push=AXcoOmTwZdIHuBBXo9v_U2_ZtQcvAEqZk6MQ4W1J7p7UXVXjBUKxKMWVkrXJlCWqtxU5LU6On4b91H9FBjse0jwR1sGaiZzM7LzSF3E
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B457
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEOm0s1Zet1I_PuaiGfiTisw&google_cver=1&google_push=AXcoOmRBasy_t7SkazEV5I32ZRL7BsjY4_igncuS8qQNXCcnK8YaStTfCqi3qxwR0zBufILqfu6lcMPtKMHltByfiaOcov9o5kW8TQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=41ECC616BC50425BBD03D32167B38B95&google_push=AXcoOmRBasy_t7SkazEV5I32ZRL7BsjY4_igncuS8qQNXCcnK8YaStTfCqi3qxwR0zBufILqfu6lcMPtKMHltBy...

170 B
188 B

53ms
52ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=41ECC616BC50425BBD03D32167B38B95&google_push=AXcoOmRBasy_t7SkazEV5I32ZRL7BsjY4_igncuS8qQNXCcnK8YaStTfCqi3qxwR0zBufILqfu6lcMPtKMHltByfiaOcov9o5kW8TQ

Requested by

Host: ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
URL: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 19 Oct 2023 13:57:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=41ECC616BC50425BBD03D32167B38B95&google_push=AXcoOmRBasy_t7SkazEV5I32ZRL7BsjY4_igncuS8qQNXCcnK8YaStTfCqi3qxwR0zBufILqfu6lcMPtKMHltByfiaOcov9o5kW8TQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 18 Oct 2023 13:57:54 GMT

GET
H3

204

AdxPixel
tr.blismedia.com/v1/redirect/ Frame B457
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEP5yGtmrngMXK9OhV4-ns-M&google_cver=1&google_push=AXcoOmSb6C9DYYw-y8xAI__wvmrmZGBS4PIiNf1YW_TEXGg1wyOsxkayQpOXGEfxjgrOUFJYU63B97dJasCwnk...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSb6C9DYYw-y8xAI__wvmrmZGBS4PIiNf1YW_TEXGg1wyOsxkayQpOXGEfxjgrOUFJYU63B97dJasCwnkzy-oWB6GL3swYsmQ&google_hm=hmUxNeKyrACHHGx...
https://tr.blismedia.com/v1/redirect/AdxPixel?google_error=5&partner_device_id=653135E2B2AC00871C6C44A2BLIS

0
9 B

19ms
19ms

Image
text/plain

34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/redirect/AdxPixel?google_error=5&partner_device_id=653135E2B2AC00871C6C44A2BLIS
Protocol: H3
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tr.blismedia.com/v1/redirect/AdxPixel?google_error=5&partner_device_id=653135E2B2AC00871C6C44A2BLIS
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 308
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame B457 43 B
145 B 10ms
8ms Image
image/gif 52.29.100.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMNHLZGLe-MoMf9q_oRgiV8&google_cver=1&google_push=AXcoOmT1i5enTOdRi4lZp_p3jUSemgO_NKnu9xVnvkIhzJB5C4Fp7_gMTtGOJnYRyEooGGIbJj55oAqD1qTxwLTf93ObQWo9EVtWA1w
Requested by: Host: ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
URL: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.100.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-100-88.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame B457 43 B
362 B 20ms
17ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ5mMRT29odGeexicyuekLlegtRY8Iy0QMHr5lDjrL86GJKjNmm2yemUlADFGQLHRlxFl8MVtLhNbDqbb72bvEUmPcjlE20Rw&google_gid=CAESEJzauKJeMRbaVl0u1D3iY3g&google_cver=1

Requested by

Host: ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
URL: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:53 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 197140
expires: Thu, 19 Oct 2023 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B457 0
12 B 49ms
46ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K5DEjD_-SUdAqvgTv0oeSnL0sNLlleSK0J-P9BqVbsb9jGXXxI4-sFYCwF1k6nq5lFFTkJ

Requested by

Host: ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
URL: https://ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame CE90 3 KB
3 KB 28ms
26ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1718
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N27AYXMFPDgrqq%2BFZ4pGyRrpfCgLXnVm3FWgL%2FjO6WNf0C%2BqEsqhvG%2B3COHZzi2uvfv283uVpv2tGAxK7CZIurc4CEo7Judvk6MqryzgoNNdYDc%2BMMzbuFQ2%2BotYmCGUUdd71U7ADGO9wjDM6VUAMKjo"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 81898866dc199024-FRA
expires: Thu, 19 Oct 2023 13:52:34 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E56A 0
0 82ms
82ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CdnZx4TUxZeP-C5KtgAef8oqYAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgScAk_QtDcXXYXq9tSUwNzicKybzqVPFFyawhLSf3D7yCnujraNTmP21XQVj9zIB4lOWKpOjBAsqj0D9xZ2Rp7zLUcFf7vtCybrj-aFrVIgxpNxKBaMYIwAMBgcdvwUtMvdtAms4s6ZyVXEUyLCQudXOAgKYT-HS9isX8upVnChnBaVWZ7l9DXJLck3CpAsHBGK07Uxl-ncXcp0QDe7BDVLDZPIONYvwlLqCduG12ZtSPvHPQMenC-OkIRj_KndnBrSr62jQ4P1cP32OHDt6nh8KrZ8sEVWjhEzgzLv3pgNFXRSd37lGAt49u6ohzc6vHanowEOV1Ga6ZjMHCqcBJg-oFAatA5AXbgBsOCpQ3Ha6lJS9kPAH3tvwC5GI2Ls4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFx0KGxIUcHViLTE3ODE4NTMyNTQyOTYyOTQY15SBAQ&sigh=lSdwdHbT8ws&uach_m=[UACH]&cid=CAQSPADICaaNm4CUGgrf8Cb6i1BP-3Wka17GM2kImpxNIjwBFxIAsb_yuEp6EZUR5qLyPBufysIkv01lLFLj-BgB&cbvp=2&vis=1
Requested by: Host: 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com
URL: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame E56A 0
103 B 74ms
23ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k6d0q891p9vtzm6h6556raxydvqmdgtq4pfrdhn070s1jqz37d7nfynctpjgjy7pd2fjem9qtdbtxg41t3f12d2z80qtm3255r1900grmahmgddfe3n4abntgs8pwkqv02xwr2cz42dymvk16pqdtdtsrndt2mh3e6jpzyka5wnqb1g7hr0z09h90jvdkd4at80wg27edchdn6y64fpn22v0g6b75j0b23r5kwps4peyje9cdz7k2r09gdh1jfzc22dz40c4x3ce30f31c2sq38wg8prcfzye6garn8vchryztqnp3sc6kd9rcdba7k419yesbf4bed1ycv3q5sshvrkkgkm2sp1mm05chedbawn678sr45std3xfnds98w5fc36vhd80&b=ZTE14QAC_2MK4BaSAAK5H4IA5cXtfUrLR1Wd7w&cbvp=2
Requested by: Host: 16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com
URL: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 19 Oct 2023 13:57:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 frame.html Show response
ad4m.at/ Frame 623A 2 KB
2 KB 33ms
29ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 176045
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 818988671e1b65d4-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 19 Oct 2023 13:57:54 GMT
expires: Tue, 17 Oct 2023 13:36:06 GMT
last-modified: Tue, 17 Oct 2023 09:43:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOPF%2BP9Zv2g7bYNvVxC1s3xGNc7xV8s%2BAc%2BIPqKK3TW0GFWdT5adR%2FbfDMgyTBqUu3irayh1yXb91CXHW%2Ft9EQh880ncsdxiMALraEbf02rOlL%2BOlsLvSw%2FOTeois9bOMuEI%2B0A%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 145ms
145ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=758522786356559&bg=!fn2lfTLNAAbFpEfJ5aQ7ADQBe5WfOKfBaW1q4zda_8O3MkmmdCcvYTqWACyEjS2YhAfdwFLEFF1GWb1SFecHFZKZAT_jAgAAAvpSAAAANWgBBwoALd1_MwgFiaMR438XclzXHvO2KFdND6wfRW4liHq_l-dFk_qI0g3mE_y4pXOc5JkDBR53lBKn7exZnBBFIZA4u4LdVvXqr2K87pmMPGfM-Pwjstx4RDfLELwvFqIbur5PkL9EZqsVM5MhWCrs7Iy1V22R3cnspqfDxx7Hlf9T_Us6jL4zDc7iEZRi8HlAqgBD9s4ar8v8mwVIFByPMqTDCgYkxfVU35EbJuEZtX2o7kGA5RcdKkqqbSnqE1IlssdryMcgkLK-bL26VtKoXAkSPDeixAEiChlu_TizWrtr5GmVGWCnm59VY6O9DtbCJKbjnVUvs5-NuPpSbZDEw4k8Tj4M8pRZoPjQ4BuG-mve5QkP6BC0AuubKsHGyxwic_idAn7ufPhAJcygJe3tsm8kSSn7iKlPZxIf68Sw8m7CpD62DeGvrKVZqA9IlEbrMfLRsAAaYb-bf8TI1WLm6yRHHa4z4GhR4VmPLZL8D0n-zUkZrDjQEWTJlEvb-fBVIRsekILmvJ7cbn6eX8_7Y-F-ebtytCgQ6yqRqNQWUXs6i7nhnjLaVse_HsMNpyD8dNtm750Vt0MMdfGEiUdMHKzzJhGul6Ou4y0ORnciWK-YIST4pXMc70vIxKfq04Jgyj8IsBnO7_WzD3EIKbKZ-6-2yhPTfyDFNc9DDENGLAW50mSycivZCij0andLGOq0jyeQ6HM2delKfiS-nDNWpm6ic4gJurDOtrkZmNNnbVhsJknlqtDxxuI5i7Y_-V9_-wVRJ5-YRwI1RdyLBC0kDnayzckPrpcHfW1xsroEJxUOXexfQiKWPtEXkEGxUVLm7fRWPIP4Ay8rdlTz6SxpOpXKETC1gs4K9az5eTweeKSGvqBs5-qhDhKfOxTAznieh62UcRtPElC6RKPDT-qncpWpj2lqjaod6dwQAC_CmmvibkEz1Ua_GiB2dZK_aKQlouPsgtOuvyOfmVXR45aG9CmqHU2tbcXDZbJzt219bMOEYpGNmdLzeNTXMIy5QRwHj-njsrVCK5wvaLzF0NBJ7s6z7cRxyV_vO8rjUSl4CWnWstIFmlyYv05seYe1L7g9pu2TuE0aBtFD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 265B 0
0 140ms
140ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310160101&jk=3394093679484277&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 29B5 0
0 73ms
73ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvY8uQB3TftYxRz_2ayXlWR1p8zwVoxMTUYi_r06SyDwoYdHZVm1pB_NYq6o35VBYItqw4kLhgOBYAbF1g2UOvjnXruqJkBzEW6ba2veRZoSjhtfHvb3YTkO9K0ZvWdHhacl6eO4JbIt2a71nGl9zcYHMCeIhbVA3a90pWQldh4IQK8goQrXeH2l-epdOMqke2GD-m0v_RuZJf7FFp0O9rK2LFE403inoI5Pz58x--rIJwhDruGS8DVjw2q6_cVId0asLGQ6MQ07f1gCPRxW6LqNl-RR2giKs6HdxUSLi3zwD5L3-aPajB5xKhgFm3TSmJ8Q4z1OOfuWPq5Y8kF6o5CjCXDarRNYNxUIQmbbdA1LBsiSKx9mtdwiVc13NVt-69KJwlT3GWW1zktXYTennY&sai=AMfl-YRYoQSbQ_qR6gUEOa10bqZtYK1DjEussEPqWyZbK5bpeTXgR7m4TUKIp06VEM9jeHZ41KoLD9aLfi0gPMxdphGcDBVsgSCoqnkPUPEkVCxmk3y6ksJZBuDMmkQY-84&sig=Cg0ArKJSzBxw5XbS0v4zEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Oct 2023 13:57:54 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 29B5 16 KB
12 KB 89ms
86ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310160101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js?cb=31078904

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c6c6781a8d947090d19d817d629276fd06537bccd357a5e02ad4d459ec6e855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12186
x-xss-protection: 0

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame 33EC 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 10:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Oct 2024 10:02:44 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame F984 2 KB
2 KB 40ms
39ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc6d3118db2a52d3201858c175721961b48a931d2d18f59d372d9ecf781bc6cd

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQhRARY%2BbJZreTDOJGLBghOP%2Byf7O%2B9unmkbC0BaY1g9HPH%2BNj2AEOE7Rkzanzwf%2BnIrnh79Y8zoz34nx0QhE55VknNxsPstRdIZRZO7n6L1Tcso92Hu4Zt5ZTdXK1vVHsRb7lU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 81898867898818d3-FRA
x-backend-server: aa-reachservice-group-europe-west1-sgsc
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 56ms
36ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81898867494a18d3-FRA
content-length: 24
content-type: text/plain
date: Thu, 19 Oct 2023 13:57:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Je3V060GmRZmBoHj6wcl7MRnQ5mITSZwqtQNsVYAUXjIeS9954rNwbdcrSsPkpIYcmM6AANLtqmvT41hrKPDWHVePiAXYyDmV%2BN5%2BQBcXia%2F%2FJmS8f%2B3uW12zrVYGuo%2F6UTvAA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-8p0h

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5AE0 0
0 82ms
82ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cng8T4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSpAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_WzZrflImyiRJrYaPaTt1sDMkLCNP4ezO2FiMAyzlyPDpUtb629beAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFx0KGxIUcHViLTE3ODE4NTMyNTQyOTYyOTQY15SBAQ&sigh=bEh3kmP2M4Q&uach_m=[UACH]&cid=CAQSPADICaaNtAlpvdAt-f6FCJhvL3th0fwDtw-qTOpXslx9lsCoQodDTi0Bbik5Kif5bzD4KIkOS7KR-58EIxgB&cbvp=2&vis=1
Requested by: Host: e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
URL: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 5AE0 0
39 B 24ms
23ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k4j3afbjsha2vwtrst82f6z6v8hr3ddjej3vmptkm3yq0xrbn2rh889bydd9m2nnhr1jktr7e4vffh6843ns7ajkwv2h9jbdvzwxdhqvtw6ezdfhxz65s6p7x24mkss3a80v7nccvcr4hvx0x0ehndjdbh8be43nh5bg4eh1mgc62drwm7d0xmph395zyeqbc7bxt32nvybzdyft04f66a0fdnf4v3jnh7c8jgcket8a71dxaqw39cccc3tr6gsab55q0pqmyj24c0v521pepa3je9sbef9s8rmhb36ek8qz6n6w0wsqw7mwgwmfj6bnqzzcyf4eshxn9qjjkvth01myn50q8rdw4sbwfcc61m47x61akzcrtz4k16zk8gjyy119tjgem&b=ZTE14QAHsjkK4EqVAAWS80LqHi12xxZaVgJQ6g&cbvp=2
Requested by: Host: e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
URL: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 19 Oct 2023 13:57:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B155 0
0 76ms
75ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9sKbQCl4bY-fT30xJpVi276rBm_pRyOXmcWRWHs_YPANIZL2MFfhk-jF5chyaeHa-KycGKYwjsSFSJL7OJa65H3S--6RoIVunl5_TNF3zgFn0qFfugkcM6ufXnpOjEvoQqzW3VOdFDP8Xp73mSvklv4RyhCgpv6KMp30IsswSiUbp6L6U3EXwWA8Xd8FAPg92ylT4mOAS_hmrVtVi1UH0gESG9htE_5NSXkfVPsmzLaKn-FrNmnLGoRkqoCTNHaKhOZasyvW71xjAqY3G4Zf_ZyEdrcBZSbddufLmiWbBURbczQUErPjfAh4FNEZqfdDcjR8fsddw9F4t4qF3ZiR5VtyEnOGbnozF2upIG_fBw07o2gYBjkO53k1D8KpXDlWe6XJt61QHhDd9&sai=AMfl-YQVE16pLuwZ_PY5I3htEiElWfED5enGUoVJHjLiwDADgvaLf0ppCjj078vzJisBbajY84G0LcWXat84mEXCUkxXZ61zsVll2X74ToMw5E6CoxG4yJAUtT9uOzMXBrY&sig=Cg0ArKJSzOheyc_TzimaEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 19 Oct 2023 13:57:54 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B155 16 KB
12 KB 95ms
94ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310160101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c613bf9da88a901e6da4251f002dab0043d71441e0d8522c7460e5db768920be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12225
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 29B5 17 KB
6 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js?cb=31078904

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Oct 2023 13:57:54 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame CE90 2 KB
2 KB 66ms
66ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d50e947214c594b690c8f97a3bf87cf0f784100db55aeaa3b8299bd16e09cdc0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDxKeyEd9md0S78wSK%2BsCEAESWwL5iNuBVfmjq5r95d4M8OTyeO0yZjgeGpsshXir8N2ue3fkngLI3%2B0S3BP9GLrcznM3TlYCNVJ1ohCj46IZwVNhh6noFcaaY%2FvenE67yNt8Lo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 818988681a3318d3-FRA
x-backend-server: aa-reachservice-group-europe-west1-8p0h
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 50ms
50ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81898867c9bf18d3-FRA
content-length: 24
content-type: text/plain
date: Thu, 19 Oct 2023 13:57:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJch9Q3QznZl2T456NucRPZQfMAB1HZp%2FRxUb9oTqxICXS9Xxl3ZwDMW1miG8wIRBwfn1xzI6lIf1IhUEygs0cLVCK3zMR2uFhFUrkAsyB9nSObUp9Qxy2tzWme31wYFyYuTQmU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-8p0h

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame D84E 10 KB
5 KB 40ms
39ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=537178%2C23576%2C166402&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=728&d=90&e=&g=3730de41298fdc7532fbc06e63ac78d4%2F9654924245587981902&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874505&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hchw1xnea3m1yf9nw0dfnb6c3yxsqng8yyf2rr5tgpnwdavsr7701y83jd0fmg27xy40jrx3t32arrrha9swd082n9hz42qexkpvaj7f1nm1h4evgpamjqcxq3j1s32j9sys5nrs892jr27x2tc299anmy1m3hn07vy0xfz4r5602ka4hhwtf5wmheya6mq1snwmpz0wq1sxd1t42s49a35r1419pbxsvv4jgkspgh6br76fwn0y139m7yx2ebtvvm9x7v2v98ttr5g4qm0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCervQ4TUxZeP-C5KtgAef8oqYAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSfAk_QtDcXXYXq9tSUwNzicKybzqVPFFyawhLSf3D7yCnujraNTmP21XQVj9zIB4lOWKpOjBAsqj0D9xZ2Rp7zLUcFf7vtCybrj-aFrVIgxpNxKBaMYIwAMBgcdvwUtMvdtAms4s6ZyVXEUyLCQudXOAgKYT-HS9isX8upVnChnBaVWZ7l9DXJLck3CpAsHBGK07Uxl-ncXcp0QDe7BDVLDZPIONYvwlLqCduG12ZtSPvHPQMenC-OkIRj_KndnBrSr62jQ4P1cP32OHDt6nh8KrZ8sEVWjhEzgzLv3pgNFXRSd37lGAt49u6ohzc6vHanowEOV1Ga6drOPbhL_R9-aNdSItQJz0o4pOoESV_CN9KQv9E4i2VD2PuavCIkdY_h4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0kY9i0i6fVBwFjGSNS9-z3JMlUGg%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98923a83b1c5bec997cd1bdfcd396844cd90525d92254458da83e66c65b8c185

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1h85s28x61x14qavwh4da953r6gpb7xvqf0zap62xpj484ns178ys8a4381nhkt2jwgg819wcb1v52qy6jzdzwc3k02fbf5aqs0v3zan572t3yayathzzws3mrd8p8aysjfk7qs9bvb0hr8bwef5r5dq0wwtbwh5wmcz283t067mmm7tb7yagwcs3nj40wy5sq18b0dt96fx5ec82avej5y85srwz2skwj3emtbxhdh5ywmfgn28dkvvvc51zmxamnz6y9qdpn76kv7s5b46g7czknxm52f1kbwe8z9byhxgswzze9m9jygmbdjbp0574m2pj9fvwdjh0a6rpqth4g04rt5tn2k8p1xnjac2wxrzdztbjdz7bw17p6b3anfn0d4qsfcr4h52aa25ytakvv7hzeewnhsn6an015k8sdgyx5zhm1pg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCervQ4TUxZeP-C5KtgAef8oqYAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSfAk_QtDcXXYXq9tSUwNzicKybzqVPFFyawhLSf3D7yCnujraNTmP21XQVj9zIB4lOWKpOjBAsqj0D9xZ2Rp7zLUcFf7vtCybrj-aFrVIgxpNxKBaMYIwAMBgcdvwUtMvdtAms4s6ZyVXEUyLCQudXOAgKYT-HS9isX8upVnChnBaVWZ7l9DXJLck3CpAsHBGK07Uxl-ncXcp0QDe7BDVLDZPIONYvwlLqCduG12ZtSPvHPQMenC-OkIRj_KndnBrSr62jQ4P1cP32OHDt6nh8KrZ8sEVWjhEzgzLv3pgNFXRSd37lGAt49u6ohzc6vHanowEOV1Ga6drOPbhL_R9-aNdSItQJz0o4pOoESV_CN9KQv9E4i2VD2PuavCIkdY_h4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0kY9i0i6fVBwFjGSNS9-z3JMlUGg%26client%3Dca-pub-1781853254296294%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81898867df4b65d4-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:57:54 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B155 17 KB
6 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 Oct 2023 13:57:54 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame D84E 115 KB
14 KB 29ms
29ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C166402&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=728&d=90&e=&g=3730de41298fdc7532fbc06e63ac78d4%2F9654924245587981902&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874505&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hchw1xnea3m1yf9nw0dfnb6c3yxsqng8yyf2rr5tgpnwdavsr7701y83jd0fmg27xy40jrx3t32arrrha9swd082n9hz42qexkpvaj7f1nm1h4evgpamjqcxq3j1s32j9sys5nrs892jr27x2tc299anmy1m3hn07vy0xfz4r5602ka4hhwtf5wmheya6mq1snwmpz0wq1sxd1t42s49a35r1419pbxsvv4jgkspgh6br76fwn0y139m7yx2ebtvvm9x7v2v98ttr5g4qm0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCervQ4TUxZeP-C5KtgAef8oqYAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSfAk_QtDcXXYXq9tSUwNzicKybzqVPFFyawhLSf3D7yCnujraNTmP21XQVj9zIB4lOWKpOjBAsqj0D9xZ2Rp7zLUcFf7vtCybrj-aFrVIgxpNxKBaMYIwAMBgcdvwUtMvdtAms4s6ZyVXEUyLCQudXOAgKYT-HS9isX8upVnChnBaVWZ7l9DXJLck3CpAsHBGK07Uxl-ncXcp0QDe7BDVLDZPIONYvwlLqCduG12ZtSPvHPQMenC-OkIRj_KndnBrSr62jQ4P1cP32OHDt6nh8KrZ8sEVWjhEzgzLv3pgNFXRSd37lGAt49u6ohzc6vHanowEOV1Ga6drOPbhL_R9-aNdSItQJz0o4pOoESV_CN9KQv9E4i2VD2PuavCIkdY_h4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0kY9i0i6fVBwFjGSNS9-z3JMlUGg%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C166402&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=728&d=90&e=&g=3730de41298fdc7532fbc06e63ac78d4%2F9654924245587981902&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874505&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hchw1xnea3m1yf9nw0dfnb6c3yxsqng8yyf2rr5tgpnwdavsr7701y83jd0fmg27xy40jrx3t32arrrha9swd082n9hz42qexkpvaj7f1nm1h4evgpamjqcxq3j1s32j9sys5nrs892jr27x2tc299anmy1m3hn07vy0xfz4r5602ka4hhwtf5wmheya6mq1snwmpz0wq1sxd1t42s49a35r1419pbxsvv4jgkspgh6br76fwn0y139m7yx2ebtvvm9x7v2v98ttr5g4qm0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCervQ4TUxZeP-C5KtgAef8oqYAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSfAk_QtDcXXYXq9tSUwNzicKybzqVPFFyawhLSf3D7yCnujraNTmP21XQVj9zIB4lOWKpOjBAsqj0D9xZ2Rp7zLUcFf7vtCybrj-aFrVIgxpNxKBaMYIwAMBgcdvwUtMvdtAms4s6ZyVXEUyLCQudXOAgKYT-HS9isX8upVnChnBaVWZ7l9DXJLck3CpAsHBGK07Uxl-ncXcp0QDe7BDVLDZPIONYvwlLqCduG12ZtSPvHPQMenC-OkIRj_KndnBrSr62jQ4P1cP32OHDt6nh8KrZ8sEVWjhEzgzLv3pgNFXRSd37lGAt49u6ohzc6vHanowEOV1Ga6drOPbhL_R9-aNdSItQJz0o4pOoESV_CN9KQv9E4i2VD2PuavCIkdY_h4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0kY9i0i6fVBwFjGSNS9-z3JMlUGg%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 545436
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkYse6i9LrbUMQbR71jwjIPXAsrHu3%2Bvc57gcPNXGXUZuoWI2lcLhJBWR8lPa%2FNPH4nH6i2Mg6gNKkU%2BIOfFIcV5jm%2Fh%2FBC3tm1nudMaPSGy0DSs%2BM7OZFR7ZFcHYU3y1oJghEDKerg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 818988682faf65d4-FRA
expires: Thu, 19 Oct 2023 14:57:54 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame D84E 44 KB
44 KB 53ms
31ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C166402&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=728&d=90&e=&g=3730de41298fdc7532fbc06e63ac78d4%2F9654924245587981902&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874505&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hchw1xnea3m1yf9nw0dfnb6c3yxsqng8yyf2rr5tgpnwdavsr7701y83jd0fmg27xy40jrx3t32arrrha9swd082n9hz42qexkpvaj7f1nm1h4evgpamjqcxq3j1s32j9sys5nrs892jr27x2tc299anmy1m3hn07vy0xfz4r5602ka4hhwtf5wmheya6mq1snwmpz0wq1sxd1t42s49a35r1419pbxsvv4jgkspgh6br76fwn0y139m7yx2ebtvvm9x7v2v98ttr5g4qm0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCervQ4TUxZeP-C5KtgAef8oqYAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSfAk_QtDcXXYXq9tSUwNzicKybzqVPFFyawhLSf3D7yCnujraNTmP21XQVj9zIB4lOWKpOjBAsqj0D9xZ2Rp7zLUcFf7vtCybrj-aFrVIgxpNxKBaMYIwAMBgcdvwUtMvdtAms4s6ZyVXEUyLCQudXOAgKYT-HS9isX8upVnChnBaVWZ7l9DXJLck3CpAsHBGK07Uxl-ncXcp0QDe7BDVLDZPIONYvwlLqCduG12ZtSPvHPQMenC-OkIRj_KndnBrSr62jQ4P1cP32OHDt6nh8KrZ8sEVWjhEzgzLv3pgNFXRSd37lGAt49u6ohzc6vHanowEOV1Ga6drOPbhL_R9-aNdSItQJz0o4pOoESV_CN9KQv9E4i2VD2PuavCIkdY_h4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0kY9i0i6fVBwFjGSNS9-z3JMlUGg%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 69537
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 15:49:04 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKIO%2BAx15%2B%2FeY3fy%2BKq6Y8wq0NND8ytY7r3OWOcyXdo46PYaqsDhZu4QWOtRYgm4O8NtE7Q1So6lEMthADiOcP1fEhUUcWCbmE8pt7Sz9zFKuAZlAQS6DgVYXwVrGs61nRSTe1rO%2F13ytfWm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 818988684b595d61-FRA

GET
H2 200 809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
assets.ad4m.at/ Frame D84E 153 KB
153 KB 63ms
41ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C166402&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=728&d=90&e=&g=3730de41298fdc7532fbc06e63ac78d4%2F9654924245587981902&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874505&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hchw1xnea3m1yf9nw0dfnb6c3yxsqng8yyf2rr5tgpnwdavsr7701y83jd0fmg27xy40jrx3t32arrrha9swd082n9hz42qexkpvaj7f1nm1h4evgpamjqcxq3j1s32j9sys5nrs892jr27x2tc299anmy1m3hn07vy0xfz4r5602ka4hhwtf5wmheya6mq1snwmpz0wq1sxd1t42s49a35r1419pbxsvv4jgkspgh6br76fwn0y139m7yx2ebtvvm9x7v2v98ttr5g4qm0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCervQ4TUxZeP-C5KtgAef8oqYAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSfAk_QtDcXXYXq9tSUwNzicKybzqVPFFyawhLSf3D7yCnujraNTmP21XQVj9zIB4lOWKpOjBAsqj0D9xZ2Rp7zLUcFf7vtCybrj-aFrVIgxpNxKBaMYIwAMBgcdvwUtMvdtAms4s6ZyVXEUyLCQudXOAgKYT-HS9isX8upVnChnBaVWZ7l9DXJLck3CpAsHBGK07Uxl-ncXcp0QDe7BDVLDZPIONYvwlLqCduG12ZtSPvHPQMenC-OkIRj_KndnBrSr62jQ4P1cP32OHDt6nh8KrZ8sEVWjhEzgzLv3pgNFXRSd37lGAt49u6ohzc6vHanowEOV1Ga6drOPbhL_R9-aNdSItQJz0o4pOoESV_CN9KQv9E4i2VD2PuavCIkdY_h4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0kY9i0i6fVBwFjGSNS9-z3JMlUGg%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5511fc0a41b649423fbfa7a2738fb9fc47c5fd4669ccc5fd14186069db3295e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28929
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 156513
cf-bgj: imgq:100,h2pri
last-modified: Thu, 19 Oct 2023 05:55:14 GMT
server: cloudflare
etag: "eae3b251b1fdff23215fbbe825ac0889"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hbN7SdAHqeSxkvAF5f6Kbmv6Bdigf6Q%2B0FJ94TRyKqF9%2FNPYrf2bv%2FRZU9ZZDXEgYcZMJhHWuHSnlwSxiazFmtXQkB05V8gtnjrfRfavTgtBFpidtwr88zyLLk0d83ml8kEM%2BK1PjRwmJUN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 818988684b5a5d61-FRA

GET
H2

200

ztpv.php
www.conrad.de/ Frame D84E
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1697723874_804af360-6e87-11ee-8ffc-223056a867d8&insert=AW&&gdpr=0&gdpr_consent=

0
495 B

104ms
31ms

Image
text/html

2606:4700::6810:c0cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1697723874_804af360-6e87-11ee-8ffc-223056a867d8&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C166402&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=728&d=90&e=&g=3730de41298fdc7532fbc06e63ac78d4%2F9654924245587981902&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874505&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hchw1xnea3m1yf9nw0dfnb6c3yxsqng8yyf2rr5tgpnwdavsr7701y83jd0fmg27xy40jrx3t32arrrha9swd082n9hz42qexkpvaj7f1nm1h4evgpamjqcxq3j1s32j9sys5nrs892jr27x2tc299anmy1m3hn07vy0xfz4r5602ka4hhwtf5wmheya6mq1snwmpz0wq1sxd1t42s49a35r1419pbxsvv4jgkspgh6br76fwn0y139m7yx2ebtvvm9x7v2v98ttr5g4qm0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCervQ4TUxZeP-C5KtgAef8oqYAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSfAk_QtDcXXYXq9tSUwNzicKybzqVPFFyawhLSf3D7yCnujraNTmP21XQVj9zIB4lOWKpOjBAsqj0D9xZ2Rp7zLUcFf7vtCybrj-aFrVIgxpNxKBaMYIwAMBgcdvwUtMvdtAms4s6ZyVXEUyLCQudXOAgKYT-HS9isX8upVnChnBaVWZ7l9DXJLck3CpAsHBGK07Uxl-ncXcp0QDe7BDVLDZPIONYvwlLqCduG12ZtSPvHPQMenC-OkIRj_KndnBrSr62jQ4P1cP32OHDt6nh8KrZ8sEVWjhEzgzLv3pgNFXRSd37lGAt49u6ohzc6vHanowEOV1Ga6drOPbhL_R9-aNdSItQJz0o4pOoESV_CN9KQv9E4i2VD2PuavCIkdY_h4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0kY9i0i6fVBwFjGSNS9-z3JMlUGg%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 81898869bf1c1ac7-FRA
content-length: 0
expires: -1

Redirect headers

Date: Thu, 19 Oct 2023 13:57:54 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1697723874_804af360-6e87-11ee-8ffc-223056a867d8&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame D84E 53 KB
54 KB 34ms
21ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C166402&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=728&d=90&e=&g=3730de41298fdc7532fbc06e63ac78d4%2F9654924245587981902&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874505&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hchw1xnea3m1yf9nw0dfnb6c3yxsqng8yyf2rr5tgpnwdavsr7701y83jd0fmg27xy40jrx3t32arrrha9swd082n9hz42qexkpvaj7f1nm1h4evgpamjqcxq3j1s32j9sys5nrs892jr27x2tc299anmy1m3hn07vy0xfz4r5602ka4hhwtf5wmheya6mq1snwmpz0wq1sxd1t42s49a35r1419pbxsvv4jgkspgh6br76fwn0y139m7yx2ebtvvm9x7v2v98ttr5g4qm0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCervQ4TUxZeP-C5KtgAef8oqYAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSfAk_QtDcXXYXq9tSUwNzicKybzqVPFFyawhLSf3D7yCnujraNTmP21XQVj9zIB4lOWKpOjBAsqj0D9xZ2Rp7zLUcFf7vtCybrj-aFrVIgxpNxKBaMYIwAMBgcdvwUtMvdtAms4s6ZyVXEUyLCQudXOAgKYT-HS9isX8upVnChnBaVWZ7l9DXJLck3CpAsHBGK07Uxl-ncXcp0QDe7BDVLDZPIONYvwlLqCduG12ZtSPvHPQMenC-OkIRj_KndnBrSr62jQ4P1cP32OHDt6nh8KrZ8sEVWjhEzgzLv3pgNFXRSd37lGAt49u6ohzc6vHanowEOV1Ga6drOPbhL_R9-aNdSItQJz0o4pOoESV_CN9KQv9E4i2VD2PuavCIkdY_h4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0kY9i0i6fVBwFjGSNS9-z3JMlUGg%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67344
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400
content-length: 54554
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 15:36:53 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKxgE4g%2F7V9BsgsSwAmG%2BVc81BMJOdMVMyJSuI1bQ2dDPTJjNSAKK2kYknM2XPXnIwRodbdEoT3OyXSLdiongK9qNF5a6ZkGkKEOcs%2FRLiP7ZkUhyWL0gxKJPeeKUhlk%2B03UF%2BFnHDfriFaT"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 818988684b565d61-FRA

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame D84E 121 KB
122 KB 44ms
32ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C166402&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=728&d=90&e=&g=3730de41298fdc7532fbc06e63ac78d4%2F9654924245587981902&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874505&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hchw1xnea3m1yf9nw0dfnb6c3yxsqng8yyf2rr5tgpnwdavsr7701y83jd0fmg27xy40jrx3t32arrrha9swd082n9hz42qexkpvaj7f1nm1h4evgpamjqcxq3j1s32j9sys5nrs892jr27x2tc299anmy1m3hn07vy0xfz4r5602ka4hhwtf5wmheya6mq1snwmpz0wq1sxd1t42s49a35r1419pbxsvv4jgkspgh6br76fwn0y139m7yx2ebtvvm9x7v2v98ttr5g4qm0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCervQ4TUxZeP-C5KtgAef8oqYAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSfAk_QtDcXXYXq9tSUwNzicKybzqVPFFyawhLSf3D7yCnujraNTmP21XQVj9zIB4lOWKpOjBAsqj0D9xZ2Rp7zLUcFf7vtCybrj-aFrVIgxpNxKBaMYIwAMBgcdvwUtMvdtAms4s6ZyVXEUyLCQudXOAgKYT-HS9isX8upVnChnBaVWZ7l9DXJLck3CpAsHBGK07Uxl-ncXcp0QDe7BDVLDZPIONYvwlLqCduG12ZtSPvHPQMenC-OkIRj_KndnBrSr62jQ4P1cP32OHDt6nh8KrZ8sEVWjhEzgzLv3pgNFXRSd37lGAt49u6ohzc6vHanowEOV1Ga6drOPbhL_R9-aNdSItQJz0o4pOoESV_CN9KQv9E4i2VD2PuavCIkdY_h4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0kY9i0i6fVBwFjGSNS9-z3JMlUGg%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b3b8d497a37a08513b7a3069ca43ad12755983eda42c4bc34364c74337f6287

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 545434
cf-polished: origSize=132437
alt-svc: h3=":443"; ma=86400
content-length: 124245
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 17:19:17 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ASjU4R7oI9Vedk4EhI7i30M9B%2BrLjDggbjWTqMPKOhNGugI5Oqxd6rebqPC9p346PQHSRb0lKeiKFOaJeVFwM8Ra5EMYj54tdrCsAaFGMc%2BzJSSUcOAbvLThDCdYfmzrmyswL2Vx4%2FVnKu4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 818988684b5b5d61-FRA

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame D84E
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKiP6qOigoIDFbyQ_QcdtIIJrg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023101915575489828977661X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...

49 B
1 KB

96ms
30ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023101915575489828977661X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023101915575489828977661X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C166402&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=728&d=90&e=&g=3730de41298fdc7532fbc06e63ac78d4%2F9654924245587981902&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874505&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hchw1xnea3m1yf9nw0dfnb6c3yxsqng8yyf2rr5tgpnwdavsr7701y83jd0fmg27xy40jrx3t32arrrha9swd082n9hz42qexkpvaj7f1nm1h4evgpamjqcxq3j1s32j9sys5nrs892jr27x2tc299anmy1m3hn07vy0xfz4r5602ka4hhwtf5wmheya6mq1snwmpz0wq1sxd1t42s49a35r1419pbxsvv4jgkspgh6br76fwn0y139m7yx2ebtvvm9x7v2v98ttr5g4qm0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCervQ4TUxZeP-C5KtgAef8oqYAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSfAk_QtDcXXYXq9tSUwNzicKybzqVPFFyawhLSf3D7yCnujraNTmP21XQVj9zIB4lOWKpOjBAsqj0D9xZ2Rp7zLUcFf7vtCybrj-aFrVIgxpNxKBaMYIwAMBgcdvwUtMvdtAms4s6ZyVXEUyLCQudXOAgKYT-HS9isX8upVnChnBaVWZ7l9DXJLck3CpAsHBGK07Uxl-ncXcp0QDe7BDVLDZPIONYvwlLqCduG12ZtSPvHPQMenC-OkIRj_KndnBrSr62jQ4P1cP32OHDt6nh8KrZ8sEVWjhEzgzLv3pgNFXRSd37lGAt49u6ohzc6vHanowEOV1Ga6drOPbhL_R9-aNdSItQJz0o4pOoESV_CN9KQv9E4i2VD2PuavCIkdY_h4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0kY9i0i6fVBwFjGSNS9-z3JMlUGg%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 13:57:55 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023101915575489828977661X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023101915575489828977661X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date: Thu, 19 Oct 2023 13:57:54 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame D84E 9 KB
9 KB 34ms
22ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C166402&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=728&d=90&e=&g=3730de41298fdc7532fbc06e63ac78d4%2F9654924245587981902&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874505&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hchw1xnea3m1yf9nw0dfnb6c3yxsqng8yyf2rr5tgpnwdavsr7701y83jd0fmg27xy40jrx3t32arrrha9swd082n9hz42qexkpvaj7f1nm1h4evgpamjqcxq3j1s32j9sys5nrs892jr27x2tc299anmy1m3hn07vy0xfz4r5602ka4hhwtf5wmheya6mq1snwmpz0wq1sxd1t42s49a35r1419pbxsvv4jgkspgh6br76fwn0y139m7yx2ebtvvm9x7v2v98ttr5g4qm0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCervQ4TUxZeP-C5KtgAef8oqYAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSfAk_QtDcXXYXq9tSUwNzicKybzqVPFFyawhLSf3D7yCnujraNTmP21XQVj9zIB4lOWKpOjBAsqj0D9xZ2Rp7zLUcFf7vtCybrj-aFrVIgxpNxKBaMYIwAMBgcdvwUtMvdtAms4s6ZyVXEUyLCQudXOAgKYT-HS9isX8upVnChnBaVWZ7l9DXJLck3CpAsHBGK07Uxl-ncXcp0QDe7BDVLDZPIONYvwlLqCduG12ZtSPvHPQMenC-OkIRj_KndnBrSr62jQ4P1cP32OHDt6nh8KrZ8sEVWjhEzgzLv3pgNFXRSd37lGAt49u6ohzc6vHanowEOV1Ga6drOPbhL_R9-aNdSItQJz0o4pOoESV_CN9KQv9E4i2VD2PuavCIkdY_h4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0kY9i0i6fVBwFjGSNS9-z3JMlUGg%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72322
cf-polished: origFmt=png, origSize=24833
alt-svc: h3=":443"; ma=86400
content-length: 9258
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 15:37:50 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dqhyHJkNOfAUA93J%2FHIg19ef59Sj%2BOV53tsf5k6TPNO6N2%2F8DUhKn%2B4xVxr0zcIxOWw%2BeDtGua%2BZveXysKu0aS9232h1aAOHy1fAAWpwrpXMZ%2FStHqjwk53jQaYbQ%2BMAiQ2oQaVtXPiWQ7tf"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 818988684b545d61-FRA

GET
H2 200 BD296E86E998D91867132DA66ADF2A85F2CAF435EEB1621B3B7969B9EEA301A7B7C778E98190EE655C15B3F6F0886739D1832F3029FA7C86F597F5CA85554689
assets.ad4m.at/ Frame D84E 97 KB
97 KB 43ms
32ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/BD296E86E998D91867132DA66ADF2A85F2CAF435EEB1621B3B7969B9EEA301A7B7C778E98190EE655C15B3F6F0886739D1832F3029FA7C86F597F5CA85554689
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C166402&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=728&d=90&e=&g=3730de41298fdc7532fbc06e63ac78d4%2F9654924245587981902&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874505&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hchw1xnea3m1yf9nw0dfnb6c3yxsqng8yyf2rr5tgpnwdavsr7701y83jd0fmg27xy40jrx3t32arrrha9swd082n9hz42qexkpvaj7f1nm1h4evgpamjqcxq3j1s32j9sys5nrs892jr27x2tc299anmy1m3hn07vy0xfz4r5602ka4hhwtf5wmheya6mq1snwmpz0wq1sxd1t42s49a35r1419pbxsvv4jgkspgh6br76fwn0y139m7yx2ebtvvm9x7v2v98ttr5g4qm0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCervQ4TUxZeP-C5KtgAef8oqYAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSfAk_QtDcXXYXq9tSUwNzicKybzqVPFFyawhLSf3D7yCnujraNTmP21XQVj9zIB4lOWKpOjBAsqj0D9xZ2Rp7zLUcFf7vtCybrj-aFrVIgxpNxKBaMYIwAMBgcdvwUtMvdtAms4s6ZyVXEUyLCQudXOAgKYT-HS9isX8upVnChnBaVWZ7l9DXJLck3CpAsHBGK07Uxl-ncXcp0QDe7BDVLDZPIONYvwlLqCduG12ZtSPvHPQMenC-OkIRj_KndnBrSr62jQ4P1cP32OHDt6nh8KrZ8sEVWjhEzgzLv3pgNFXRSd37lGAt49u6ohzc6vHanowEOV1Ga6drOPbhL_R9-aNdSItQJz0o4pOoESV_CN9KQv9E4i2VD2PuavCIkdY_h4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0kY9i0i6fVBwFjGSNS9-z3JMlUGg%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b27d3253f5f1cc45f8d09c13323b6d70e9a75f50419bf0d3eb7d5413828d037

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 545434
cf-polished: origSize=123474
alt-svc: h3=":443"; ma=86400
content-length: 98846
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 14:47:35 GMT
server: cloudflare
etag: "b2c66965c0cae09bbfaa712aade417a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgMRzNIXfN71miGGD0iEE5jPO2I7UX%2BZHRwL4wRb8NYX5L5u%2BrLmpuakafjez3naGrd9UDL197BAZ5mpyc6nMWxA5qhwE4b2u8DdsCoKryHMcK4NLTU9dnpv1W6qzC0EyBCElGuZ0NSOZ%2Ftj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 818988684b5c5d61-FRA

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame D84E
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CMqS6qOigoIDFarVEQgdJDoFpA;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=viewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=viewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023101915575489828977655X117663V1225131106MSviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Net...

49 B
1 KB

87ms
22ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023101915575489828977655X117663V1225131106MSviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C23576%2C166402&b=9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2Cj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9&f=1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CxDwUQfgPSEAbVhPHdHztDCRRBUJT6T8ZsA&c=728&d=90&e=&g=3730de41298fdc7532fbc06e63ac78d4%2F9654924245587981902&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874505&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hchw1xnea3m1yf9nw0dfnb6c3yxsqng8yyf2rr5tgpnwdavsr7701y83jd0fmg27xy40jrx3t32arrrha9swd082n9hz42qexkpvaj7f1nm1h4evgpamjqcxq3j1s32j9sys5nrs892jr27x2tc299anmy1m3hn07vy0xfz4r5602ka4hhwtf5wmheya6mq1snwmpz0wq1sxd1t42s49a35r1419pbxsvv4jgkspgh6br76fwn0y139m7yx2ebtvvm9x7v2v98ttr5g4qm0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCervQ4TUxZeP-C5KtgAef8oqYAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSfAk_QtDcXXYXq9tSUwNzicKybzqVPFFyawhLSf3D7yCnujraNTmP21XQVj9zIB4lOWKpOjBAsqj0D9xZ2Rp7zLUcFf7vtCybrj-aFrVIgxpNxKBaMYIwAMBgcdvwUtMvdtAms4s6ZyVXEUyLCQudXOAgKYT-HS9isX8upVnChnBaVWZ7l9DXJLck3CpAsHBGK07Uxl-ncXcp0QDe7BDVLDZPIONYvwlLqCduG12ZtSPvHPQMenC-OkIRj_KndnBrSr62jQ4P1cP32OHDt6nh8KrZ8sEVWjhEzgzLv3pgNFXRSd37lGAt49u6ohzc6vHanowEOV1Ga6drOPbhL_R9-aNdSItQJz0o4pOoESV_CN9KQv9E4i2VD2PuavCIkdY_h4AQBgAaCho6y_LDZlvoBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0kY9i0i6fVBwFjGSNS9-z3JMlUGg%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 19 Oct 2023 13:57:55 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023101915575489828977655X117663V1225131106MSviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
date: Thu, 19 Oct 2023 13:57:54 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B607 13 KB
5 KB 38ms
35ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uat.newsroompost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:38:23 GMT
expires: Fri, 18 Oct 2024 13:38:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7060 829 B
559 B 47ms
45ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d5564b11d82d1f8993f3ac1e5ee2859b197e6db15e7312ad025bf05adbaaa9b6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uwuYknniY0pIuCdKaQzrHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat.newsroompost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-uwuYknniY0pIuCdKaQzrHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:57:54 GMT
expires: Thu, 19 Oct 2023 13:57:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 33EC 0
10 B 37ms
36ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AvaNeA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 7D0A 13 KB
5 KB 44ms
43ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=661b0be211baecb7b9a5c19963b8a8b5%2F6921377979479094863&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874589&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2tszwhdem291yjpmpe6k0dnx31v9rs6bxf68w7meyeyt0ej0tqkkcx3pjt7tkkq94a9g91pyac8m739kenr04mrdw2r3rm2jg5q240stg1kfdrfyc8s086jy7rqrmwhd0py47ky127gwww2eq8tnq43aj12cwcmadwng2nmz6hdrx1jp2qnzrsw6ykyv8rh40kqr5htjdqqdhszettqy081sz8x3rps58v8h237qmmp6exn5yr205k1d01zw8y9zhhgjz8qw8gpkbzt8f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

befebfcbc0078ad839cd7b6622d7f68aafa56b9e94556b247378de8f9bdbbad8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1k3aaxeg6dc7rje1pycvsja3yypxyvwes5dvngxr9tzw7qtw196a6kf581mmta80njgzas99a7nmgrb3q4sj3fqtethy75ckt6amw15886k1092bt56412twh48bhwm32zmvgzb2by8bmnwd9z2a094s4k4mttk289ckmdy82c2rt0vgpcxa3zrna338xybfxzvns5n9pw4bgcyrh5vqf621vm5fbe5592hqfd89ndqng7vfhn24231fktx51p8s74b87894yhf1exszaa0v5de2tf69hw67qgp58zjxnqf76z5phwew3kjt5x47wm2x20j79xfwnt7b6jzrqevmeyca54fa59c90rzs6aw5vyeqyzwewby9xvs138dm06wy5y7913gwa9gyz3q5prphmhpm02rwng9xfkc5yp3czj39wpzy7w7rr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%26client%3Dca-pub-1781853254296294%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81898868982b65d4-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:57:54 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 83E2 13 KB
5 KB 43ms
37ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://uat.newsroompost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:38:23 GMT
expires: Fri, 18 Oct 2024 13:38:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BD99 829 B
562 B 48ms
46ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3800ceb92e75a25fdbb98ed21a760f6a078c7849ac3e3589b73fbe63236c0e45

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KEIJvBRQkUDn5O5aCqGxVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://uat.newsroompost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-KEIJvBRQkUDn5O5aCqGxVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 13:57:54 GMT
expires: Thu, 19 Oct 2023 13:57:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 7D0A 115 KB
14 KB 44ms
43ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=661b0be211baecb7b9a5c19963b8a8b5%2F6921377979479094863&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874589&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2tszwhdem291yjpmpe6k0dnx31v9rs6bxf68w7meyeyt0ej0tqkkcx3pjt7tkkq94a9g91pyac8m739kenr04mrdw2r3rm2jg5q240stg1kfdrfyc8s086jy7rqrmwhd0py47ky127gwww2eq8tnq43aj12cwcmadwng2nmz6hdrx1jp2qnzrsw6ykyv8rh40kqr5htjdqqdhszettqy081sz8x3rps58v8h237qmmp6exn5yr205k1d01zw8y9zhhgjz8qw8gpkbzt8f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=661b0be211baecb7b9a5c19963b8a8b5%2F6921377979479094863&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874589&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2tszwhdem291yjpmpe6k0dnx31v9rs6bxf68w7meyeyt0ej0tqkkcx3pjt7tkkq94a9g91pyac8m739kenr04mrdw2r3rm2jg5q240stg1kfdrfyc8s086jy7rqrmwhd0py47ky127gwww2eq8tnq43aj12cwcmadwng2nmz6hdrx1jp2qnzrsw6ykyv8rh40kqr5htjdqqdhszettqy081sz8x3rps58v8h237qmmp6exn5yr205k1d01zw8y9zhhgjz8qw8gpkbzt8f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 545436
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRigPGE8M0oa%2FRD2J5VwJiS36LgTgW%2FG8TQplh5SJcnhSs%2BGt6kJLudrRUy12DHNV5LHpe7uRH54sfqeMcPdrq8fqeSeLzwAxGWIC9WfHurQ8bVZxkCfBMBhUtmQy%2BhNZxmp5haX2oI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 8189886918cc65d4-FRA
expires: Thu, 19 Oct 2023 14:57:54 GMT

GET
H3 200 63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
assets.ad4m.at/logo/ Frame 7D0A 8 KB
8 KB 45ms
44ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=661b0be211baecb7b9a5c19963b8a8b5%2F6921377979479094863&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874589&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2tszwhdem291yjpmpe6k0dnx31v9rs6bxf68w7meyeyt0ej0tqkkcx3pjt7tkkq94a9g91pyac8m739kenr04mrdw2r3rm2jg5q240stg1kfdrfyc8s086jy7rqrmwhd0py47ky127gwww2eq8tnq43aj12cwcmadwng2nmz6hdrx1jp2qnzrsw6ykyv8rh40kqr5htjdqqdhszettqy081sz8x3rps58v8h237qmmp6exn5yr205k1d01zw8y9zhhgjz8qw8gpkbzt8f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67446
cf-polished: origFmt=png, origSize=12956
alt-svc: h3=":443"; ma=86400
content-length: 7692
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 15:47:47 GMT
server: cloudflare
etag: "c6c297b07f296b60586b8613b6e9b5cd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwGU%2Bh5QPIbPlZ9uHfRsqtOTD%2FmqXCwxsN%2BbH8zNNkRKCQ%2FpNK6fx23eZnCuVRur%2F7y%2Ft9Rbd7BqkXH9G56z6aMWkSlWeC6xCkBGwCTs6K3QVjcY8XgBilmsmySKy88CYHAfH5hICfg%2BnfGI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8189886918ce65d4-FRA

GET
H3 200 A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
assets.ad4m.at/product_image/ Frame 7D0A 173 KB
174 KB 28ms
28ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=661b0be211baecb7b9a5c19963b8a8b5%2F6921377979479094863&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874589&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2tszwhdem291yjpmpe6k0dnx31v9rs6bxf68w7meyeyt0ej0tqkkcx3pjt7tkkq94a9g91pyac8m739kenr04mrdw2r3rm2jg5q240stg1kfdrfyc8s086jy7rqrmwhd0py47ky127gwww2eq8tnq43aj12cwcmadwng2nmz6hdrx1jp2qnzrsw6ykyv8rh40kqr5htjdqqdhszettqy081sz8x3rps58v8h237qmmp6exn5yr205k1d01zw8y9zhhgjz8qw8gpkbzt8f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afa87a08f3b85e7008e6c3b6e5303b729731867e2a9791874672ec419ab04060

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72606
cf-polished: origFmt=png, origSize=200124
alt-svc: h3=":443"; ma=86400
content-length: 177422
cf-bgj: imgq:100,h2pri
last-modified: Mon, 16 Oct 2023 08:45:07 GMT
server: cloudflare
etag: "98f42590c0963c6bfe055b7da3e47f1d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMYacVqcC%2BYZkurt2pD3e%2B2kfa86H%2BzBaBjvK%2BHvbZncPpKClBLd1JqyMKvoyRDm%2Bi%2BS8cq6Af2jswNlcvBK6%2Foj%2F%2BE6GfhaFp5Nz5yk5IFra%2FUU48bNwNRn%2BaD1Kaqd21CpNCJVGGbthEyx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8189886918cf65d4-FRA

GET
H3 200 63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
assets.ad4m.at/logo/ Frame 7D0A 6 KB
7 KB 76ms
74ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=661b0be211baecb7b9a5c19963b8a8b5%2F6921377979479094863&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874589&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2tszwhdem291yjpmpe6k0dnx31v9rs6bxf68w7meyeyt0ej0tqkkcx3pjt7tkkq94a9g91pyac8m739kenr04mrdw2r3rm2jg5q240stg1kfdrfyc8s086jy7rqrmwhd0py47ky127gwww2eq8tnq43aj12cwcmadwng2nmz6hdrx1jp2qnzrsw6ykyv8rh40kqr5htjdqqdhszettqy081sz8x3rps58v8h237qmmp6exn5yr205k1d01zw8y9zhhgjz8qw8gpkbzt8f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76692
cf-polished: origFmt=png, origSize=15890
alt-svc: h3=":443"; ma=86400
content-length: 6208
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 15:47:47 GMT
server: cloudflare
etag: "be722651a81e6407bdfd83394a59e232"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GpvPFQ%2BVzL%2BoWoSeGZrKaAGLXeXyXHlHqUP2uATsVV2is41d9XlhRcK5gp1MPKrZ0C0AzJfc%2BalwCfPSnaU1vB7%2Fie66gNUiU0DpmMqMK1CS3hYzK7uwOpc1nmwjo02H2jOwz5tXW%2FN6klOR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8189886938ed65d4-FRA

GET
H3 200 1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
assets.ad4m.at/product_image/ Frame 7D0A 23 KB
24 KB 76ms
75ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=661b0be211baecb7b9a5c19963b8a8b5%2F6921377979479094863&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874589&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2tszwhdem291yjpmpe6k0dnx31v9rs6bxf68w7meyeyt0ej0tqkkcx3pjt7tkkq94a9g91pyac8m739kenr04mrdw2r3rm2jg5q240stg1kfdrfyc8s086jy7rqrmwhd0py47ky127gwww2eq8tnq43aj12cwcmadwng2nmz6hdrx1jp2qnzrsw6ykyv8rh40kqr5htjdqqdhszettqy081sz8x3rps58v8h237qmmp6exn5yr205k1d01zw8y9zhhgjz8qw8gpkbzt8f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa0d188cc9b96562f21569f0405229c03c06bd4660f18865af4ccb71c8b8f3ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 545435
cf-polished: origSize=25987
alt-svc: h3=":443"; ma=86400
content-length: 23588
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 15:50:08 GMT
server: cloudflare
etag: "d40ef49dd0a29ca0e7601d1b405d4d78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ey0PDzDkaNTv8makO4Mz5WyxAiuWVf9Y2TAPc5ukLwjk%2BmBBsUCemy%2BY3WRoAa5jaEvKUYapyZ3Rq1LDeyFZrsl0AgAl1zWovA1HNg%2BE6r5ZopgHWC8e%2F5vXvzJxcC6GXNxN%2FIuk3qGakhpt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8189886938ee65d4-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 7D0A 43 B
702 B 77ms
76ms Image
image/gif 104.77.35.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2629118&v=19228&q=388274&r=412871&pv=1&pref3=oneid2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcgoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=661b0be211baecb7b9a5c19963b8a8b5%2F6921377979479094863&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874589&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2tszwhdem291yjpmpe6k0dnx31v9rs6bxf68w7meyeyt0ej0tqkkcx3pjt7tkkq94a9g91pyac8m739kenr04mrdw2r3rm2jg5q240stg1kfdrfyc8s086jy7rqrmwhd0py47ky127gwww2eq8tnq43aj12cwcmadwng2nmz6hdrx1jp2qnzrsw6ykyv8rh40kqr5htjdqqdhszettqy081sz8x3rps58v8h237qmmp6exn5yr205k1d01zw8y9zhhgjz8qw8gpkbzt8f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.77.35.11 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-35-11.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Oct 2023 13:57:54 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
assets.ad4m.at/logo/ Frame 7D0A 10 KB
10 KB 79ms
77ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=661b0be211baecb7b9a5c19963b8a8b5%2F6921377979479094863&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874589&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2tszwhdem291yjpmpe6k0dnx31v9rs6bxf68w7meyeyt0ej0tqkkcx3pjt7tkkq94a9g91pyac8m739kenr04mrdw2r3rm2jg5q240stg1kfdrfyc8s086jy7rqrmwhd0py47ky127gwww2eq8tnq43aj12cwcmadwng2nmz6hdrx1jp2qnzrsw6ykyv8rh40kqr5htjdqqdhszettqy081sz8x3rps58v8h237qmmp6exn5yr205k1d01zw8y9zhhgjz8qw8gpkbzt8f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 75320
cf-polished: origFmt=png, origSize=16618
alt-svc: h3=":443"; ma=86400
content-length: 9924
cf-bgj: imgq:100,h2pri
last-modified: Thu, 12 Oct 2023 15:48:46 GMT
server: cloudflare
etag: "4cd9dc474d501ed5668738ba6819e1e6"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=loLHSqNDCUGGbI%2Fi90ACJZsqFbwztrUZS2pddASTAveiAK1RKhwZ1ol4LAvJ%2Fa7sMYxL5Dnt%2BO5Q85cKrqpsqdMDCqZx1TaHTu3KYf97w5sW%2BGiy478cNAgBG03avnRWxYeax%2FpDP9HoZILB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8189886938f065d4-FRA

GET
H3 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 7D0A 207 KB
207 KB 79ms
78ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=661b0be211baecb7b9a5c19963b8a8b5%2F6921377979479094863&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874589&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2tszwhdem291yjpmpe6k0dnx31v9rs6bxf68w7meyeyt0ej0tqkkcx3pjt7tkkq94a9g91pyac8m739kenr04mrdw2r3rm2jg5q240stg1kfdrfyc8s086jy7rqrmwhd0py47ky127gwww2eq8tnq43aj12cwcmadwng2nmz6hdrx1jp2qnzrsw6ykyv8rh40kqr5htjdqqdhszettqy081sz8x3rps58v8h237qmmp6exn5yr205k1d01zw8y9zhhgjz8qw8gpkbzt8f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 649e0080985fd53ee3d2004d116112c2e9471a68d6d8f4d62370c91805dd08bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74600
cf-polished: origFmt=png, origSize=242760
alt-svc: h3=":443"; ma=86400
content-length: 211676
cf-bgj: imgq:100,h2pri
last-modified: Wed, 18 Oct 2023 06:31:01 GMT
server: cloudflare
etag: "65eebfd45cf7f371af4cf83a223da22a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiqzlJjAqTO2w5UGk%2B7n%2B4Gc4PVDofNc8xz2fEtgkQHvrTXZFL8rLybiuYfV%2BnIitZzNDrV0gjjGswKwZm4HkbGyL5tb9Lmns9R5YGCmMYjkNfRvmXWgOYmn6OiqP9Vvl3K3aljfQTxmM9Th"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8189886938f165d4-FRA

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7060 0
0 139ms
139ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310160101&jk=2399776790690184&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame B607 37 KB
14 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 10:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Oct 2024 10:02:44 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 67C9 42 B
64 B 145ms
145ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv2u3bhxXG-cP7FtvOJ-0Ah-mK14woaGFV9k2J8waJj40SGC76JmBo1WUgha8T1W20yhrdLMMEJpaQDokS3jh4LPLGSMid8oDL41J2t&sig=Cg0ArKJSzOZmXGcaC7s1EAE&id=lidar2&mcvt=1005&p=844,650,1144,950&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3103229117&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697723873371&rpt=384&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 7D0A 2 KB
2 KB 150ms
80ms Script
text/html 3.9.163.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h0yn29d4jp9q1t662n6xp92g70j0y8b1tjt39mrhxng9xgk26apav4t476fzc033qjb7mr7e6mhg6772y0pxv5zgs7tnwrnf5c8s1t571bndbj2ejcyvzs8s5q4sxv15pmbqders772474ehts3h5nrjs92yfryhcdp588hey52aq50fmh0p7mj0mncntw5n71gfbrfe7sb5z7acsa3pkzz59wb15g0ann5k93rywbe07qwhee806561ampt00t079g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g2tszwhdem291yjpmpe6k0dnx31v9rs6bxf68w7meyeyt0ej0tqkkcx3pjt7tkkq94a9g91pyac8m739kenr04mrdw2r3rm2jg5q240stg1kfdrfyc8s086jy7rqrmwhd0py47ky127gwww2eq8tnq43aj12cwcmadwng2nmz6hdrx1jp2qnzrsw6ykyv8rh40kqr5htjdqqdhszettqy081sz8x3rps58v8h237qmmp6exn5yr205k1d01zw8y9zhhgjz8qw8gpkbzt8f0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%252526client%25253Dca-pub-1781853254296294%252526adurl%25253D&clickref=oneidApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9oneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7oneid__suite_Netmix_Reach13_BlackFridayPush
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=661b0be211baecb7b9a5c19963b8a8b5%2F6921377979479094863&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874589&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2tszwhdem291yjpmpe6k0dnx31v9rs6bxf68w7meyeyt0ej0tqkkcx3pjt7tkkq94a9g91pyac8m739kenr04mrdw2r3rm2jg5q240stg1kfdrfyc8s086jy7rqrmwhd0py47ky127gwww2eq8tnq43aj12cwcmadwng2nmz6hdrx1jp2qnzrsw6ykyv8rh40kqr5htjdqqdhszettqy081sz8x3rps58v8h237qmmp6exn5yr205k1d01zw8y9zhhgjz8qw8gpkbzt8f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.163.207 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-163-207.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 9a7b8a6d74295927c674e75497b4fc58f8c20096fa7b4cb1487f1c20210001e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
last-modified: Thu, 19 Oct 2023 13:57:54 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 19 Oct 2023 13:58:54 GMT

GET
H2 429 link.html
track.webgains.com/ Frame 7D0A 0
0 85ms
30ms Script
text/html 3.9.163.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&js=1&nw=1&viewref=oneidj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=661b0be211baecb7b9a5c19963b8a8b5%2F6921377979479094863&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874589&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2tszwhdem291yjpmpe6k0dnx31v9rs6bxf68w7meyeyt0ej0tqkkcx3pjt7tkkq94a9g91pyac8m739kenr04mrdw2r3rm2jg5q240stg1kfdrfyc8s086jy7rqrmwhd0py47ky127gwww2eq8tnq43aj12cwcmadwng2nmz6hdrx1jp2qnzrsw6ykyv8rh40kqr5htjdqqdhszettqy081sz8x3rps58v8h237qmmp6exn5yr205k1d01zw8y9zhhgjz8qw8gpkbzt8f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.163.207 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-163-207.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BD99 0
0 149ms
139ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310160101&jk=3503056711083824&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame 83E2 37 KB
14 KB 51ms
42ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 10:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 18 Oct 2024 10:02:44 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 7D0A 53 KB
19 KB 78ms
8ms Script
application/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h0yn29d4jp9q1t662n6xp92g70j0y8b1tjt39mrhxng9xgk26apav4t476fzc033qjb7mr7e6mhg6772y0pxv5zgs7tnwrnf5c8s1t571bndbj2ejcyvzs8s5q4sxv15pmbqders772474ehts3h5nrjs92yfryhcdp588hey52aq50fmh0p7mj0mncntw5n71gfbrfe7sb5z7acsa3pkzz59wb15g0ann5k93rywbe07qwhee806561ampt00t079g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g2tszwhdem291yjpmpe6k0dnx31v9rs6bxf68w7meyeyt0ej0tqkkcx3pjt7tkkq94a9g91pyac8m739kenr04mrdw2r3rm2jg5q240stg1kfdrfyc8s086jy7rqrmwhd0py47ky127gwww2eq8tnq43aj12cwcmadwng2nmz6hdrx1jp2qnzrsw6ykyv8rh40kqr5htjdqqdhszettqy081sz8x3rps58v8h237qmmp6exn5yr205k1d01zw8y9zhhgjz8qw8gpkbzt8f0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%252526client%25253Dca-pub-1781853254296294%252526adurl%25253D&clickref=oneidApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9oneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7oneid__suite_Netmix_Reach13_BlackFridayPush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bff213874ce3d0ba3e7b2d018294c6f0145891a59ad5b1d0bf3ef1b65efe3292

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:58:15 GMT
content-encoding: gzip
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
last-modified: Tue, 17 Oct 2023 08:55:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 14381
x-amz-server-side-encryption: AES256
etag: W/"6aec565d06e446dcf33391d1dafb8b7d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: rqjR-hO3cgdP09hW3VAcEDlfjMvb2PzFJOHk4s0tgmUlcchk0Fm2tg==

GET
H2 200 1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png
cdn.track.production.webgains.team/278155/ Frame 7D0A 2 KB
3 KB 75ms
8ms Image
image/png 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/278155/1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png?Expires=1697724174&Signature=i4cM4yT~NXHuH6FzYtsynRtN5B~8CWJ4pfO0yQ1DJQ9cYY8~Shnq7DELXv5~zXr8aD2dGJo11vc56R-YaxsmmUq5-lJCnta8aOlo5kHVnuoewdoRXBZetIlUxm8VOXNHrkxg44jRTL1jmDIz6HzMLlGElKbYaQRpRcISKckhfd19VmN1oGPiClYIv4OzAGbteiv6zdNs9VbbXhXGisMNXx0ITXeG9pYFafBZs01FEtI7vOBQUqGwB~TcuGdT91Y1cu-4mVPXf28~f8EHpvvZO6lw2yw9bILNSw8yBj62IewDMOctXcoXr2z~XYiH3CUh9e1ZoBc8sighnhaL5qpWjQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C64769%2C183975&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=661b0be211baecb7b9a5c19963b8a8b5%2F6921377979479094863&i=65803%2C27835%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1697723874589&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g2tszwhdem291yjpmpe6k0dnx31v9rs6bxf68w7meyeyt0ej0tqkkcx3pjt7tkkq94a9g91pyac8m739kenr04mrdw2r3rm2jg5q240stg1kfdrfyc8s086jy7rqrmwhd0py47ky127gwww2eq8tnq43aj12cwcmadwng2nmz6hdrx1jp2qnzrsw6ykyv8rh40kqr5htjdqqdhszettqy081sz8x3rps58v8h237qmmp6exn5yr205k1d01zw8y9zhhgjz8qw8gpkbzt8f0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCJjZg4TUxZbnkHpWVgQfzpZaYD5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE3ODE4NTMyNTQyOTYyOTTIAQmpApr7gVjisLE-4AIAqAMByAMCqgSsAk_QoqyrHoMwH9rm6v0UYo39hXByUgWtgyJ8Pssy6wI4jWQBGrQ2j8zOiY5dglvjSv4FnXuQ0sc85ung_9_XqQAhcn8OcgJ2M4dC0rKYKtpj7DqXg6Lxjoyx4o02TBdj6vqXifsiR3r2UXxZQB5HmMd0SwGw6xnGdCvVKRDdhbsiDSk6IrWJL9ndKgz_b7em5oR-_v60dfCZjD52DC6u2PzBgnWyD78_tf7KEKc7yHoH6GBk4ROLMe77JryLjHN1cKxLXrxzvx-rivaD-kpD6oOUhRItXaW6nSCGyeyQSENw8gIR14giP7-kKd1eF2rR23AnHR7TmIJp5tgHutqL_06dr_XxZJZ39ZUlBFJfIGBJ_snxC1bImfQw1DAFSomgNsiRIo34szL9pTuNLeAEAYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0_BBN3nJxfNUEWRRLN2cdbEuIehw%2526client%253Dca-pub-1781853254296294%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 19 Oct 2023 06:50:27 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:31:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 25648
etag: "90a67412ed0b25c3e4ca2ad17658d5e1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2545
x-amz-cf-id: W1y0dH_ERyoBPISan7nZDqTvh5_OoKowqGLgsPmSn6lwZnOuYfFL6Q==

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B607 0
10 B 35ms
35ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QjgXRg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 83E2 0
10 B 42ms
41ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?tB9XoA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 13:57:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 7D16 0
127 B 21ms
21ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 19 Oct 2023 13:57:54 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E56A 42 B
64 B 147ms
147ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvunm4PCd0HeC4x6Zn_AR-UEUKgJlDfrbbzE2Ufo3askNQNSdawb8_eeMf5W9MdKwUIODTUWSUS9D3jlI-SPO4FUGpTe6i3FEMZrBU81ZuCNorZUXuEEw&sig=Cg0ArKJSzDGQP1YfdX-qEAE&id=lidar2&mcvt=1004&p=15,600,105,1328&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=368073688&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697723873491&rpt=516&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F2EB 0
0 145ms
144ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310160101&jk=3394093679484277&bg=!fn2lfTLNAAbFpEfJ5aQ7ADQBe5WfOFXFISWSXlknuyCvHY3jBln19oTr7PdeSXprR5CZ9jWDzUHm7aePZXEIBeQnijYsAgAAAKZSAAAACWgBB5kDJFRDbU8c33xzf0lFd5cotZ7KZyUfruLNwUSmvv1A3Dw6rNFzhPnlz9qAK2M1Qgabg3ADbErzX9IxkgJsjOK8nZoaJVhuuXYsNkTU_GPPOVBFYuqV1ek864m_wVY29EtJwLs23UiCBOXiu2PnHx47gDHoWATCvEoOJ31boxql9GCv3t16KY6NHaYyHCu_ALDDVxtDc_V92udZgMIvqGtTpOhklGwjUBXxZKoNX_BoDJvfM1u1hhHaNuwuaAcRNA_-muMblpLdJmUiDQxhdP22Y5irurd8NjEIITZQbmcQmTTELxtzKYKHbB18WfYWqxLmNMP_h73Ah4Fo2sIfYIde1gztnQV4D8IEjWL1-X2c20bdtiVQkWIP00WQBn2uG11egamUAl-aLrsfkAZvBNp8VdrRxX0eoY2f4BOCNH-KFW3TyQFC-0NyTJ8SdwgjcT83V-3FAYP3ycsFZH4FIsE-Et-MjQqIbjqWh9ggP-yo2y2m7fqPOve32KVPO-iMA11FR7g88dl59IkbTkDpz6Sx7ly39SAFBT8hI0UApRUMZ6K1JGdkxt4zqfM4xHwe9XsuYZYrDR_cmhP03MaKdi4mwTAI48Ue8zCAbXoAEFkAVDXfNTsw4iX4UjVo3sqPpK2A7QhCv-vheYGb-IHGlBrTpxt0C3HumiPdp61ZdB5zrWxiHuN7g4rnJ1A5-v61_U9CBy6w_4wYZI4KtIEkV8147w0Icap181x3yGg6VWgT9XmmDhGKJWDiulr4F5VyjJSKKjIElKLYf3DfMn0AxnIokNj5c8Ud9HzlEyd_Z7GY2W4RJbh8G1AZgN7Ctpm6B4EM0DKamQfprRNA8Z9oFuod-85iS1aK12U8boIjvSX1_7dZCH7h9sEpbtZdqwJrWovpL8sl_m0BnXOXKZwp97reXtgJV13CzII0Fu2xXxi2YuI_VhrJm8kgxkQr4agPuVkDnOt2KsAVT2fHyik6NK50Usv472n8hdhv3RJlaVAGrHBb1L5yzW01n8I6TSuRCVx6kjhTKlmfNuaT6VCJUxSflkB1s5e3LwAKSp-vXmkPjWReAWItuQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B155 42 B
64 B 146ms
145ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkL9Y2tJ6VFjsGo2f_hLDM5IQXnlSPH5Ivtu1bCVLts2u-h6JlimfUIRt4QwJ-qlAoGjZHdAzAKocRqtP2cQMAAwviRARHgX9Iqh085WFlP3e6lpwEWc7V-XdXjL4EGncOsJGMx6owxA&sig=Cg0ArKJSzItWDM3ln2vGEAE&id=lidar2&mcvt=1000&p=15,600,105,1328&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231018&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1797372829&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697723872734&rpt=1732&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 29B5 0
0 145ms
145ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310160101&jk=2399776790690184&bg=!MzClMH_NAAbFpEfJ5aQ7ADQBe5WfOFmDe4g0qZm8NwXAwodEddWdEFDMzINlFkpzftQBkxYbtkae5ZGfNy4Xvy3yAdhJAgAAAMJSAAAACGgBB5kDFt1WT3bC47ggzMKO_Y8frZRvsw2y-Uoht0_URO3G9SdnCf5I8z-2YHhX_7mcPmBfTKOYzUt_fLRcWEMIMopjaTy-ywRV4tuy6qo0ntpsTD-LHPzY6uriJNMhK6f_y8mFpxKUYDW41KBGh9P1qNniOykLE1eafhtVodW_2YzsPRnOHK1mVpAYcou1QSMHCraBAVfANU5QvLJqqj8mCOoMdCzcRsdqPPNhTPaF8SJS9GoNZ3T7r929sekPZTdceSTHKy3y5N_fg9efk2ZIfv3tJzwmg-OC-caoJWnvO1ZOgoAhIgLPooZzQ0Ne0rV9oNOvdyMNTJNgs0WLqzRI9E5jm4NdrzEIsoXgxg8TkmT48B5qx-uYIuNhmyzlmzNWTfYLy_qO28vK7NEwcjJhnL-DUyAY6Soy1UwPw2YJX3kEyj7dXldYH6WloVH0U7Eg4MlYUtou7sezzV978vZlKZMfWYjryCqC9PQc7EmySeQVDg2uff4sDbWOFcR0-_ObQxDTOzYJ1cDEG2HSXeYzHzYqrJviq3XtgcI8sIqaBk-tj2xC6QI-DIUpUEsZ2ODqLp46j8IX84jaVfGEH92ruZRElzu5Pj7mwMsTu8MdoT0XycwwXRF9STnEBwKLLk9G81dhi7MCXRrzNtsnRv0ZMBxkegPw30otJSf4G2UQ60sILNU4tQUhTXQfmCJqMugDQwdS22cYCZJn7mNIzq-s8L9jSsPzvHbpNESER0n7o8JKqC1ynOyuviCmyeD6NPhpf8xTq2Wof-mc1kHT2At5HuJrUAjgdAP9fiVnkSiMkmcUMcYm9xlXqZGGzGib0DiNlUzHvyfOl311o3KzqmQrrkKfcfB-PRIkabzFtGfWRrGJ1BSH_fMtBzXL4l4YLCTgc6m2_D32kzjLPyrH55DAyic3yy3liqGSzAeXF3Fef_ilW8U64k88LRHedhlgwwD6r4ptjs-1Eh0sK1KUHM6f6sf4WSZY-tOKgJlLgRdw-JDcjd_B3BvoYdWY0eSltF3lRXCPhosY-ym2WrI8XIP6JgSqrydxMQJjUbs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B155 0
0 144ms
144ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310160101&jk=3503056711083824&bg=!pqWlperNAAbFpEfJ5aQ7ADQBe5WfODo7KOI_FukqElrii_ZPNds9MhQ1MOu18s7-yXBTOJJJGcVyVJkChVK6dUf68ds-AgAAAJhSAAAAB2gBBwoATPHGPShWL8shwk6ufFP3aVgv1xQ7Nx0hI4zGjuGsoB6s0NU2MenKT23FsW0CV0KicTUKWxMv2Ajp7UNs2LRaatlW-xjWfCYt28p-BniZAxnqTrU4t_4JIlYzRch_jXMZSY1O6iBaTToYWaajN9_C-BNC_VGEtoiw1QZS4hzOpghQXh_e8zUcg_2ZFvegfzUwxUn6Tf5UkcM9IYXi5EhtQeSaTKYgosVNYlIBjSPcG3Bv2XAp_4pfqjbpGlPn9pObS16bRMG4vXaY0hF9wmjOrmr9THSp5c-mkBeo57Q9ra9cyp1dBwx7-Mx1oeljmPLiFyMiTAWkb3FihnbW1BoLYrtKrJO2IJ_1E0_Qpbk1y6YAodRBlqlZY4rqQ-_2NfJsr8xqC6rpJjE08N9AmQsxOlUhUfomaZrpb_ytuhwEHbpE-DWHs_i1_-niCBgNYKM7oivQIg5veI4N-pRARQjDkk_OqJnFvI30zju0m1itdh1eSytPmERAfvGNVnBqPOTUYD-Ji9B1i9BB8UKWgjcC5O7COEKm4fHSkozVjekPKbVyMMbOUVPoM7G511LKZfVsEIhvhimtL481an4OLluAIJP5g5ixC9Btc1FeUpbhJWCGQQYBpG92Q013NCXAc_DATywttbeojFjNQkt7PrVeBdGfugkiEIW9Wxe451q1SCEmRuhg3VAkbAvkx168nFma4g6cbXgxKeha8B0copo9h1S7LYsyAjuNF-xOblAbDwQC6lBUtEHPTWGDDedk9FvI7mOLoVLtsmLmsopkXZuPTTVBRiH-nmq35MHkaiO2ADuDFF_nXt5274UZK6sUk2V3cI0rkXqJiRCRHXBRG_j5AMhmGh57irVuU25hjV-nYY2uFbkgqcQyZz9UlaQg94Fv--GBr1MRJ1Ja7UGBAN1q9TNTV_aFs8Gn9jNKKTbMfCj1dh0K5PWg3XaCvEkPX2xWHM8UWMleWf2TCFYSF_JJDSDKxCcP7p_7ZJ7nHT1yNMBH6x7hNHDobK7vbQgjAMG2sZ3w13OvlLXwmct8atY_CAljeRC5pwAZQwqxMI93f4nP8W5mAozGT5CS1DQIabohWLZz9W1C5dAo5oCVLwDUs2Kx9JUkox734my0g5rPRKdqqX51B9zqh1cdn_Hhf0ECeSU_edf-JKz2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uat.newsroompost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 7D0A 16 B
209 B 65ms
65ms Fetch
application/json 18.135.134.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.135.134.29 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-135-134-29.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 19 Oct 2023 13:57:56 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 244ms
21ms Preflight 18.135.134.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.134.29 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-134-29.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 19 Oct 2023 13:57:56 GMT
server: nginx

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 18ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MYBB1ZXH0R&gtm=45je3ai0&_p=1052426716&cid=1944785838.1697723872&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1697723871&sct=1&seg=0&dl=https%3A%2F%2Fuat.newsroompost.com%2F&dt=Latest%20News%2C%20Breaking%20news%20%7C%20NewsroomPost&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MYBB1ZXH0R
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://uat.newsroompost.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 19 Oct 2023 13:57:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uat.newsroompost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: uat.newsroompost.com
URL: https://uat.newsroompost.com/cdn-cgi/challenge-platform/h/b/jsd/r/81898849d9bb368a

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEG3wh6GMzpq0OgIItLYvX6M&google_cver=1&google_push=AXcoOmRRCoj3oyvcRPl3n3wJKnWxzFNAOiSEl25TvltPHIbXN4Sk_qb6U2hsMG_Skaqwg3Og13aPQk28Eisit-nJD3drPbhZFVO_

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOhvKu2q8ITkGYISNyEWL-4&google_cver=1&google_push=AXcoOmSGpGgIBMKUjVGKxE4JurTAZZpheH3N3P2H065ehEETzUEiBaa2N3DbS60jFQ9zMPxmCrMdM9Dlq4uiidhk3sbPKptH-9mnYW4

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.newsroompost.com/	1970-01-20 17:44:59	Name: _gcl_au Value: 1.1.1803553293.1697723872
.newsroompost.com/	1970-01-21 01:11:23	Name: _ga_F7MQXQTFXZ Value: GS1.1.1697723871.1.0.1697723871.0.0.0
.newsroompost.com/	1970-01-21 01:11:23	Name: _ga Value: GA1.2.1944785838.1697723872
.newsroompost.com/	1970-01-20 15:36:50	Name: _gid Value: GA1.2.810323756.1697723872
.newsroompost.com/	1970-01-20 15:35:23	Name: _gat_gtag_UA_45370355_1 Value: 1
.newsroompost.com/	1970-01-21 00:56:59	Name: __gads Value: ID=fc7f81e417cd37b2-22ad0f7cf6e200bf:T=1697723871:RT=1697723871:S=ALNI_MblJY-HHX_EwYVFdjRJKJrF72AgGw
.newsroompost.com/	1970-01-21 00:56:59	Name: __gpi Value: UID=00000c9c8f16de81:T=1697723871:RT=1697723871:S=ALNI_MbKsd8eXN3gDxGEyQYZMEbcZmtXFg
.doubleclick.net/	1970-01-21 00:56:59	Name: IDE Value: AHWqTUmnLakznPoxMtIe-iUkrttpTGC3jJ5dhLzK5WDCf76dO8Xk-lAfei87RYxL3_Q
.w55c.net/	1970-01-21 01:07:04	Name: wfivefivec Value: B0B99YAS1QTtx75
.w55c.net/	1970-01-20 16:18:35	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 16:20:02	Name: C Value: 1
.adform.net/	1970-01-20 17:01:47	Name: uid Value: 5668470945747876489
.turn.com/	1970-01-20 19:54:35	Name: uid Value: 2578530276155583858
.newsroompost.com/	1970-01-21 01:11:23	Name: _ga_MYBB1ZXH0R Value: GS1.1.1697723871.1.0.1697723873.0.0.0
.adfarm1.adition.com/	1970-01-20 17:44:59	Name: UserID1 Value: 7291668512196655262
.simpli.fi/	1970-01-21 00:22:26	Name: suid Value: 41ECC616BC50425BBD03D32167B38B95
.1rx.io/	1970-01-21 00:20:59	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0b42021a-07a9-47ee-8a12-b6e847dc8be9-003%22%7D
.de17a.com/	1970-01-21 00:13:47	Name: guid Value: 1.7580845935758839357
.targeting.unrulymedia.com/	1970-01-21 00:20:59	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0b42021a-07a9-47ee-8a12-b6e847dc8be9-003%22%7D
.ctnsnet.com/	1970-01-21 00:20:59	Name: cid_436a63feee2f4818ba2dee41170bfdb1 Value: 1
.ctnsnet.com/	1970-01-21 00:20:59	Name: gid_CAESEMjRp8xPVPT4WiOb8Bw04uo Value: 1
.travelaudience.com/	1970-01-21 01:07:04	Name: _tracker Value: %7B%22UUID%22%3A%2259EE1544-5CFE-40CD-36F9-5D25520E9181%22%7D
.hspvst.com/	1969-12-31 23:59:59	Name: VI2677 Value: %7B%22time%22%3A1697723873%2C%22utid%22%3A%229a9477252c0eea72ac9e468942ca957a%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.hspvst.com/	1969-12-31 23:59:59	Name: VIP2677 Value: 1
ads.travelaudience.com/	1970-01-21 01:07:04	Name: _tracker Value: %7B%22UUID%22%3A%2259EE1544-5CFE-40CD-36F9-5D25520E9181%22%7D
.blismedia.com/	1970-01-21 00:21:03	Name: b Value: 653135E2B2AC00871C6C44A2BLIS
.tribalfusion.com/	1970-01-20 17:44:59	Name: ANON_ID Value: aTnvQwNj6WlCyhURB5xU20vDhvgZbURCC5U0UAZa2ZaYauVJjAFOvXHfR2OqUTcQM5YCkAmwqZdcELWYacscPCiZcFSSSCf5VnxYZbFsRHReMIyHtkEL1g
.quantserve.com/	1970-01-20 17:44:59	Name: d Value: EC4BCQGcKoEA
.quantserve.com/	1970-01-21 01:05:38	Name: mc Value: 653135e2-5cbd5-7308b-7a9d9
.awin1.com/	1970-01-20 15:39:43	Name: awpv11354 Value: 412871\|1697723874\|804af360-6e87-11ee-8ffc-223056a867d8
.doubleclick.net/	1970-01-20 19:54:35	Name: APC Value: AfxxVi5Dkgzw49RWLPOa0ClJh3mCtmPAtbvY2VRn4hCNQXl-B5k5JA
.awin1.com/	1970-01-20 15:39:43	Name: awpv19228 Value: 412871\|1697723874\|80574f70-6e87-11ee-b29b-2231cad1828b
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 388274:2629118
www.conrad.de/	1970-01-20 15:39:43	Name: HTLP_timestamp Value: 1697723874848
www.conrad.de/	1970-01-20 15:39:43	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 15:35:25	Name: __cf_bm Value: vEQRMlMLwCVCt3dVLBsNZHT1m44bkeJ1fHF7wzmd8kM-1697723874-0-AZOkk1JNFN5pFfR4afZQamHVpj9t9jcQGxnivCHnkSnBmqE/s02tSoZ4WJgOF5/ONSJ5IDnnT5bI3AQK4h4VKpM=
.blau.de/	1970-01-20 15:45:28	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMxMDAwMDAwMDA2MTY5NzcyMzg3NXZsZWExZGUyMDIzMTAxOTE1NTc1NDg5ODI4OTc3NjU1WDExNzY2M1YxMjI1MTMxMTA2TVN2aWV3b25laWRqODN1RWZaZVNxeEoxdVlIRUgydDZ0UlJKVUtUelR4SmM5b25laWRfX3N1aXRlX05ldG1peF9SZWFjaDEzX0JsYWNrRnJpZGF5UHVzaDExNzY2Mw
.blau.de/	1970-01-20 15:45:28	Name: nscQ486 Value: V
.blau.de/	1970-01-20 15:45:28	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2023101915575489828977655X117663V1225131106MSviewoneidj83uEfZeSqxJ1uYHEH2t6tRRJUKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&wfid=117663&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMxMDAwMDAwMDA2MTY5NzcyMzg3NXZsZWExZGUyMDIzMTAxOTE1NTc1NDg5ODI4OTc3NjU1WDExNzY2M1YxMjI1MTMxMTA2T
.o2online.de/	1970-01-20 15:45:28	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY5NzcyMzg3NXZsZWExZGUyMDIzMTAxOTE1NTc1NDg5ODI4OTc3NjYxWDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWRZWDFIcmYxNXNwQnBIVkg5SGV0UXRSUjhjQVQxVDZtSHJvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTNfQmxhY2tGcmlkYXlQdXNoMTIwMjEx
.o2online.de/	1970-01-20 15:45:28	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 15:45:28	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023101915575489828977661X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY5NzcyMzg3NXZsZWExZGUyMDIzMTAxOTE1NTc1NDg5ODI4OTc3NjYxWDEyMDIxMVYxMjI2MTMyNzAyT

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&js=1&nw=1&viewref=oneidj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

16af68555760ca3881cd11a4e0785dfb.safeframe.googlesyndication.com
7b74e6792e7b086b24eff254a1d1ed79.safeframe.googlesyndication.com
a.tribalfusion.com
ab2e634afcbd275c8c46a4be510b5f53.safeframe.googlesyndication.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads-script.b-cdn.net
ads.eu.criteo.com
ads.travelaudience.com
ads.w55c.net
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
c1.adform.net
cat.nl3.eu.criteo.com
cdn.ampproject.org
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
cti.w55c.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
e9f015384caf151f3c9dfce3d26a395f.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
i.w55c.net
imageproxy.eu.criteo.net
match.adsrvr.org
newsroompost.com
onetag-sys.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pm.w55c.net
prod-rtb.ad4mat.net
r.turn.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
s.tribalfusion.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
t.hspvst.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
uat.newsroompost.com
um.simpli.fi
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
googlecm.hit.gemius.pl
sync-tm.everesttech.net
uat.newsroompost.com
104.77.35.11
142.250.185.130
142.250.186.130
142.250.186.166
154.58.197.185
167.233.13.224
178.250.1.6
178.250.1.9
18.135.134.29
18.66.112.41
18.66.147.98
2001:4860:4802:34::36
2001:4860:4802:36::178
213.155.156.183
23.35.237.56
2400:52e0:1e00::1079:1
2600:1901:0:76b9::
2600:9000:206f:1c00:1b:f040:3600:93a1
2600:9000:2251:8600:3:4706:a6c0:93a1
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700:20::ac43:4aa0
2606:4700::6810:c0cb
2606:4700::6812:19ad
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:827::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9d
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:d::c
2a02:fa8:8806:16::1370
3.121.79.42
3.33.220.150
3.9.163.207
34.91.62.186
34.96.105.8
35.186.193.173
35.190.0.66
37.157.6.243
46.228.164.11
46.228.174.117
51.75.86.98
52.29.100.88
52.57.124.150
84.200.5.215
85.114.159.118
99.86.4.52
00844f13ef0cb0f17998b903296b2af48690e8a72c8ee1bc5fa3dde1f62d4441
039aac686129500b6103569d409f28868cef6bc33d1d554dddd8cfda4d6137f9
040f47e85ae4a1d03ac48e6c8a4e6df5509c846f37bc296da9ab15de5146c818
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
04b6dfe2981fc237656e937e78a400b1d56184226ac86fffef08d522c9b8d004
07863c3e4c62c347c6fdd0f338db95b38e9e3639e1dbf047e155ec5a59f99c89
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a248406a2cf58b18ef89799a9d9b0981c006988d7f1c792da92cfe2a1f9b9cf
0a52ae074154359571785a0a2c8719e3ee2f492d6eb55ac33b6a81bf1798647e
0b84963b4284113bb71813fc3e64b0337d52e7418f499515a138e5693702f5d9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9e16c57bdbaed4c54fe42a918f857857217c6efd787dde4d397f6b4a66e443
0cb8cc3fee4275e182236ab19c3aae55274f43aa0ffde9c0510d8d59fcf8e5dc
0d599d4894993449116a9dbcc01b4e460732cdb4449e975b82055e98aa0e9d5b
0d822d6847507e3e276904a53c9cd515dc8e91da84791f0799add86eb5316131
0e2f8c21cbfea3e52e2b6b9f3783656232fb21e92f5c665e882887f0b547639c
0ea12771a008e20e8db549fd5d757f22b7486169add5b41c14f1f8c55e1caa0b
0f2c0462c5dbcff8bcd1cca6e3ec4d92eff19b9205f341ee2dec02caabad1c05
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
126b8bc81ad9d4c2af638660cc13dd5b21a09bf43038da05a3abef4586d92238
1270711c569d50ac8275d22b3cdc2b6db216954e8cd73e7a324e2036c6678512
13de903d49cccca76bab2663f5960ca5007d83e05ed60f10e7ea638e9bc0781f
14392c9baa0d1e691f861f1bfa0cda3caf6d3080edfabda0a2c276dfa13f2afe
15c1325363e42681f23ed19da0f04f08438f3accc85b4a575a1b7f9acade7f83
15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513
17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e
187b95d75467e82f060b070703218f5973083acc38c8deae4e569ca565ee469d
19842e977e4c4a0cf8d3103d51db157de3b650c5e09f4f3d818556f084da1d6f
198b7cfbb92bb077844491b2464c698548108003b2d9bd76f4164ed35a5e469f
19fb949b60ef0320ecf06476f86db2dfad6322d18501b42a785594ad5a16ad80
1a3cc4205a101e934ab6892dbb6409ae5f751908e382a22adb13256d1d4fc155
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e694569b6d667b6bfc44932e77ae4cf3195872697834634ec0f39236b4fad9d
207ffbdda8b2145aa66dcc5a408becb7e9a064ec113516f04430608f965bd7e7
215aad6246698324127d1f47f11ce094bd7115a614aebbb970c159b7ae3324de
2182c67a3e7987ae08bf359358a8a6f5b31813fcf66a6370d32511cb28686fee
22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba
23ad85488a229053d05d45bbe65ae089f9c42ee38d060c31d3e4121fa44f7900
2609049985362af24b8dfb961bd94e4bf7ab6e82ffed40ac7bdd7975c01753d2
2946eca607a150b8c6d0a2bacfddd7fa12be7c80b9b9836e46ecae946c925a91
296fe153b89017f52e7e90be00779572abe50de9432f23adffad78cc36c86d52
297f55278b6c970346f9cb8d19defb97c1a6be650dbf36e3f5091d45ff4fa339
2a13df0d5f71281c8190c27fa6949ec9f7ffb8d767a67bbb861ec4519c658ebc
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
304e77d7f34200a0b72a3b6e91b9c1f825db86aab1234cf56f36958bba571944
3071ba0ca5cdfbe893dd2093f85957808905ee77eb1ba306019b4d9f6f1e0861
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
334b209cc22693d004730734ed783c39635f37a04f625c450be70cfb2c69172c
337cc40c902faf17b8752d67391163f0c6c5b90a79b27ba9d8e7a4fbe8d371e0
347389c3d82225f20421fc81d5184f8d089ce96cece4b7d313f5ee528f007974
35583e01dd030aad86e607e24f93bed6a0111353abb803539dd21894a2b54c1c
36c4f072d3c0284654277f864fb3c2d4ae52dcb98a5004ed49a502c58dd3c20e
3800ceb92e75a25fdbb98ed21a760f6a078c7849ac3e3589b73fbe63236c0e45
384999affba051a3fda5f888f92ed0e61983e8c9a1607c3f6dbea173f4c0bb90
38b1c5d6224fee87c54a35f762ca5c260e6a68552e601ff82acaa14359286005
39300b5f6aa6c98ecce3bab085c4a412b5bcf08e8e08405032906188f9a24091
3958da567ad0728f4613f735cbdcf263a9da85e25a2362ecd1c5c5d8456df069
3abe051008ae48cbbb76806468670de8fbd3f896e6d4eeef9843965a00e314de
3c78ede533167996ea3cd83b12cc2c81aee3f04574e4532e24de3f9271818ca0
3eaa258aa4a3110171a7076531dc1ff21f2e9e7992a78794bbd93c7def2765c1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f42e69998426304ffcc22a5846795e4e220c111c4d160c651b6f34a6853b778
3ff423ff2842d15df4773ebf8c40fdec0cf584ed5f38af26ca707ea2333efc19
40456be013e4c5ced63d18505de57929aea8b03c14e0985cddb92eecc86b8822
40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92
413889bd5c5b362bda200d15065261d157557529bde4cd4d42938d30ca37498c
42656c5a534309426b3c5452b07c4013df29165e754e36e51d724ad962bebc1f
42ea3e9eb5e1e4579afef251615dc7208bd747a7a21b3f6ff2082b4aa7f3944e
43bc6e0a3ad31b901cca8daa150674bcbcf50f7459081e74682b9cedaa52974c
44403e2614853dddbbaf3ffd7a3de1ee72b34088bd08d24dd09ac71d612187de
446a7de54bc1cf1dd3e90e6d82858871e5fe17d7de0157e7ce71be135afd4423
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45dc89343744d799bce1730bb7979c5ad5877aeef41fee79e4a29e85370f8083
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
477d22dbfe1efb30e7488c274fae2eebca42bea530bd3f08f5ec7495aa6dbd37
47d28f2d8e65dc2ee8bf14064d39a5915f75fca7c1c91b922f6955fe7fc02f68
4813b68e3f6258ca16f1c73b3652abd5156caebe242074f3df41f09c2a6fc3d3
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b3b8d497a37a08513b7a3069ca43ad12755983eda42c4bc34364c74337f6287
4d0e54ef9173044342bb053da4531c949c1ee033caf7e4fe060adf276c3eca00
4d77fe1a9555985d6d3981209d00dbe2d28208cb42917322b57ec2f73b6e075b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2e32d71d3d13fb4b2a5ece0a5415a91b093ead0234ce54487390ca5d4275cb
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d1daad03bee2600bcac30291135cb7742871df90b7b308d4118c20169bf155
5511fc0a41b649423fbfa7a2738fb9fc47c5fd4669ccc5fd14186069db3295e1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5787789ea04a68ff4a71d83cfde57972a27ef4dabd962179d34156dc6dd47e44
5b58afd0685c0fd44b2cb455228c766239dd84f5765d5e1b6479e769e4689123
5c144f93ddc2054d209777b4869aaf8d565d86709ebe5979e3d19d09496d77f2
5c1bd33e59392d388d5b1081da6c3b14c61d84250fd115e01418762d4a4be5e5
5c66d67fff1bb62059630c5c49de873b28548398847a2beff2f3f006c4388c86
5c6c6781a8d947090d19d817d629276fd06537bccd357a5e02ad4d459ec6e855
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
5fd058e8362e305341a3ff93766fd9e3863bd93e79ef24e04089564e528c5a1c
60c7d7ce5461641fea330e06349ed188e254d9c5d132693b6baa0fee3a19216e
619753e148fab3c6f0d698fa57195c1275f90a73f523f5816d927affa63f1d9b
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fe4eeb815f7415bcec0e853a700c0f9a41b13060aa75f1472f8af449255d17
625faf6ab4228d1e60d27c715573eedab87a6d90a5b283ac36d79ecd22dcd956
634faf0aa67bd4595e0cde42ccf46f24337c89a848279c094b1d0d3b6819a03e
649e0080985fd53ee3d2004d116112c2e9471a68d6d8f4d62370c91805dd08bb
66fae96ec52bc978e833e6aa6f167cfdd56208ee676be273c60ad608cc65d334
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6854cf79f990a5d6885daebdfd22ceed02424eb8c54924363007dfec7270975d
68c70681360f6f89aff1a9de2c9818784b12aa68825950ffe371a5e22d64e845
69751f40928d2926f8edc62099a3a00383d97846b0ec1bbd15232fea3cdb657c
69b5c6ab2ebb2c660f9e649ffe106c468cc3379ad9f626f9fc6afaeddd568dea
69bd2df73c3c16a1a57407663d6598ffe1a349461a214c5e2aa816cb0fbcff44
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b824398f431a8d2c37fa56e79b1d9af6ecd80a2cb80604647eb3f7c804ff923
6cbe8afbaa101f41446ac5bfc341a559d315cab38a0e88e04fd82a10404f8917
6d035448a3fbf0a616d09697d5a4b10785e809603e201b0e3c9e2ee34f59ef39
6d3986b9812995eac5cd9a69c96aca0f594afe3f38a88b435157a02fbcc142a5
6dbb37931bbbc36e2f8ed5ec1c95ad6c2607b71a4dd041e4e4aad5c12842fb34
6dce8b55ac207e4021fd8f147de2f22bae9b3b35b8a665647f4576cc73f01ddf
6ed4cd84e3a9aa771bf2608e958a9964a70c6a5688cc43f33f0c82377063f3d3
6fb38d5ac31f91a44431b713efc6561f3ffeac821a89e8f96090687b062c96ec
70d538e0e5cb0b6da90251761e5c35d6e4f36f3555364b15ca090be347bd6660
7101c8be2eedf0a5fe2406d9abba60706a8e086cbc65c4b793daf58b83006387
7157ad0960bc174af3e0e109e3fd48f45b9516ab62361dec4546c488f40396d2
71717ff75ac950953ec92111b9e599ba2e075cfe3e2f7fc9e4c6ddf8839141b7
71dbdcada8f54ed95697e7ea9161827f487212477c5ac3903ebc8f09735c8b50
71f3fd5dbe93b5cffdcc5124c89a318af683cf7b810fba1454a6b424d35ed2d9
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
732456a0aa5ee02c8aa22544ce58ea3d4c6a033bd18915cb1642c3f40a5a7e58
74b2b05c1850ddb6210cc6f77f37ca172e45ce64fe2e325fb482b3a26f42b91a
74f114a1cf169336fdb8a22a09918aa716afd9e444101aef93aaab1a5cc5ca81
7681fd5fb602dc578333732afe21a1e182886b5c39636f32556698a1775e0388
76a0bad828de65dc2afed92d6821c9cc5d7e031aeb309a544367c7c0320a28b6
76ee0961e6fc5fe6be30f86e379b24c011ada622f43d9bf323548cc656d6cb28
77f71046a29a7a628d54e985fa8654247ae56d6a6abe631c5c7dd07a6293688e
79519a8e96d3739857b63ba9eee5218bac697ff1e30caad1fd253d205d3599f3
7970fc874ac17e4b2a26fd531cca4457122e8d3d6462be6d387305f4bde7f73c
7b0735da7fc23b2a2a415ff2ef120dd584cefbcd1c5ef8118c7e94d88e477018
7c41755dd7a15af2474871cb0595a0f377cbc16e8e520f92b219aee407c9f352
7f488d97531c87bd09dbaa830558d165c19ad8448c5fd15da9049a0f6476e201
829cdbb399bfd4b93878a2ae19f00d4ef90c66f3347601885f586adf16b7be3f
83a70561bd7624f817767f1b33bc160a2af2779276019d1558a51e95f4e3bcc7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85b7284c4d8e54216be4082addda18358f663a0ec0bbeddfeebffe2a45fc9b27
86525b4296fef90dc9b151f181a60064b2b9f17d02f70151beab1a457876c657
8690b45fd1b419e1aadaabf28810bac7c559877605b6ee8f34e6c6dd3dbae9e1
8b27d3253f5f1cc45f8d09c13323b6d70e9a75f50419bf0d3eb7d5413828d037
8b2d59e8812d84af8a1a3ab2f84e7101503fb72866bbb50941aa8ec218804727
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
91bb314962a785ef19f7a6a193aed3e9e0533c1f20980274bb06d06455a09adf
91ce993c35a93209f606c16f6794219a3c1b27c720d161f65c3907d8c7da0e20
935bf4c7f13833b4912e640b4ee259a99aa088389659685df7bd97781bbf2cf4
952fcf6f461c82dc3bf1a597a0b735c73c21f4fe45817f567413e1c569478376
96fc8e926197a5ab0442e79b06a25dedfc3b6df49bdfa13a429019b02803b65c
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
98923a83b1c5bec997cd1bdfcd396844cd90525d92254458da83e66c65b8c185
996469af01b3a9e93ee860effa0fa9637ee16e9e0aebf97a994830dac66036e6
9976059e047c01c11cf55670308d59931ad68451c4f9f608cb83c064fc4be005
9a7b8a6d74295927c674e75497b4fc58f8c20096fa7b4cb1487f1c20210001e8
9a93a8efe87aae54012af1f3d5f2c4ad4ec0380029b5ddffa66ede06371edc02
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ce164c8d436426e64ddb926993163b660aeded9b7470113b2c89b3dec0dbf17
9f2a3f5f704e060832d3e169b6c3f830d4a902a9c163192aaaca620c0fa940d2
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a56add0a0fe88ca8ad47ea3def87d8d5934976680db80c6530c0b28529854f0b
a58650bf18155b0760467c4d4ce619478cb3a2345cd04fa6037c8540dd35976f
a5c37a52eb2b280bdda815c6b420a97b016fffe66be8eba03b3d6b5c8cd455ad
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a76aef3f79584430f5200c3c58684f2606a1bbba2767e643d68428c1ad6bb7ad
a7ba8adcc2aacd23fde3800037f200e13001046c5925753d9e5f37029dcfc3d8
a7eb792f92ac032761ab7b74e42e33ba37896e7fae4200ac1974ce635455755b
a86517a32e34de02184899df16ce7ff27ef1004db110897bf573ad114764dd03
aa0d188cc9b96562f21569f0405229c03c06bd4660f18865af4ccb71c8b8f3ff
abf9247cea30ede0659679f4737da8c59d22d3a94352f2736a97dbccafe3c9ae
acbdd93539bc6cf0e01c7b2d844a30332301d54294265ea9d9eb4a3dfd3afed8
afa87a08f3b85e7008e6c3b6e5303b729731867e2a9791874672ec419ab04060
afce9a028c2123fbe335067a6138c6b440844702a0f080e6737302a1c556f5c6
b2ec520977fea13dc407a5ae15bed121a454a9008b6ad90f94507805e60b8f4f
b34723692436375effb4fd50a78615943f4df82786ccd67604c04ef9a0e92bde
b49a1fe5b5e90f4df81c0e8afb82350e4f194e8dc332a12a2d1cec3191b4bffc
b8968cffc7a2b9f5bd24dcf79a2dbe96e35e35f423848bb5a8a6ac13b7984e02
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bbc6709cb87ccd83ed946b3abc753536925cb001ba3f559ebca172e4131a13bf
bc25dc2a48afae7849ba152e4572f060561483dc44f858c584531f0287bb8376
bc531edb737131beee262d805228188423b842a23009de519fb84005ef60fcd4
bd83679af3081bd362863ef383f510dcd19208e18ccec9fa84e38f117f5f58f8
bec8ddddeca4b9cdadbb7797a011082fbcb06b7c71d3a009bd65c3a9b5d537c0
befebfcbc0078ad839cd7b6622d7f68aafa56b9e94556b247378de8f9bdbbad8
bff213874ce3d0ba3e7b2d018294c6f0145891a59ad5b1d0bf3ef1b65efe3292
c13c4d84e1985c53fb35f782c9a0a3aaf1e47555aeed471c7e0cbde0d7444c61
c21cf4cb7783ec3fafc8d505ee129638cce802623ec506e94c17a3ad39b0bb29
c5e7e8da627f5bcd6c344d0ce930e5e60062909305a4437ea788b73c028ad97d
c613bf9da88a901e6da4251f002dab0043d71441e0d8522c7460e5db768920be
c85bd0c13f476ce9368b8cadef8dca0a9e72ce5b40e05edc97b2043d2fabc87f
c8e3b03a30279836255de18c24e692e9d1d90a6be03d6ca3c3ec6ef41e146454
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c990ce89266d15d8cc53e7e1d2364fffd56433468a7099076b35e393b37c4e69
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cbc98908cfc2082692f4209b5aa6a87f97a4e6206049c4c649b4ac69d15a41a9
cc6d3118db2a52d3201858c175721961b48a931d2d18f59d372d9ecf781bc6cd
ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97
cd8fa7bdd260d208d29934076ec260aa85950625d3906aa4f0aaa52ecb7458c3
d1c8113ac4af844d4c162ff246c97a3ce8c862bf1442e0469983e4498059d032
d2436b5758ca63ce8aedbbdc1d473625f5b57aa3ec699b635a21dad1242627b3
d50e947214c594b690c8f97a3bf87cf0f784100db55aeaa3b8299bd16e09cdc0
d5564b11d82d1f8993f3ac1e5ee2859b197e6db15e7312ad025bf05adbaaa9b6
d8b682813dbca7755e0e49908679ff3a46ef938eabb6f26cd94691c716bbd7c0
d91295fd6eda5bfa0adf378e8733bd558f86a1c193a2e1227a46b4517c7a7564
d956818b2591500cd0a8af6965a49187b3ec70b76b425db94655fe27c28b8091
d9ae194c2271e66951ca2e203e001dcf07f2dc11bc58aeaaaf7644720d346b8d
da3414a2dbe3f4c6b4a07a2d696029d0e0866681717179d9f02309a44f64dc9f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
e03221044d71b90c4b2696644d63824c29d7267fad3f4b39095933b111b15863
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e1cbb6ddf64a4547d5b721b76d8697415513f437a03a919ef3a1bbaa40addae9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61982666f8e828ba57941c43933eb441d35a92113c597d977c236e846b4463b
e7746296f9075097e2729b764af95cd862419401f86f7335808a31856da76aa6
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
e91a21282f698ca148d2d04b7f28ed2f6a1759cb67f03c13074cc3185646ca83
e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c
eb86a1869ac6b898004b3accc1a1bc7fa37c6e14a271bb548ec4efa442228c93
ebdc92febcfa7ee9dff30ebfe8255e78a72da20ec78671cd77e97d770671ecbb
ee87e6547702fb6ef8a6f9d5ef54c46594c7481654f383a9ba9c17867932172c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0365adde1a1caab9295da1c1b25a07523d498cc3ed3e3631ae8c67b5e917bcd
f24c25c0d69d17703aa7000582fccd8b22217bb1adbb9d650fcc6f9fdb210baf
f4f0482800af78688d8dc8d274a8fe1ca25fec0a790e392aa5e29947fa695e79
f540bce5242bc1385d9c69098f65afeb921d2de36e4d12142e956f7ce1d1727c
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6dda875c1d50dd4c111e61ce959dfa1318053d3553e81d9bb6c8aafdcf40456
f70082d13737518caf37aefb53c52b92355e7d38290c483c412c399c667b2ad4
f73298f2d22b33c565e4656df142d6e4dfec14b84c8fb507bed6603636a03a10
f79a091fcc5e0a54a93ce8edd66cb29fc5914c1885770b9949455f5e4c5cb442
f7a68ae321996f090383185d5bce12ae38bfe91d2e694a265e4f76a6f8730704
f7f1d638daef1764a56f3c7384a1e482b0c4727350872f7793d4eded71e91f61
f93354cac2449fba391c23a388fc64f06f3fb5096ee1e13402823f30384030ba
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
f9c8796516af78ee9f53c91aaeeb28cd54e33dee0fb377e7a65be204558df0da
fb306ecb1e73d60c1aa79920a96b7bcbea1706afaaf01a2a555a796d8be65ef8
fd5b95871c1663600999eafdc7dbe63f77597ed291286259eab1f5c7e8ea5d3a
fdb2577b31b4c9dc42d321eb50b146e6a4ccba2af19f58469d3eeb91fa7a8922
fe49f1b4997817d63f64401507f107b2a7c825c996c3d4b199a2609b9496db6c
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

uat.newsroompost.com Open in urlscan Pro 2606:4700:20::ac43:4aa0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

402 Requests

92 %HTTPS

55 %IPv6

48 Domains

76 Subdomains

57 IPs

11 Countries

6396 kBTransfer

12464 kBSize

42 Cookies

7 Outgoing links

Redirected requests

402 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

uat.newsroompost.com Open in urlscan Pro
2606:4700:20::ac43:4aa0 Public Scan

Screenshot
Live screenshot

Full Image

402
Requests

92 %
HTTPS

55 %
IPv6

48
Domains

76
Subdomains

57
IPs

11
Countries

6396 kB
Transfer

12464 kB
Size

42
Cookies

402 HTTP transactions
8 data transactions