www.publinews.gt Open in urlscan Pro
49.12.125.168 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.publinews.gt/
Effective URL:
https://www.publinews.gt/gt/
Submission: On August 31 via api (August 31st 2022, 4:06:14 pm UTC) from US — Scanned from DE

Summary HTTP 564 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 85 IPs in 9 countries across 57 domains to perform 564 HTTP transactions. The main IP is 49.12.125.168, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.publinews.gt. The Cisco Umbrella rank of the primary domain is 283104.
TLS certificate: Issued by R3 on June 24th 2022. Valid for: 3 months.

This is the only time www.publinews.gt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
71 184	49.12.125.168 49.12.125.168	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
5	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
3	64.227.27.145 64.227.27.145	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
35	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.127.89 18.66.127.89	16509 (AMAZON-02) (AMAZON-02)
17	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
10	2606:4700:1::... 2606:4700:1::6813:864e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.97.24 18.66.97.24	16509 (AMAZON-02) (AMAZON-02)
3	18.66.122.74 18.66.122.74	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	23.47.209.72 23.47.209.72	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
47	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
1	2.21.185.80 2.21.185.80	16625 (AKAMAI-AS) (AKAMAI-AS)
14	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
15	144.76.115.197 144.76.115.197	24940 (HETZNER-AS) (HETZNER-AS)
10	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
2	54.78.253.158 54.78.253.158	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	52.222.209.55 52.222.209.55	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 11	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
6 16	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4 6	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1	138.201.64.38 138.201.64.38	24940 (HETZNER-AS) (HETZNER-AS)
3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 2	52.17.139.148 52.17.139.148	16509 (AMAZON-02) (AMAZON-02)
4	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
4	23.35.229.56 23.35.229.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
4	2600:9000:223... 2600:9000:223f:f000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
2 2	54.154.5.146 54.154.5.146	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
3 4	52.212.100.153 52.212.100.153	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
4	2600:1f13:800... 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f	16509 (AMAZON-02) (AMAZON-02)
1 5	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	2606:2800:233... 2606:2800:233:8173:898f:63b3:95c3:79d2	15133 (EDGECAST) (EDGECAST)
33	2600:1480:400... 2600:1480:4000:e5::	33905 (AKAMAI-AMS) (AKAMAI-AMS)
20	104.244.43.131 104.244.43.131	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:58c::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2606:4700:1::... 2606:4700:1::6813:884e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:26f0:350... 2a02:26f0:3500:595::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	107.22.163.220 107.22.163.220	14618 (AMAZON-AES) (AMAZON-AES)
2 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	54.157.211.237 54.157.211.237	14618 (AMAZON-AES) (AMAZON-AES)
1	216.52.2.30 216.52.2.30	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
4	52.70.17.67 52.70.17.67	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700::68... 2606:4700::6813:ad6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
2 2	104.103.108.241 104.103.108.241	16625 (AKAMAI-AS) (AKAMAI-AS)
2	3.122.208.137 3.122.208.137	16509 (AMAZON-02) (AMAZON-02)
7	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
4	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
2	198.47.127.22 198.47.127.22	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 6	2.23.97.19 2.23.97.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	185.86.137.114 185.86.137.114	201081 (SMARTADSE...) (SMARTADSERVER)
2	213.19.147.42 213.19.147.42	3356 (LEVEL3) (LEVEL3)
2	3.65.16.214 3.65.16.214	16509 (AMAZON-02) (AMAZON-02)
2	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.96.145.246 104.96.145.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	18.134.84.19 18.134.84.19	16509 (AMAZON-02) (AMAZON-02)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.30.246.43 52.30.246.43	16509 (AMAZON-02) (AMAZON-02)
564	85

184 49.12.125.168 (Germany) 71 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.168.125.12.49.clients.your-server.de

www.publinews.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.publinews.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.227.27.145 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

adserver.latinon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.127.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-127-89.fra60.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:1::6813:864e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-24.fra56.r.cloudfront.net

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.122.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-74.fra60.r.cloudfront.net

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.47.209.72 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-72.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.185.80 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-185-80.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 144.76.115.197 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.197.115.76.144.clients.your-server.de

ads.emisorasunidas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.253.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-253-158.eu-west-1.compute.amazonaws.com

tag.escalated.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.209.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-55.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.184.226 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.19.126 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.46 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.64.38 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.139.148 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-139-148.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223f:f000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.5.146 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-5-146.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States)

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.212.100.153 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-100-153.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.117 (Nagold, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

hal90003.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

www.ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2600:1480:4000:e5:: (United States)

ASN33905 (AKAMAI-AMS, NL)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.244.43.131 (United States)

ASN54113 (FASTLY, US)

abs-0.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:58c::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:1::6813:884e (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:3500:595::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 107.22.163.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-163-220.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

content.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.157.211.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-211-237.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.45 (Beverwijk, Netherlands) 1 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.70.17.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-17-67.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:ad6c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.103.108.241 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-108-241.deploy.static.akamaitechnologies.com

video-ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.208.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-208-137.eu-central-1.compute.amazonaws.com

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.22 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.23.97.19 (Vienna, Austria) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-97-19.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.42 (Beverwijk, Netherlands)

ASN3356 (LEVEL3, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.65.16.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-16-214.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.134.84.19 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-84-19.eu-west-2.compute.amazonaws.com

1f2e7.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.246.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-246-43.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
184	publinews.gt 71 redirects www.publinews.gt — Cisco Umbrella Rank: 283104 static.publinews.gt — Cisco Umbrella Rank: 331313	3 MB
82	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 112 f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 145 ade.googlesyndication.com Failed	865 KB
57	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 stats.g.doubleclick.net — Cisco Umbrella Rank: 85 ad.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293	374 KB
54	twimg.com abs.twimg.com — Cisco Umbrella Rank: 1791 pbs.twimg.com — Cisco Umbrella Rank: 703 abs-0.twimg.com — Cisco Umbrella Rank: 2150	760 KB
21	twitter.com platform.twitter.com — Cisco Umbrella Rank: 700 syndication.twitter.com — Cisco Umbrella Rank: 963	792 KB
19	aniview.com tg1.aniview.com — Cisco Umbrella Rank: 10580 player.aniview.com — Cisco Umbrella Rank: 1720 track1.aniview.com — Cisco Umbrella Rank: 1917 go1.aniview.com — Cisco Umbrella Rank: 5038 sync.aniview.com — Cisco Umbrella Rank: 2438	252 KB
19	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 6141 adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
15	emisorasunidas.com ads.emisorasunidas.com	1 MB
14	gstatic.com www.gstatic.com fonts.gstatic.com	192 KB
14	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 7557 c.mgid.com — Cisco Umbrella Rank: 5185 cdn.mgid.com — Cisco Umbrella Rank: 9606 servicer.mgid.com — Cisco Umbrella Rank: 7656 s-img.mgid.com — Cisco Umbrella Rank: 4427 cm.mgid.com — Cisco Umbrella Rank: 2052	149 KB
12	teads.tv a.teads.tv — Cisco Umbrella Rank: 1269 at.teads.tv — Cisco Umbrella Rank: 4226 sync.teads.tv — Cisco Umbrella Rank: 1059 t.teads.tv — Cisco Umbrella Rank: 2460	140 KB
10	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 319 video-ads.rubiconproject.com — Cisco Umbrella Rank: 8293 optimized-by.rubiconproject.com — Cisco Umbrella Rank: 4726 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 993 eus.rubiconproject.com — Cisco Umbrella Rank: 551 token.rubiconproject.com — Cisco Umbrella Rank: 686	14 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 751 static.adsafeprotected.com — Cisco Umbrella Rank: 567 dt.adsafeprotected.com — Cisco Umbrella Rank: 516	130 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 264	336 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	544 KB
9	google.de www.google.de — Cisco Umbrella Rank: 6487 adservice.google.de — Cisco Umbrella Rank: 9270	2 KB
8	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 387 mug.criteo.com — Cisco Umbrella Rank: 2794	3 KB
7	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 749	2 KB
7	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 606 ads.pubmatic.com — Cisco Umbrella Rank: 448 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 442	137 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	291 KB
6	stickyadstv.com 2 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 681	6 KB
6	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 270 c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 879	1 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 43625 hal90003.redintelligence.net — Cisco Umbrella Rank: 307428	10 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 515 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 430	5 KB
5	openx.net us-u.openx.net — Cisco Umbrella Rank: 377 rtb.openx.net — Cisco Umbrella Rank: 1493 u.openx.net — Cisco Umbrella Rank: 655	978 B
4	360yield.com 3 redirects match.360yield.com — Cisco Umbrella Rank: 3772 ad.360yield.com — Cisco Umbrella Rank: 670 ice.360yield.com — Cisco Umbrella Rank: 1968	1 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	3 KB
3	media.net prebid.media.net — Cisco Umbrella Rank: 1082 contextual.media.net — Cisco Umbrella Rank: 534	9 KB
3	1rx.io 1 redirects sync.1rx.io — Cisco Umbrella Rank: 538 tag.1rx.io — Cisco Umbrella Rank: 1370	571 B
3	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 48437 medialead.de — Cisco Umbrella Rank: 48081	1 KB
3	everesttech.net 2 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3267 sync-tm.everesttech.net — Cisco Umbrella Rank: 566	928 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 225	3 KB
3	firstimpression.io ecdn.firstimpression.io — Cisco Umbrella Rank: 19924 cdn.firstimpression.io — Cisco Umbrella Rank: 20075	202 KB
3	latinon.com adserver.latinon.com — Cisco Umbrella Rank: 114837	7 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 336	655 B
2	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1411	1 KB
2	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 699 a.rfihub.com — Cisco Umbrella Rank: 2823	2 KB
2	escalated.io tag.escalated.io — Cisco Umbrella Rank: 26387	40 KB
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1446	338 B
1	fwmrm.net 1 redirects 1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 2855	532 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 519	509 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 889	382 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 619
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1441	330 B
1	zeotap.com content.zeotap.com — Cisco Umbrella Rank: 18590	19 KB
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1167 id5-sync.com Failed	14 KB
1	ad-server.eu www.ad-server.eu — Cisco Umbrella Rank: 183365	42 KB
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 47180	606 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 542 api.rlcdn.com Failed	98 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1015	463 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 872	647 B
1	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 275	41 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 384	9 KB
1	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1278	3 KB
1	analysis.fi ecdn.analysis.fi — Cisco Umbrella Rank: 23020	5 KB
1	mailchimp.com cdn-images.mailchimp.com — Cisco Umbrella Rank: 5133	1 KB
564	57

	Domain	Requested by
106	www.publinews.gt	71 redirects www.publinews.gt
78	static.publinews.gt	www.publinews.gt
42	tpc.googlesyndication.com	f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.publinews.gt s0.2mdn.net securepubads.g.doubleclick.net
35	pagead2.googlesyndication.com	www.publinews.gt pagead2.googlesyndication.com f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com www.googletagservices.com s0.2mdn.net securepubads.g.doubleclick.net
33	pbs.twimg.com	syndication.twitter.com platform.twitter.com
20	abs-0.twimg.com	syndication.twitter.com platform.twitter.com
18	securepubads.g.doubleclick.net	www.publinews.gt www.googletagservices.com securepubads.g.doubleclick.net
17	platform.twitter.com	www.publinews.gt platform.twitter.com syndication.twitter.com
16	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net www.publinews.gt f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
15	ads.emisorasunidas.com	www.publinews.gt ads.emisorasunidas.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com www.publinews.gt googleads.g.doubleclick.net player.aniview.com
11	www.google.com	2 redirects www.publinews.gt f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
10	s0.2mdn.net	ads.emisorasunidas.com www.publinews.gt s0.2mdn.net
10	www.googletagmanager.com	www.publinews.gt www.googletagmanager.com
8	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
8	fonts.gstatic.com	fonts.googleapis.com
7	onetag-sys.com	player.aniview.com
7	track1.aniview.com	player.aniview.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
7	www.googletagservices.com	www.publinews.gt securepubads.g.doubleclick.net f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	ads.stickyadstv.com	2 redirects player.aniview.com
6	player.aniview.com	tg1.aniview.com player.aniview.com
6	www.google.de	www.publinews.gt
6	www.gstatic.com	www.publinews.gt googleads.g.doubleclick.net
5	hal90003.redintelligence.net	1 redirects f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com hal90003.redintelligence.net
5	f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	region1.analytics.google.com	www.googletagmanager.com
5	a.teads.tv	www.publinews.gt a.teads.tv
4	c2shb.pubgw.yahoo.com	player.aniview.com
4	sync.aniview.com	player.aniview.com
4	mug.criteo.com
4	gum.criteo.com	2 redirects
4	s-img.mgid.com
4	cdn.mgid.com	jsc.mgid.com
4	dt.adsafeprotected.com	f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
4	static.adsafeprotected.com	fw.adsafeprotected.com f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
4	t.teads.tv	www.publinews.gt
4	syndication.twitter.com	platform.twitter.com www.publinews.gt syndication.twitter.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	www.publinews.gt googleads.g.doubleclick.net tpc.googlesyndication.com
3	ads.pubmatic.com	jsc.mgid.com player.aniview.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	adserver.latinon.com	www.publinews.gt adserver.latinon.com
2	match.adsrvr.org	ads.pubmatic.com
2	eus.rubiconproject.com	player.aniview.com eus.rubiconproject.com
2	prebid.media.net	player.aniview.com
2	prebid-server.rubiconproject.com	player.aniview.com
2	tag.1rx.io	player.aniview.com
2	prg.smartadserver.com	player.aniview.com
2	hbopenbid.pubmatic.com	player.aniview.com
2	optimized-by.rubiconproject.com
2	video-ads.rubiconproject.com	2 redirects
2	cm.mgid.com	jsc.mgid.com
2	pv.medialead.de	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	match.360yield.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	googleads.g.doubleclick.net ads.pubmatic.com
2	rtb.openx.net	googleads.g.doubleclick.net f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
2	pixel.everesttech.net	2 redirects
2	googleads4.g.doubleclick.net	www.publinews.gt
2	fw.adsafeprotected.com	1 redirects www.publinews.gt
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	tag.escalated.io	ecdn.firstimpression.io tag.escalated.io
2	ecdn.firstimpression.io	www.publinews.gt ecdn.firstimpression.io
2	jsc.mgid.com	www.publinews.gt jsc.mgid.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	1f2e7.v.fwmrm.net	1 redirects
1	contextual.media.net	player.aniview.com
1	ice.360yield.com	player.aniview.com
1	u.openx.net	player.aniview.com
1	bh.contextweb.com	1 redirects
1	csync.loopme.me	1 redirects
1	ad.360yield.com	1 redirects
1	sync.1rx.io	1 redirects
1	ap.lijit.com	player.aniview.com
1	go1.aniview.com	player.aniview.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	content.zeotap.com	ads.pubmatic.com
1	cdn.id5-sync.com	jsc.mgid.com
1	tg1.aniview.com	adserver.latinon.com
1	servicer.mgid.com	jsc.mgid.com
1	c.mgid.com	jsc.mgid.com
1	abs.twimg.com	platform.twitter.com
1	www.ad-server.eu	hal90003.redintelligence.net
1	medialead.de	1 redirects
1	pb.media01.eu	hal90003.redintelligence.net
1	sync-tm.everesttech.net	f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
1	a.rfihub.com	f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
1	p.rfihub.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	hal9000.redintelligence.net	f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.amazon-adsystem.com	ecdn.firstimpression.io
1	cdn.jsdelivr.net	ecdn.firstimpression.io
1	cdn.firstimpression.io	ecdn.firstimpression.io
1	widgets.outbrain.com	www.publinews.gt
1	ad.doubleclick.net	www.publinews.gt
1	at.teads.tv	a.teads.tv
1	ecdn.analysis.fi	www.publinews.gt
1	cdn-images.mailchimp.com	www.publinews.gt
0	ade.googlesyndication.com Failed
0	api.rlcdn.com Failed	ads.pubmatic.com
0	id5-sync.com Failed	cdn.id5-sync.com ads.pubmatic.com
564	110

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
cooperativaupa.net
widgets.mgid.com
www.mgid.com
clck.mgid.com

Subject Issuer	Validity	Valid
www.publinews.gt R3	`2022-06-24` - `2022-09-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
adserver.latinon.com R3	`2022-07-21` - `2022-10-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
cdn-images.mailchimp.com Amazon	`2022-07-06` - `2023-08-03`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
analysis.fi Amazon	`2021-12-04` - `2023-01-01`	a year	crt.sh
*.firstimpression.io Sectigo RSA Domain Validation Secure Server CA	`2021-11-21` - `2022-12-05`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
static.publinews.gt R3	`2022-06-24` - `2022-09-22`	3 months	crt.sh
ads.emisorasunidas.com R3	`2022-08-21` - `2022-11-19`	3 months	crt.sh
*.escalated.io Go Daddy Secure Certificate Authority - G2	`2022-01-03` - `2023-02-04`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
redintelligence.net R3	`2022-08-02` - `2022-10-31`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-03` - `2023-03-07`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-20` - `2023-05-21`	a year	crt.sh
pbs.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-12-30` - `2023-01-03`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.360yield.com Amazon	`2022-06-28` - `2023-07-27`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-16`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-28` - `2023-07-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 45 frames:

Primary Page: https://www.publinews.gt/gt/
Frame ID: 76545ED411B43B32D3F6F896DA0E6678
Requests: 287 HTTP requests in this frame

Frame: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5D31C4C1914741F431BF097251785E1E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html
Frame ID: E87251B9797B3C12DC9F05BFA81BBECD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0dMXQhCjWuT56PXiy2H-p8WAZq3obLn5dBUbcf4X9X8WsunRlTLTfcnO6Aa-thXsQu_TC1Y8hCuY1_Q-G_8xTBtZlWR87f0KPWhQw4y9G6fUkX6JE7VyfDp_2_jVsKQeHQY_qYsr9BS-Od3J3L1RqO2_5qADY4z-_w69rhHVFOWXanXm_rEiezMkz-qXldLjyJGUoBOxWBcXspO8hD-8w6tQVau_MWqxEb9UpqrzQltyyWqHKyID0sxAm-SXLCynmkv6RhcQDRmjab7CR0TBxG6r5NG1n-UO_H5ejvlQvdTypB5m4zzyWJbJWEz4fOahfMiRlBDETe9cMC-EcHAdmf-vLjWxw&sai=AMfl-YTXZ-_-lvpD_yxgmzPAH9n9nPMuqJ3IEDs5nr2ruxHGFazsm_dZ7T6h6QLgO5IYmLPcJBsDtL_iaJVgmDSrgBswM78ygVLUzWLVea05FqHS3HmT8M7iEYxeqP0UqJAfqA&sig=Cg0ArKJSzEs5D26b8NUqEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FB2A60B8D89D7CD08311FB7978F4762A
Requests: 6 HTTP requests in this frame

Frame: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Frame ID: DBB5945DC66ED903AEDA26AE7F2C46DF
Requests: 6 HTTP requests in this frame

Frame: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Frame ID: 6228ABABE57511E20C5BF0D6018B2EBD
Requests: 6 HTTP requests in this frame

Frame: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Frame ID: ECA2277134F50F78A63EC8A3290CFE68
Requests: 6 HTTP requests in this frame

Frame: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 615139454BFECCAF1C8FEDB0B7254C55
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&adk=1812271804&adf=1573534164&lmt=1661961962&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661961961807&bpp=3&bdt=479&idt=381&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd6cea47d8f1844f%3AT%3D1661961961%3AS%3DALNI_MZvvvsOUiZk6ZoyRb3yR-BYpbQkfA&nras=1&correlator=4211812736668&frm=20&pv=2&ga_vid=463825994.1661961962&ga_sid=1661961962&ga_hid=305441450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771162%2C44771548&oid=2&pvsid=3672797894874316&tmod=193539051&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=401
Frame ID: A406AAA8CA2EE1FFF0AD90DB8D55AF52
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=215320707&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661961962&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661961962168&bpp=4&bdt=840&idt=140&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd6cea47d8f1844f%3AT%3D1661961961%3AS%3DALNI_MZvvvsOUiZk6ZoyRb3yR-BYpbQkfA&prev_fmts=0x0&nras=1&correlator=4211812736668&frm=20&pv=1&ga_vid=463825994.1661961962&ga_sid=1661961962&ga_hid=305441450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=4082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771162%2C44771548&oid=2&pvsid=3672797894874316&tmod=193539051&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=ptyd6rNA46&p=https%3A//www.publinews.gt&dtd=147
Frame ID: E800A3176593FDDBA4DE9A64700B2DF4
Requests: 29 HTTP requests in this frame

Frame: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5E3EB3EFDCC7F41BCC87F9506B7335D5
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNWaktrnKTzOUgTn52-o_o1a19ZZa3AFpKi6fmLglkUN6pyIqVP6PVia8LKQK7Cnl8mH-qNcGn2de22_R3j6ah3WgHIm0Ldqa53i_iGb8-QL27U7qFaG1gDm9X2wGPYfnm_WD8CDBrZgZEAmNLhM8Ca5wl8tG8HoIMjZnlbTNftCfpd1CnA
Frame ID: 842CF0134D2D14DAED714B3EE052DA02
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYsa6jzAEwAQ&v=APEucNWnaheSIB8b3O2-XtmI5EV67s006WCMaG9L2O1OvrqNOdSJU8wzNCNj5WZs2MS-z0XrkP6Viq548JP89eF5J62KfiwSrfiWu1b4swCXzl_knURa8TCBV3-8H2SA1nKXZCgUKLLAFQl0VuBTW1evK6BR3lUWx3gLjqDzXiQexoyxEp4UV8o
Frame ID: 23D890D2753267131A8432AB43A8F102
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html?origin=https%3A%2F%2Fwww.publinews.gt
Frame ID: 3D1584C4429AD9439776FD6B51B84524
Requests: 2 HTTP requests in this frame

Frame: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 86F404B81249241782F39D6EBE651206
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F12E6353F533492A0CFE7A0EEB7C902E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486
Frame ID: 249C92344DF698F59205A62AF07568BC
Requests: 12 HTTP requests in this frame

Frame: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 49525D3AF9DC2E839C034B8244FA9AB9
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 16A6095C63E639A2A9E01D950EC52B18
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12067022830250736275/index.html?e=69&leftOffset=0&topOffset=0&c=n8ZU5Zkzit&t=1&renderingType=2&ev=01_247
Frame ID: AF8F562D59E6D5CC6EADBC0AA5C0E6DE
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CC8612086DEFD8A39B84AB462E028267
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A39E4A56B10BEB666CD55E40EB4089DA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486
Frame ID: B3D5A8A774F6D0382FDEB703EB079367
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1D0740C0309A9946A1F5F7CDDD9DE553
Requests: 2 HTTP requests in this frame

Frame: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=a523be257c00bf7735885393b7cb849c15275a5b&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Frame ID: 504FF578D9BED367F505550275B438F4
Requests: 70 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8BE71F509A2CD56DCCFCE87DF1A41347
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: F33E9C16937D3210CE03D7788AFA98A3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js
Frame ID: 65B3F5F10AF5300621482799FD4406DE
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=46587700109294100757589012068003&actionid=981741&produktid=&dt_url=
Frame ID: 2DCEDA48B9AAE2579E544AA1281FDDC2
Requests: 1 HTTP requests in this frame

Frame: https://hal90003.redintelligence.net/request_content.php?s=46587700109294100757589012068003&a=ba798642
Frame ID: B3361FBAFD83837E257E9E637FF87029
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js
Frame ID: FF705DF3250AD6629405F5292B6E4020
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FF30426EA0BA4FA7EF732842E1082DDD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5EAFD403F8F9628F654F59086CD7C668
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1661961966333155956121
Frame ID: 0121ABF6732753D3A6792AD4D9E55A0D
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Frame ID: 549B143A4DCDD314502F3572C48FA61C
Requests: 6 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661961966918-927637325916-007641-011-001696%26biddername%3D18%26key%3D%24UID
Frame ID: 5DE25BCDBEB234CD8EA516E1D7B1B06C
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1661961966918-927637325916-007641-011-001696&biddername=200&key=OPTOUT
Frame ID: CF092F833A78F84771794DF1ACA6D70B
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1661961966918-927637325916-007641-011-001696&biddername=22&key=fb031ce9-699c-4d2d-bf51-d73ad8a25319
Frame ID: BCD23026C8CB15303D21DFAA7A63CCDA
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1661961966918-927637325916-007641-011-001696&biddername=56&pid=59c9148628a0612da3689288&key=f2ac55d9-9aa7-406a-a4cb-1495aba6b731
Frame ID: 1AF628FF20B29B1E81AB7C0FCA4720D1
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1661961966918-927637325916-007641-011-001696&biddername=10&pid=59c9148628a0612da3689288&key=Eiz7sAAQ4tha&ev=1&us_privacy=${us_privacy}&pid=562704
Frame ID: 432C929CFF4E1375F19A279358AA700F
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661961966918-927637325916-007641-011-001696%26biddername%3D23%26key%3D
Frame ID: 2BBE28E8F656299CB3318CDE1A3BCFC0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161774
Frame ID: 91D2064E7AE3AF32A9A04888BC99ABDA
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUK67P42&prvid=99%2C77%2C56%2C2034%2C2031%2C2030%2C175%2C157%2C2028%2C2027%2C4%2C159%2C10000%2C80%2C9%2C109%2C82%2C97&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: D92382B7A3E197A811282A9BAD855680
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1661961967165
Frame ID: 6209BCEFEC8D4BC67FA1DEFFF6E8A3FD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2D42DECB0EBEFE496245BFE25F9A8398
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Noticias, Deportes y Espectáculos de Guatemala y el Mundo | Publinews

Page URL History Show full URLs

http://www.publinews.gt/ HTTP 301
https://www.publinews.gt/ HTTP 301
https://www.publinews.gt/gt/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

cdn-images\.mailchimp\.com/[^>]*\.css

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

564
Requests

82 %
HTTPS

34 %
IPv6

57
Domains

110
Subdomains

85
IPs

9
Countries

9383 kB
Transfer

18733 kB
Size

66
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/publinewsguatemala
Title: f

Search URL Search Domain Scan URL

URL: https://twitter.com/PublinewsGT
Title: t

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/PublinewsGuatemala
Title: y

Search URL Search Domain Scan URL

URL: https://www.instagram.com/publinewsguatemala/
Title: i

Search URL Search Domain Scan URL

URL: https://cooperativaupa.net/cotizador/

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=www.publinews.gt&utm_medium=referral&utm_campaign=widgets&utm_content=1129387

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/13801735/i/57463017/0/pp/1/1?h=2HcsyF85MYDjCEKOh4P1YsnA8ahR23oJm5VPJaZuhYenFjbFJnBCdSMq_fnCj30eb_EFyQrp1IaGZkoGJNvykA**&rid=d1c4ab67-2946-11ed-b2f2-e43d1a2a04aa&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&ct=1&gdpr=1&st=120&mp4=1

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/13789370/i/57463017/0/pp/2/1?h=2HcsyF85MYDjCEKOh4P1Yrz3CGj68tJXtVebdAQORnOeACccMKYjCSlDeBqEcv1b2eoWgjvoKIVdS-G7qA4hJg**&rid=d1c4ab67-2946-11ed-b2f2-e43d1a2a04aa&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&ct=1&gdpr=1&st=120&mp4=1

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/12569707/i/57463017/0/pp/3/1?h=2HcsyF85MYDjCEKOh4P1YtfPJXxZ0SHUesa4OACYavSyO3yEzR5VG6CNnpaY5z6VBt558vfnp6ZtUEii0_kVqA**&rid=d1c4ab67-2946-11ed-b2f2-e43d1a2a04aa&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&ct=1&gdpr=1&st=120&mp4=1

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/10570875/i/57463017/0/pp/4/1?h=2HcsyF85MYDjCEKOh4P1YtvFURTnAClrn_pgRyB3zV82l8NdMJYO4x8YSU09CWmd8CvNTkvttPmgLkanZX8Y0A**&rid=d1c4ab67-2946-11ed-b2f2-e43d1a2a04aa&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&ct=1&gdpr=1&st=120&mp4=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.publinews.gt/ HTTP 301
https://www.publinews.gt/ HTTP 301
https://www.publinews.gt/gt/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://www.publinews.gt/gt/wp-content/uploads/2020/06/svgpublinews.svg HTTP 301
https://static.publinews.gt/2020/06/svgpublinews.svg

Request Chain 94

https://www.publinews.gt/gt/wp-content/uploads/2020/10/previa-quinta-etapa-vuelta-ciclistica-a-guatemala-2020-publinews-1-300x300.png HTTP 301
https://static.publinews.gt/2020/10/previa-quinta-etapa-vuelta-ciclistica-a-guatemala-2020-publinews-1-300x300.png

Request Chain 95

https://www.publinews.gt/gt/wp-content/uploads/2022/08/manifestacion-en-contra-de-suspencion-de-los-estatutos-del-COG-3-300x168.jpg HTTP 301
https://static.publinews.gt/2022/08/manifestacion-en-contra-de-suspencion-de-los-estatutos-del-COG-3-300x168.jpg

Request Chain 99

https://www.publinews.gt/gt/wp-content/uploads/2022/08/accidente-de-transito-300x168.jpg HTTP 301
https://static.publinews.gt/2022/08/accidente-de-transito-300x168.jpg

Request Chain 100

https://www.publinews.gt/gt/wp-content/uploads/2022/08/accidente-de-transito-trailer-volcado-periferico-31-agosto-2022-pmt-300x168.jpg HTTP 301
https://static.publinews.gt/2022/08/accidente-de-transito-trailer-volcado-periferico-31-agosto-2022-pmt-300x168.jpg

Request Chain 101

https://www.publinews.gt/gt/wp-content/uploads/2022/08/nelson-carreras-publinews-300x168.jpg HTTP 301
https://static.publinews.gt/2022/08/nelson-carreras-publinews-300x168.jpg

Request Chain 102

https://www.publinews.gt/gt/wp-content/uploads/2021/09/hospital-san-juan-de-dios-pandemia-covid-19-coronavirus-guatemala-1-de-septiembre-2021-publinews-edwin-bercian-7-300x168.jpg HTTP 301
https://static.publinews.gt/2021/09/hospital-san-juan-de-dios-pandemia-covid-19-coronavirus-guatemala-1-de-septiembre-2021-publinews-edwin-bercian-7-300x168.jpg

Request Chain 103

https://www.publinews.gt/gt/wp-content/uploads/2022/07/laboratorio-movil-hisopados-pruebas-covid-19-coronavirus-guatemala-julio-2022-3-foto-ministerio-de-salud-187x140.jpg HTTP 301
https://static.publinews.gt/2022/07/laboratorio-movil-hisopados-pruebas-covid-19-coronavirus-guatemala-julio-2022-3-foto-ministerio-de-salud-187x140.jpg

Request Chain 104

https://www.publinews.gt/gt/wp-content/uploads/2022/07/pruebas-covid-19-hisopados-plaza-constitucion-publinews5-187x140.jpg HTTP 301
https://static.publinews.gt/2022/07/pruebas-covid-19-hisopados-plaza-constitucion-publinews5-187x140.jpg

Request Chain 105

https://www.publinews.gt/gt/wp-content/uploads/2022/08/corea-norte-reporta-4-posibles-nuevos-casos-covid-19-publinews-187x140.jpg HTTP 301
https://static.publinews.gt/2022/08/corea-norte-reporta-4-posibles-nuevos-casos-covid-19-publinews-187x140.jpg

Request Chain 111

https://www.publinews.gt/gt/wp-content/uploads/2022/01/pacientes-en-el-hospital-roosevelt-en-guatemala-dan-positivo-a-pruebas-de-covid-19-pandemia-coronavirus-31-de-enero-de-2022-fotos-publinews-300x300.jpg HTTP 301
https://static.publinews.gt/2022/01/pacientes-en-el-hospital-roosevelt-en-guatemala-dan-positivo-a-pruebas-de-covid-19-pandemia-coronavirus-31-de-enero-de-2022-fotos-publinews-300x300.jpg

Request Chain 112

https://www.publinews.gt/gt/wp-content/uploads/2022/02/jornada-vacunacion-contra-la-covid-coronavirus-en-paseo-la-sexta-avenida-guatemala-zona-1-7-de-febrero-2022-foto-edwin-bercian-publinews-emisoras-unidas-4-300x300.jpg HTTP 301
https://static.publinews.gt/2022/02/jornada-vacunacion-contra-la-covid-coronavirus-en-paseo-la-sexta-avenida-guatemala-zona-1-7-de-febrero-2022-foto-edwin-bercian-publinews-emisoras-unidas-4-300x300.jpg

Request Chain 113

https://www.publinews.gt/gt/wp-content/uploads/2022/08/jeringa-vacuna-300x300.jpg HTTP 301
https://static.publinews.gt/2022/08/jeringa-vacuna-300x300.jpg

Request Chain 114

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Candidoilegalidades-300x168.jpg HTTP 301
https://static.publinews.gt/2022/08/Candidoilegalidades-300x168.jpg

Request Chain 115

https://www.publinews.gt/gt/wp-content/uploads/2022/08/omar-franco-extitular-sat-300x300.jpg HTTP 301
https://static.publinews.gt/2022/08/omar-franco-extitular-sat-300x300.jpg

Request Chain 116

https://www.publinews.gt/gt/wp-content/uploads/2022/08/inauguran-edificio-atencion-animal-santa-catarina-pinula-187x140.jpg HTTP 301
https://static.publinews.gt/2022/08/inauguran-edificio-atencion-animal-santa-catarina-pinula-187x140.jpg

Request Chain 117

https://www.publinews.gt/gt/wp-content/uploads/2022/08/heart-intercambio-medicos-eeuu-guatemala-187x140.jpg HTTP 301
https://static.publinews.gt/2022/08/heart-intercambio-medicos-eeuu-guatemala-187x140.jpg

Request Chain 125

https://www.publinews.gt/gt/wp-content/uploads/2022/08/centinelas-oracion-juventud-congreso-6-187x140.jpg HTTP 301
https://static.publinews.gt/2022/08/centinelas-oracion-juventud-congreso-6-187x140.jpg

Request Chain 126

https://www.publinews.gt/gt/wp-content/uploads/2022/08/nina-muere-golpeada-granizo-tormenta-espana-publinews-300x168.jpeg HTTP 301
https://static.publinews.gt/2022/08/nina-muere-golpeada-granizo-tormenta-espana-publinews-300x168.jpeg

Request Chain 127

https://www.publinews.gt/gt/wp-content/uploads/2022/08/murio-expresidente-sovietico-mijail-gorbachov-publinews-187x140.jpg HTTP 301
https://static.publinews.gt/2022/08/murio-expresidente-sovietico-mijail-gorbachov-publinews-187x140.jpg

Request Chain 128

https://www.publinews.gt/gt/wp-content/uploads/2022/08/murio-camilo-guevara-march-hijo-che-guevara-publinews-187x140.png HTTP 301
https://static.publinews.gt/2022/08/murio-camilo-guevara-march-hijo-che-guevara-publinews-187x140.png

Request Chain 129

https://www.publinews.gt/gt/wp-content/uploads/2022/08/murio-hombre-mas-solitario-mundo-amazonia-brasilena-publinews-187x140.png HTTP 301
https://static.publinews.gt/2022/08/murio-hombre-mas-solitario-mundo-amazonia-brasilena-publinews-187x140.png

Request Chain 130

https://www.publinews.gt/gt/wp-content/uploads/2022/08/soldado-ruso-que-muestra-el-cra%CC%81neo-de-un-ucraniano-300x300.jpg HTTP 301
https://static.publinews.gt/2022/08/soldado-ruso-que-muestra-el-cra%CC%81neo-de-un-ucraniano-300x300.jpg

Request Chain 141

https://www.publinews.gt/gt/wp-content/uploads/2022/08/aplazan-lanzamiento-mision-artemis-i-nasa-problema-motor-publinews-187x140.png HTTP 301
https://static.publinews.gt/2022/08/aplazan-lanzamiento-mision-artemis-i-nasa-problema-motor-publinews-187x140.png

Request Chain 142

https://www.publinews.gt/gt/wp-content/uploads/2022/08/debate-presidencial-bolsonaro-lula-187x140.jpg HTTP 301
https://static.publinews.gt/2022/08/debate-presidencial-bolsonaro-lula-187x140.jpg

Request Chain 143

https://www.publinews.gt/gt/wp-content/uploads/2022/08/hillary-clinton-187x140.jpg HTTP 301
https://static.publinews.gt/2022/08/hillary-clinton-187x140.jpg

Request Chain 144

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Al-menos-12-heridos-dejo%CC%81-un-accidente-en-una-montan%CC%83a-rusa-300x168.jpg HTTP 301
https://static.publinews.gt/2022/08/Al-menos-12-heridos-dejo%CC%81-un-accidente-en-una-montan%CC%83a-rusa-300x168.jpg

Request Chain 181

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIKOd-AmeNOgCY9Ez7ukMFQ&google_cver=1

Request Chain 182

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yw.G6kGj6AJO3OUoCkFB.wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIKOd-AmeNOgCY9Ez7ukMFQ&google_cver=1&google_hm=2

Request Chain 183

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEH83HrrIQ8g_9ymSYLRRAO4&google_cver=1

Request Chain 184

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYxMTA3NTQzMjA0MjY5NDYxMQ%3D%3D

Request Chain 196

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-chechapaiz-150x150.jpg HTTP 301
https://static.publinews.gt/2020/06/opinion-chechapaiz-150x150.jpg

Request Chain 197

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-giovannifratti.jpg HTTP 301
https://static.publinews.gt/2020/06/opinion-giovannifratti.jpg

Request Chain 198

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-josesanabria.jpg HTTP 301
https://static.publinews.gt/2020/06/opinion-josesanabria.jpg

Request Chain 199

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-julissamartinez-150x150.jpg HTTP 301
https://static.publinews.gt/2020/06/opinion-julissamartinez-150x150.jpg

Request Chain 200

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-luisvalenzuela.jpg HTTP 301
https://static.publinews.gt/2020/06/opinion-luisvalenzuela.jpg

Request Chain 201

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-mariaace%C3%B1a.jpg HTTP 301
https://static.publinews.gt/2020/06/opinion-mariaace%C3%B1a.jpg

Request Chain 202

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-nelsonleal-150x150.jpg HTTP 301
https://static.publinews.gt/2020/06/opinion-nelsonleal-150x150.jpg

Request Chain 203

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-paolarivano.jpg HTTP 301
https://static.publinews.gt/2020/06/opinion-paolarivano.jpg

Request Chain 204

https://www.publinews.gt/gt/wp-content/uploads/2022/08/NIN%CC%83O-CREA-SU-PROPIO-A%CC%81LBUM-DEL-MUNDIAL-640x576.jpg HTTP 301
https://static.publinews.gt/2022/08/NIN%CC%83O-CREA-SU-PROPIO-A%CC%81LBUM-DEL-MUNDIAL-640x576.jpg

Request Chain 205

https://www.publinews.gt/gt/wp-content/uploads/2022/08/aparicio-lynner-414x232.jpg HTTP 301
https://static.publinews.gt/2022/08/aparicio-lynner-414x232.jpg

Request Chain 206

https://www.publinews.gt/gt/wp-content/uploads/2022/08/visita-de-infantino-a-Guatemala-1-414x232.jpeg HTTP 301
https://static.publinews.gt/2022/08/visita-de-infantino-a-Guatemala-1-414x232.jpeg

Request Chain 207

https://www.publinews.gt/gt/wp-content/uploads/2022/08/gianni-infantino-presidente-fifa-anima-guatemala-clasificar-mundial-publinews--414x232.jpg HTTP 301
https://static.publinews.gt/2022/08/gianni-infantino-presidente-fifa-anima-guatemala-clasificar-mundial-publinews--414x232.jpg

Request Chain 208

https://www.publinews.gt/gt/wp-content/uploads/2022/08/visita-de-infantino-a-Guatemala-1-640x640.jpeg HTTP 301
https://static.publinews.gt/2022/08/visita-de-infantino-a-Guatemala-1-640x640.jpeg

Request Chain 209

https://www.publinews.gt/gt/wp-content/uploads/2022/08/gianni-infantino-presidente-de-FIFA-visita-guatemala-publinews--414x232.jpg HTTP 301
https://static.publinews.gt/2022/08/gianni-infantino-presidente-de-FIFA-visita-guatemala-publinews--414x232.jpg

Request Chain 210

https://www.publinews.gt/gt/wp-content/uploads/2022/08/eugenio-derbez-comediante-300x168.jpg HTTP 301
https://static.publinews.gt/2022/08/eugenio-derbez-comediante-300x168.jpg

Request Chain 211

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Presentador-de-La-Academia-acciona-contra-mujer-que-lo-acusa-de-abuso-sexual-187x140.jpg HTTP 301
https://static.publinews.gt/2022/08/Presentador-de-La-Academia-acciona-contra-mujer-que-lo-acusa-de-abuso-sexual-187x140.jpg

Request Chain 212

https://www.publinews.gt/gt/wp-content/uploads/2022/08/yailin-la-mas-viral-publinews-1-187x140.jpg HTTP 301
https://static.publinews.gt/2022/08/yailin-la-mas-viral-publinews-1-187x140.jpg

Request Chain 213

https://www.publinews.gt/gt/wp-content/uploads/2022/08/georgina-rodriguez-publinews-1-1-187x140.jpg HTTP 301
https://static.publinews.gt/2022/08/georgina-rodriguez-publinews-1-1-187x140.jpg

Request Chain 214

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Van-Gogh-Suen%CC%83o-Inmersivo-publinews-1-300x300.jpg HTTP 301
https://static.publinews.gt/2022/08/Van-Gogh-Suen%CC%83o-Inmersivo-publinews-1-300x300.jpg

Request Chain 215

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Cesia-y-Andre%CC%81s-187x140.jpg HTTP 301
https://static.publinews.gt/2022/08/Cesia-y-Andre%CC%81s-187x140.jpg

Request Chain 216

https://www.publinews.gt/gt/wp-content/uploads/2019/12/24/eugenioderbezyal-03e2ad4f6af7ed3584aa69493660eb43-187x140.jpg HTTP 301
https://static.publinews.gt/2019/12/24/eugenioderbezyal-03e2ad4f6af7ed3584aa69493660eb43-187x140.jpg

Request Chain 217

https://www.publinews.gt/gt/wp-content/uploads/2018/01/17/ashleygrahamencienderedessexybailelenceria-cf27fce9cade7c55f7f799b5bdaf1214-187x140.jpg HTTP 301
https://static.publinews.gt/2018/01/17/ashleygrahamencienderedessexybailelenceria-cf27fce9cade7c55f7f799b5bdaf1214-187x140.jpg

Request Chain 218

https://www.publinews.gt/gt/wp-content/uploads/2017/08/23/laura-flores-300x168.jpg HTTP 301
https://static.publinews.gt/2017/08/23/laura-flores-300x168.jpg

Request Chain 219

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Clara-Chia-Marti-y-Gerard-Pique-414x232.jpg HTTP 301
https://static.publinews.gt/2022/08/Clara-Chia-Marti-y-Gerard-Pique-414x232.jpg

Request Chain 220

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Robert-Lupone-los-soprano-187x140.png HTTP 301
https://static.publinews.gt/2022/08/Robert-Lupone-los-soprano-187x140.png

Request Chain 221

https://www.publinews.gt/gt/wp-content/uploads/2022/08/eugenio-derbez-comediante-187x140.jpg HTTP 301
https://static.publinews.gt/2022/08/eugenio-derbez-comediante-187x140.jpg

Request Chain 222

https://www.publinews.gt/gt/wp-content/uploads/2022/08/arturo-lopez-gavito-publinews-1-414x232.jpg HTTP 301
https://static.publinews.gt/2022/08/arturo-lopez-gavito-publinews-1-414x232.jpg

Request Chain 223

https://www.publinews.gt/gt/wp-content/uploads/2022/08/House-Of-the-Drago%CC%81n-publinews--187x140.png HTTP 301
https://static.publinews.gt/2022/08/House-Of-the-Drago%CC%81n-publinews--187x140.png

Request Chain 224

https://www.publinews.gt/gt/wp-content/uploads/2022/08/danna-paola-publinews--187x140.jpg HTTP 301
https://static.publinews.gt/2022/08/danna-paola-publinews--187x140.jpg

Request Chain 225

https://www.publinews.gt/gt/wp-content/uploads/2022/08/PORTADA-PUBLINEWS-31-AGOSTO-2022.jpg HTTP 301
https://static.publinews.gt/2022/08/PORTADA-PUBLINEWS-31-AGOSTO-2022.jpg

Request Chain 226

https://www.publinews.gt/gt/wp-content/uploads/2022/08/espacio-ocupacional-restaurante-quetzaltenango-300x300.jpg HTTP 301
https://static.publinews.gt/2022/08/espacio-ocupacional-restaurante-quetzaltenango-300x300.jpg

Request Chain 227

https://www.publinews.gt/gt/wp-content/uploads/2022/08/El-Chavo-del-8-don-Ramo%CC%81n-y-la-Chilindrina-se-lucieron-con-un-gran-show.--300x168.png HTTP 301
https://static.publinews.gt/2022/08/El-Chavo-del-8-don-Ramo%CC%81n-y-la-Chilindrina-se-lucieron-con-un-gran-show.--300x168.png

Request Chain 228

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Reunio%CC%81n-escolar-termina-en-pelea-campal--187x140.png HTTP 301
https://static.publinews.gt/2022/08/Reunio%CC%81n-escolar-termina-en-pelea-campal--187x140.png

Request Chain 229

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Se-hace-viral-un-extran%CC%83o-animal-con-apariencia-de-perro-187x140.png HTTP 301
https://static.publinews.gt/2022/08/Se-hace-viral-un-extran%CC%83o-animal-con-apariencia-de-perro-187x140.png

Request Chain 230

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Maestra-reprueba-a-alumna-por-entregar-tarea-con-lenguaje-inclusivo22--187x140.jpg HTTP 301
https://static.publinews.gt/2022/08/Maestra-reprueba-a-alumna-por-entregar-tarea-con-lenguaje-inclusivo22--187x140.jpg

Request Chain 231

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Nin%CC%83a-de-2-an%CC%83os-mata-a-mordidas-a-una-serpiente-que-la-mordio%CC%81-primero-300x300.png HTTP 301
https://static.publinews.gt/2022/08/Nin%CC%83a-de-2-an%CC%83os-mata-a-mordidas-a-una-serpiente-que-la-mordio%CC%81-primero-300x300.png

Request Chain 232

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Conductor-impacto%CC%81-su-auto-contra-vivienda-y-llego%CC%81-hasta-la-cocina-300x300.jpg HTTP 301
https://static.publinews.gt/2022/08/Conductor-impacto%CC%81-su-auto-contra-vivienda-y-llego%CC%81-hasta-la-cocina-300x300.jpg

Request Chain 233

https://www.publinews.gt/gt/wp-content/uploads/2022/08/descubre-mcdonalandia-mcdonalds-zona-juegos-amenidades-naranjo-mall-publinews-1-300x300.jpeg HTTP 301
https://static.publinews.gt/2022/08/descubre-mcdonalandia-mcdonalds-zona-juegos-amenidades-naranjo-mall-publinews-1-300x300.jpeg

Request Chain 234

https://www.publinews.gt/gt/wp-content/uploads/2022/08/comex-llena-de-color-mirador-las-nubes-solola-emisoras-unidas-publinews-1-300x168.jpg HTTP 301
https://static.publinews.gt/2022/08/comex-llena-de-color-mirador-las-nubes-solola-emisoras-unidas-publinews-1-300x168.jpg

Request Chain 235

https://www.publinews.gt/gt/wp-content/uploads/2022/08/participa-la-ruta-al-bienestar-financiero-bam-museo-ferrocarril-guatemala-publinews-11-300x168.png HTTP 301
https://static.publinews.gt/2022/08/participa-la-ruta-al-bienestar-financiero-bam-museo-ferrocarril-guatemala-publinews-11-300x168.png

Request Chain 236

https://www.publinews.gt/gt/wp-content/uploads/2022/08/anuncian-la-decima-edicion-del-training-day-en-guatemala-publinews-emisoras-unidas-1-1-300x168.jpg HTTP 301
https://static.publinews.gt/2022/08/anuncian-la-decima-edicion-del-training-day-en-guatemala-publinews-emisoras-unidas-1-1-300x168.jpg

Request Chain 237

https://www.publinews.gt/gt/wp-content/uploads/2022/08/tarjetas-cuscatlan-presenta-multipuntos-nuevo-programa-lealtad-emisoras-unidas-publinews-3-300x168.jpg HTTP 301
https://static.publinews.gt/2022/08/tarjetas-cuscatlan-presenta-multipuntos-nuevo-programa-lealtad-emisoras-unidas-publinews-3-300x168.jpg

Request Chain 239

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKRlx80ax8oxRJN35f6kN2o&google_cver=1

Request Chain 241

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEFZWlrawSbAcIGvElw7RNQs&google_cver=1

Request Chain 307

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4DMXExsliuVBZOgpxQrSDUNyMy80eODHMzDfTJlhVgjPwA_1DWfaZWPKPLxO-gAUZl2D-aJy54IrMRKz9DfAPMKBI2fhHQ&google_gid=CAESEBy5mnM3B6SfsCzddbeYXRw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdARzZ3QUFBSmJuU2huYg&google_push=AehlK4DMXExsliuVBZOgpxQrSDUNyMy80eODHMzDfTJlhVgjPwA_1DWfaZWPKPLxO-gAUZl2D-aJy54IrMRKz9DfAPMKBI2fhHQ

Request Chain 311

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECtLw6KL9I7tzu323ozpdkE&google_cver=1&google_push=AehlK4ASP-HYmO-qRt5byAFV71R7R7brypW1KMkiTOWVw38vG5nRSAClz5t47GOc-kKeh6hZPBiQ2xa5tpAFos-Z1yBiRFoBKw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdIVDhRNkItMUotRjNNMQ==&google_push=AehlK4ASP-HYmO-qRt5byAFV71R7R7brypW1KMkiTOWVw38vG5nRSAClz5t47GOc-kKeh6hZPBiQ2xa5tpAFos-Z1yBiRFoBKw

Request Chain 312

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG8Y1tQwBDdGC3BA1FKRf9A&google_cver=1&google_push=AehlK4CXtlxEK_V6yPl2g-CJ1SWiqBbU1ax9rQIS-b3SNrmVN9v7TJLXtkeVy73rCg2CN6ObwTxZpGzGHDNns1_Gsf2HJIUuyA HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEG8Y1tQwBDdGC3BA1FKRf9A&google_hm=Yw-G6kGj6AJO3OUoCkFB-wAAFBQAAAIB&google_nid=index&google_push=AehlK4CXtlxEK_V6yPl2g-CJ1SWiqBbU1ax9rQIS-b3SNrmVN9v7TJLXtkeVy73rCg2CN6ObwTxZpGzGHDNns1_Gsf2HJIUuyA

Request Chain 320

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4CZciONva8KVmZpLo_1EL2VvdEE-ZPyrnITXdSq_aTL71B8iGFxXSNUi2_oUj0rY2QJvREGFJDsPFbbqpZ53udVhLuWT6TM&google_gid=CAESEBy5mnM3B6SfsCzddbeYXRw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdARzZ3QUFBVGxAejNnOA&google_push=AehlK4CZciONva8KVmZpLo_1EL2VvdEE-ZPyrnITXdSq_aTL71B8iGFxXSNUi2_oUj0rY2QJvREGFJDsPFbbqpZ53udVhLuWT6TM

Request Chain 321

https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEO-rr1GExw-wlNCrxPbU5EA&google_cver=1&google_push=AehlK4C1_F7BjcvFrYzx7iBirdbA3xEI85NoI60FmvTl4I3MkfyjsdpQlnbWQGZ4W8rAkTXN3VH5MgCl3Gb-_MvVhXDci94O6OxU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AehlK4C1_F7BjcvFrYzx7iBirdbA3xEI85NoI60FmvTl4I3MkfyjsdpQlnbWQGZ4W8rAkTXN3VH5MgCl3Gb-_MvVhXDci94O6OxU&google_hm=NjM1NjgwMDY1NDY2MDIwNDc5NA== HTTP 302
https://a.rfihub.com/cm?pub=445&google_error=5

Request Chain 324

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG8Y1tQwBDdGC3BA1FKRf9A&google_cver=1&google_push=AehlK4Br68Ri_Wj5sJU9rxsg1gjLd_g3jxdFWrSuM0MUpe5kJLGRAPTg6Oi9-0bLWiAyeQogMGQeyhAWJcjeK8yfu_mAt5_X5Dgeug HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEG8Y1tQwBDdGC3BA1FKRf9A&google_hm=Yw-G6kGj6AJO3OUoCkFB-wAAFBQAAAIB&google_nid=index&google_push=AehlK4Br68Ri_Wj5sJU9rxsg1gjLd_g3jxdFWrSuM0MUpe5kJLGRAPTg6Oi9-0bLWiAyeQogMGQeyhAWJcjeK8yfu_mAt5_X5Dgeug

Request Chain 325

https://match.360yield.com/match/ebda?google_gid=CAESELweTzmXVwwkZdoHfAX4wt0&google_cver=1&google_push=AehlK4BJq43ebq7fHc00YszouYatrI4Vb4-DR4dQCtqhXUQ5oeg4OlrjThCzQLMCUb7rgyFMwOYeYfmEE9sLzMMW-DdM0qobmeCa2Q HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELweTzmXVwwkZdoHfAX4wt0&google_cver=1&google_push=AehlK4BJq43ebq7fHc00YszouYatrI4Vb4-DR4dQCtqhXUQ5oeg4OlrjThCzQLMCUb7rgyFMwOYeYfmEE9sLzMMW-DdM0qobmeCa2Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-wMc6WmcTS2_Udc62KJTGQ&google_push=AehlK4BJq43ebq7fHc00YszouYatrI4Vb4-DR4dQCtqhXUQ5oeg4OlrjThCzQLMCUb7rgyFMwOYeYfmEE9sLzMMW-DdM0qobmeCa2Q

Request Chain 326

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJK4J8rQmm9h38uNILcSstE&google_cver=1&google_push=AehlK4CMwJhPyl_0cwV4rYAI7fEMVqeanlefoP_acAVLi85dVkhzL_Hg69WiCToxKpPCZXJJpau4EZx34FZlK2hAfjIE9Q0GNcVIsg HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJK4J8rQmm9h38uNILcSstE&google_cver=1&google_push=AehlK4CMwJhPyl_0cwV4rYAI7fEMVqeanlefoP_acAVLi85dVkhzL_Hg69WiCToxKpPCZXJJpau4EZx34FZlK2hAfjIE9Q0GNcVIsg&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1YbXdqajUxRTJ1RTNyM1NiTzNyeUlOSlM0X0Qyd0FoX35B&google_push=AehlK4CMwJhPyl_0cwV4rYAI7fEMVqeanlefoP_acAVLi85dVkhzL_Hg69WiCToxKpPCZXJJpau4EZx34FZlK2hAfjIE9Q0GNcVIsg

Request Chain 337

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 341

https://fw.adsafeprotected.com/rfw/st/1034476/65088021/skeleton.js?ias_dspID=3&ias_campId=29064847&ias_pubId=pub-4922954394584665&ias_chanId=1&ias_placementId=17447215411&bidurl=https://www.publinews.gt/gt/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hY-X_nu7KpnNhO2vp7hz5f&adsafe_url=https%3A%2F%2Fwww.publinews.gt%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e70f1ead-3413-e633-19dc-d7a573098838,c:mSWoZo,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b5678d7-5ggg8,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,mtim:392,mot:0,app:0,maw:0,fm:tg6z1ET+11%7C12%7C13%7C141%7C142%7C143%7C151%7C1521%7C16%7C171%7C172%7C18*.1034476-65088021%7C181%7C182%7C183%7C184%7C19%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1c,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:412,oid:cfc6438c-2946-11ed-80aa-fa65dc13225a,v:19.8.346,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/passback_300x600.js

Request Chain 353

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 363

https://hal90003.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=ab0c77a892&subid=&uid=a896bfc1d8fb756c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCnf76YYPY46rMNL63wPa8ILICd2t6Khgu4_f1IgK8C4QASDm3vh9YJXCpoKwB8gBCakCojANkwrIsD6oAwGqBJ4CT9CBAlfD3qQE1lkZvLoDMoa5uK17yg4qBw8AtDG00xqYbiLZY4cMJRzoDMUlCdWNKaX3HLsURQVeRELBWQa3bVw390iYv5hcqFiLx8c_6442cuFGpTyVrH54RBN-VcuNoBfb7DlpwllwkRSzJDyoCjQrALYPvf3TNr8eCAduWbULSr_RIgveVzg15Nr_Q0TF7mD47R4K4XzGd6sYH3a45ccyqOQGw_CYTJ0_ylRYrJOoCySzSIb3_7MKT28VxlsosHT0iBqyoiOj4TDLV18rPo3klhnTd6CVoK9dNPhp2biQzYWpy5mugEGIGTv8cFoFjbQklOBUvgGJlmhFvOSgf6TIIAPKNp1_upYncDXP8HZe3ujVBWNMvEdNwEvKYsAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSLgCsnQUxQykVlEe9bolkZfsPcNI58CtMlCfZCTkxIHCP0tBgoQ1jBvpq8qP-Fbc%26sig%3DAOD64_1k-VImJ0_q-MUZmAu7wUtPm87Yow%26client%3Dca-pub-4922954394584665%26dbm_c%3DAKAmf-CU26BcM9WF_Y7IxDAyh5xE3YSGQqjDybGopUwTqTkyLO9ch3ltzQFlVBea8_0mtcHgSQztSFD2IdqE8LW-Lpz0ilppi-m8X4vDq-xSjXd3vSsb9eszR1ei9u91MRbrTWrds9o_Qr82Y_QJR4nvZOw1494CWA%26cry%3D1%26dbm_d%3DAKAmf-BViONy-B0t72xJ0x4lR0OA4W6Nyu3e4J7kb2nVtdjGPKPsZuB_ZihLZ4lUEr3un1EZu0K28mE0ScArI4VbnrmqTJHkbi8_LlWq9Sd_O4s0wvkPTUnqvnBWFBG8CmW8HDknswEJs4qjf7PLVCWibUnyhpSUxNensb-kKAb-fUPC-ORusTK29fU1BS3glish_75Fom16KTqGeIRqcSnC5sBbYzB4rBO_-zhuSilmEgGtpSr-h8siMLkgY56LRQvnCqmcV8a-H0s0By46o4dm444Y3p8ThA4yiq0s9ZiQcTz5nl-D2eaqmc735sEvera143AqUrnQilS_1Y3OSWDZeZps8n-pgnkNlTa_9kMPpD6G92AYNrzwU6v7s97dDxc6xe5IeU08pOoGXQVGXuUg1GfXZPSN6cxWudNwG0WcbGx8KJEyK6td80fwFw3pC8ZuCXejrczllU-RZZLxKQYi8W7DxFdamUrpqiWgthziUoFLvRFynGcZlLbpGAN9SFS6uXAXkvJf3wGfIUofl04maRbKmZrEwQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.publinews.gt%2F&ancestorOrigins=https%3A%2F%2Fwww.publinews.gt&random=3683725534557&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90003.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=ab0c77a892&subid=&uid=a896bfc1d8fb756c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCnf76YYPY46rMNL63wPa8ILICd2t6Khgu4_f1IgK8C4QASDm3vh9YJXCpoKwB8gBCakCojANkwrIsD6oAwGqBJ4CT9CBAlfD3qQE1lkZvLoDMoa5uK17yg4qBw8AtDG00xqYbiLZY4cMJRzoDMUlCdWNKaX3HLsURQVeRELBWQa3bVw390iYv5hcqFiLx8c_6442cuFGpTyVrH54RBN-VcuNoBfb7DlpwllwkRSzJDyoCjQrALYPvf3TNr8eCAduWbULSr_RIgveVzg15Nr_Q0TF7mD47R4K4XzGd6sYH3a45ccyqOQGw_CYTJ0_ylRYrJOoCySzSIb3_7MKT28VxlsosHT0iBqyoiOj4TDLV18rPo3klhnTd6CVoK9dNPhp2biQzYWpy5mugEGIGTv8cFoFjbQklOBUvgGJlmhFvOSgf6TIIAPKNp1_upYncDXP8HZe3ujVBWNMvEdNwEvKYsAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSLgCsnQUxQykVlEe9bolkZfsPcNI58CtMlCfZCTkxIHCP0tBgoQ1jBvpq8qP-Fbc%26sig%3DAOD64_1k-VImJ0_q-MUZmAu7wUtPm87Yow%26client%3Dca-pub-4922954394584665%26dbm_c%3DAKAmf-CU26BcM9WF_Y7IxDAyh5xE3YSGQqjDybGopUwTqTkyLO9ch3ltzQFlVBea8_0mtcHgSQztSFD2IdqE8LW-Lpz0ilppi-m8X4vDq-xSjXd3vSsb9eszR1ei9u91MRbrTWrds9o_Qr82Y_QJR4nvZOw1494CWA%26cry%3D1%26dbm_d%3DAKAmf-BViONy-B0t72xJ0x4lR0OA4W6Nyu3e4J7kb2nVtdjGPKPsZuB_ZihLZ4lUEr3un1EZu0K28mE0ScArI4VbnrmqTJHkbi8_LlWq9Sd_O4s0wvkPTUnqvnBWFBG8CmW8HDknswEJs4qjf7PLVCWibUnyhpSUxNensb-kKAb-fUPC-ORusTK29fU1BS3glish_75Fom16KTqGeIRqcSnC5sBbYzB4rBO_-zhuSilmEgGtpSr-h8siMLkgY56LRQvnCqmcV8a-H0s0By46o4dm444Y3p8ThA4yiq0s9ZiQcTz5nl-D2eaqmc735sEvera143AqUrnQilS_1Y3OSWDZeZps8n-pgnkNlTa_9kMPpD6G92AYNrzwU6v7s97dDxc6xe5IeU08pOoGXQVGXuUg1GfXZPSN6cxWudNwG0WcbGx8KJEyK6td80fwFw3pC8ZuCXejrczllU-RZZLxKQYi8W7DxFdamUrpqiWgthziUoFLvRFynGcZlLbpGAN9SFS6uXAXkvJf3wGfIUofl04maRbKmZrEwQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.publinews.gt%2F&ancestorOrigins=https%3A%2F%2Fwww.publinews.gt&random=3683725534557&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 374

https://pv.medialead.de/trck/epv/e99aace94e6e5873bba48e32d9e4587b?subid=46587700109294100757589012068003&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=46587700109294100757589012068003&actionid=981741&produktid=&dt_url=

Request Chain 380

https://medialead.de/trck/eview/e99aace94e6e5873bba48e32d9e4587b?subid=46587700109294100757589012068003 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873bba48e32d9e4587b?subid=46587700109294100757589012068003 HTTP 302
https://www.ad-server.eu/wm/pb/giro/business/pb_b2b_300x250.gif

Request Chain 493

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.publinews.gt%2F&domain=www.publinews.gt&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=wBjFAnxhdkU5TG5yMU1vS3dYVzhkanBZREZCQXg5OGpJbzV3Nk9CZ3RybDNtQ0wyMGRSR0xEZjdSY2orbHRSSjhaeE5pellwWmZERWNJRnBNUEZqRVRFcUtaM0Jmc2ZkVGdlSFdibnhBTXh6RW44citCNS9QQkErMWp5UGZtbnR1Wk5WcU1TL3l1c3R5SVdVNXZtV3BRd20xMTlCL3NGeWxlNmRISTFRS2Qwb0crVkRoNGFNZzRERytob3FFK0FxeEhadEN0dyt6enNleDI4eHVoZUdtVEI1bWt4QU1jNStpTGNrQmMvaGw1aVNkSXRUOVIrdTliL3p0czVpQUduTXg3T292fA&cppv=2

Request Chain 514

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661961966918-927637325916-007641-011-001696%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1661961966918-927637325916-007641-011-001696&biddername=200&key=OPTOUT

Request Chain 515

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661961966918-927637325916-007641-011-001696%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1661961966918-927637325916-007641-011-001696&biddername=22&key=fb031ce9-699c-4d2d-bf51-d73ad8a25319

Request Chain 516

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661961966918-927637325916-007641-011-001696%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%3D%7Bdevice_id%7D HTTP 307
https://sync.aniview.com/cookiesyncendpoint?auid=1661961966918-927637325916-007641-011-001696&biddername=56&pid=59c9148628a0612da3689288&key=f2ac55d9-9aa7-406a-a4cb-1495aba6b731

Request Chain 517

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661961966918-927637325916-007641-011-001696%26biddername%3D10%26pid%3D59c9148628a0612da3689288%26key%3D%25%25VGUID%25%25 HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1661961966918-927637325916-007641-011-001696&biddername=10&pid=59c9148628a0612da3689288&key=Eiz7sAAQ4tha&ev=1&us_privacy=${us_privacy}&pid=562704

Request Chain 523

https://video-ads.rubiconproject.com/video/12948/312596/1590248/201/vast.xml?tg_c.language=es&rp_schain=1.0,1!latinon.com,2087,1,,, HTTP 302
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=312596&zone_id=1590248&size_id=201&tg_c.language=es&rp_schain=1.0%2C1%21latinon.com%2C2087%2C1%2C%2C%2C&p_aso.video.api=2&p_aso.video.mimes=application%2Fjavascript%2Cvideo%2Fmp4&tk_vpaid=1&cb=28529542.232179

Request Chain 546

https://ads.stickyadstv.com/auto-user-sync HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=8bf4aa7488dec68eb40dfff52f6b99&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l2310_7138072299756007080&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 551

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.publinews.gt%2F&domain=www.publinews.gt&bundle=PGZF-l9lamk4Z1VDdHRBMnl5UnFUZyUyRjltUmg1ZEU4JTJCZFZicVRlRTROalp4dkVVRDNjJTJGdndmNFBYT1dwMngzZzN6bVlmOVpMYkRUQmVZaHY4MFRzNzVaejAlMkJrbHFFWlQ1S0JPdXBTdUJVVndETDRnQjIlMkIyeGN3cVRTekIlMkZaTkh6MmczdQ&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=OkIjnHx3YTJScmZZc3RaUnp3UVJDek9sS3dTVVcvVUVpRkUvcWUySFN6dll4SnpQRUR2b1d3enh4MzRTa3graWk2cW8vTU5xSWRYKzljSVAybTgxT1lkOVFpNzZNazNqR2ZjVEpvWFdQcjd6R1p3dTErcUtrb0hHdGhrTnNKU3RSOVVIc0RHSEIvclhhTU1PRU9IamhWMGVBWml3dm9iL1FRZjdFQXplald6OFZMbHdpb1ZLYXFTNzFZNkozLzkvTmdtVlhkRWtvR2VTL0hJQVhONk9qcDJjakY3a2FaN1NzSG5SdG9laXRaS0JPeFRSQTBuMkpiS3AvT0FBQkNidDNpS3pYfA&cppv=2

Request Chain 561

https://video-ads.rubiconproject.com/video/12948/312596/1590248/201/vast.xml?tg_c.language=es&rp_schain=1.0,1!latinon.com,2087,1,,, HTTP 302
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=312596&zone_id=1590248&size_id=201&tg_c.language=es&rp_schain=1.0%2C1%21latinon.com%2C2087%2C1%2C%2C%2C&p_aso.video.api=2&p_aso.video.mimes=application%2Fjavascript%2Cvideo%2Fmp4&tk_vpaid=1&cb=28529542.232179

564 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.publinews.gt/gt/
Redirect Chain

http://www.publinews.gt/
https://www.publinews.gt/
https://www.publinews.gt/gt/

343 KB
52 KB

2272ms
2272ms

Document
text/html

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

cd94f91388f0899d82788bc142709c9ab54a4e56dd5f70382413d6e649c61a12

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 52482
Content-Type: text/html; charset=UTF-8
Date: Wed, 31 Aug 2022 16:06:01 GMT
Link: <https://www.publinews.gt/gt/wp-json/>; rel="https://api.w.org/" <https://www.publinews.gt/gt/wp-json/wp/v2/pages/1286779>; rel="alternate"; type="application/json" <https://www.publinews.gt/gt/>; rel=shortlink
Server: nginx/1.20.1
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 31 Aug 2022 16:05:59 GMT
Location: https://www.publinews.gt/gt/
Server: nginx/1.20.1
X-Redirect-By: WordPress
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.min.css
www.publinews.gt/gt/wp-includes/css/dist/block-library/ 79 KB
11 KB 22ms
17ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:17:26 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10523
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK extendify-utilities.css
www.publinews.gt/gt/wp-content/plugins/redux-framework/redux-core/extendify-sdk/public/build/ 49 KB
6 KB 42ms
20ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/redux-framework/redux-core/extendify-sdk/public/build/extendify-utilities.css?ver=13.4

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

12eb11b49335fcd72288d5dc1aacfc8e3b75597ecda77971f873a05babe613de

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:18:52 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5360
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK simple-line-icons.css
www.publinews.gt/gt/wp-content/plugins/meks-flexible-shortcodes/css/simple-line/ 11 KB
3 KB 41ms
17ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/meks-flexible-shortcodes/css/simple-line/simple-line-icons.css?ver=1.3.3

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

f293486948d4cba26c6b835bdd574b4085e62da749b86019f5f6fab3535b0e39

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:18:36 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2363
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
www.publinews.gt/gt/wp-content/plugins/meks-flexible-shortcodes/css/ 15 KB
3 KB 42ms
17ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/meks-flexible-shortcodes/css/style.css?ver=1.3.3

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

4bc4b508bb0ccc41052f6a18eb23441543da2d209c152f62577e954367b4d62d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:18:36 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2892
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK svgs-attachment.css
www.publinews.gt/gt/wp-content/plugins/svg-support/css/ 68 B
315 B 39ms
15ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/svg-support/css/svgs-attachment.css?ver=5.8.2

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

5533874c2b0145642ca304f110240fcdb05253df388c2f7b97c053ad5eb69b65

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Last-Modified: Thu, 16 Dec 2021 03:19:00 GMT
Server: nginx/1.20.1
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK sps_front_style.css
www.publinews.gt/gt/wp-content/plugins/sync-post-with-other-site/assets/css/ 0
246 B 40ms
14ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/sync-post-with-other-site/assets/css/sps_front_style.css?rand=334&ver=1.3.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Last-Modified: Thu, 16 Dec 2021 03:19:01 GMT
Server: nginx/1.20.1
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK left-thumbs.min.css
www.publinews.gt/gt/wp-content/plugins/top-10/css/ 1 KB
748 B 41ms
16ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/top-10/css/left-thumbs.min.css?ver=1.0.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

7e7f4f5cdb2a02c8f4b6d8e6f4ca3b1f18d635d55e5d4b9b1106e79f0f583fde

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:19:03 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 453
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
www.publinews.gt/gt/wp-content/themes/herald/ 315 B
519 B 55ms
16ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/themes/herald/style.css?ver=5.8.2

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

a74074f055c3667b9955b17856ae4908888121a89d494732067ea924ca1a33d7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Jul 2021 21:08:32 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 224
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
www.publinews.gt/gt/wp-content/themes/herald-child/ 169 B
422 B 56ms
17ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/themes/herald-child/style.css?ver=5.8.2

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

0bd39d4aa299fec073c89d8410eba716cd0e30eadcc3fb790e97f0b32f52c014

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 05:55:42 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 127
X-XSS-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 67ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed%3A400%2C700%2C600&subset=latin%2Clatin-ext&ver=2.3.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f40b287808addc4f3d91a36b2e0b25ca9aa1f1cce7d8611fcd2d924295bf0c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 16:06:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 31 Aug 2022 16:06:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Aug 2022 16:06:01 GMT

GET
H/1.1 200
OK min.css
www.publinews.gt/gt/wp-content/themes/herald/assets/css/ 233 KB
38 KB 94ms
54ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/themes/herald/assets/css/min.css?ver=2.3.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

1cf6bc39bed40dc5c00a863f08034028aa0289860a8491a5345f35f587e79d0c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Jul 2021 21:09:18 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38122
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
www.publinews.gt/gt/wp-content/plugins/meks-easy-ads-widget/css/ 705 B
588 B 57ms
15ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/meks-easy-ads-widget/css/style.css?ver=2.0.5

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

4b0e2c1c8e6d92b9083cd952cea6a065485827df78fae548752352da136c3540

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:18:29 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 293
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.css
www.publinews.gt/gt/wp-content/plugins/meks-easy-social-share/assets/css/ 9 KB
2 KB 60ms
18ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/meks-easy-social-share/assets/css/main.css?ver=1.2.6

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

d3592fbffec7c4245f008ef25e57005968575ebb3a6db25cd0b14a261cd0b8ff

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:18:34 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1747
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK wp-review.css
www.publinews.gt/gt/wp-content/plugins/wp-review/public/css/ 37 KB
6 KB 62ms
20ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/wp-review/public/css/wp-review.css?ver=5.3.5

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

438ff3af395513310c69d935eb8c6e521312075673d2fdf0e82a7ad2d3037152

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:19:11 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5976
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.min.js Show response
www.publinews.gt/gt/wp-includes/js/jquery/ 87 KB
30 KB 96ms
42ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:17:26 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30908
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.publinews.gt/gt/wp-includes/js/jquery/ 11 KB
4 KB 70ms
14ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:17:26 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4169
X-XSS-Protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
74 KB 104ms
54ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5QX73SF3RL

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6a61a7daa3ff71f2ac0651cbb2ebe867f0add7af8a3110401467f35b561efba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:01 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75445
x-xss-protection: 0
expires: Wed, 31 Aug 2022 16:06:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 62ms
31ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-53456215-1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4214005ceff241be58d7108c30e533c44f0a2089c1ea06d04d3e7549df7f4a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41957
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Aug 2022 16:06:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
72 KB 68ms
55ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1JWRY3SKE9

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

292a0bbac6cd7b60ded96d79abab5f70d4b352553492cfa46bdf3c1b35360bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:01 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73544
x-xss-protection: 0
expires: Wed, 31 Aug 2022 16:06:01 GMT

GET
H2 200 tag Show response
a.teads.tv/page/82680/ 1 KB
706 B 156ms
61ms Script
application/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/82680/tag
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 947d33645c199a25fb14bedb5cf80a48a61f8558747bd0f4958fb8217f48547e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:01 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 506
expires: Wed, 31 Aug 2022 17:06:01 GMT

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 19 KB
5 KB 98ms
4ms Script
text/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f70a708909ea0e41d9ff70cc101e8ca4a5391ffb134ce3a98b0f5e42d7cb72b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: MY2axGObrvZwSiP12Z8xf0lYd1yv3MC2
content-encoding: br
last-modified: Mon, 22 Aug 2022 09:28:26 GMT
x-amz-request-id: BB2WNHNCEZZRKKN2
etag: "b86fb801339e9f7d8ee05180f9a8320b"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
date: Wed, 31 Aug 2022 16:06:01 GMT
accept-ranges: bytes
content-length: 4822
x-amz-id-2: YkTCLx74pPCKgAe6v5HN2KKQRFOjcbksFDs36wiWRrmuiAsvjW1iEb0OyaTLZqPEJP3a5MlJZMY=

GET
H/1.1 200
OK asyncjs.php Show response
adserver.latinon.com/revive/www/delivery/ 4 KB
5 KB 918ms
98ms Script
text/javascript 64.227.27.145
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://adserver.latinon.com/revive/www/delivery/asyncjs.php

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.227.27.145 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

1feccc5457246a341b82f181fa84317e9dd084c63ac370c1ac43104c3cbf3329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
X-Content-Type-Options: nosniff
Server: nginx
ETag: 11dac5182c2ea03a67dd87cdf9937cd5
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, max-age=3600
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=20
Expire: Wed, 31 Aug 2022 17:06:02 GMT
X-Xss-Protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
57 KB 142ms
59ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6383764698994707

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8af166c1a7244eb90c42560c1f95c047871ca782c3a5707b2e069186b8ce7555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.publinews.gt/
Origin: https://www.publinews.gt
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57431
x-xss-protection: 0
server: cafe
etag: 7761775440789159145
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 31 Aug 2022 16:06:01 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 83ms
32ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d460b3cfa84a55fc0a8ebc41af9c9f5cdcb97b58351aaa6a45e54eb377e22c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28565
x-xss-protection: 0
server: sffe
etag: "1319 / 74 of 1000 / last-modified: 1661943937"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 31 Aug 2022 16:06:01 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 92ms
66ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d460b3cfa84a55fc0a8ebc41af9c9f5cdcb97b58351aaa6a45e54eb377e22c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28565
x-xss-protection: 0
server: sffe
etag: "1319 / 551 of 1000 / last-modified: 1661943937"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 31 Aug 2022 16:06:01 GMT

GET
H/1.1

200
OK

svgpublinews.svg
static.publinews.gt/2020/06/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/06/svgpublinews.svg
https://static.publinews.gt/2020/06/svgpublinews.svg

9 KB
9 KB

78ms
11ms

Image
image/svg+xml

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/svgpublinews.svg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 7965777dcddb12ba6fcbfdb90bbbe664dfeec6ee3fb6a069c1fad9980bc25a10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Last-Modified: Mon, 29 Jun 2020 01:16:03 GMT
Server: nginx/1.20.1
ETag: "5ef940d3-23ac"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9132

Redirect headers

Location: https://static.publinews.gt/2020/06/svgpublinews.svg
Date: Wed, 31 Aug 2022 16:06:01 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1 200
OK portada-web.jpg
www.publinews.gt/gt/portadas/ 18 KB
18 KB 16ms
16ms Image
image/jpeg 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.publinews.gt/gt/portadas/portada-web.jpg?dummy=7337

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

b1d37476f42be18cedf76df6ac4cde79a2b0821226a3346e76b6887c9eb873b8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Last-Modified: Wed, 31 Aug 2022 08:05:00 GMT
Server: nginx/1.20.1
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17975
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK horizontal-slim-10_7.css
cdn-images.mailchimp.com/embedcode/ 2 KB
1 KB 41ms
8ms Stylesheet
text/css 18.66.127.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/horizontal-slim-10_7.css
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.127.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-127-89.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 16 Dec 2015 16:21:55 GMT
Server: AmazonS3
Age: 86245
ETag: W/"bd21b0313fe7dc2b8ac08955a7ef1209"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Tue, 30 Aug 2022 16:08:37 GMT
X-Amz-Cf-Pop: FRA60-P2
X-Amz-Cf-Id: -L9k-dG0fxK_ZLV7ytU_SoSgr_Fda854GX_MPIaA-4wFPfyuRMK9WA==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 73ms
9ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6738) /
Resource Hash: 33558069624c6849e3bedf4ef9ead7bf4cef2afdd7ecb64758a660fa4ae5ed8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Age: 872
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29278
x-tw-cdn: VZ
Last-Modified: Mon, 15 Aug 2022 23:23:32 GMT
Server: ECS (frb/6738)
Etag: "080f1472776d4d1a972a14cea4433aeb+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 publinews.gt.1129387.js Show response
jsc.mgid.com/p/u/ 2 KB
1 KB 248ms
206ms Script
text/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.js
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01b1b907eb9f740683e1f64643fde07ef63a9c1ebbee1958834dd168ff6befd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:01 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: XN8KP9AJ50Q304K5
cf-polished: origSize=2318
cf-ray: 743702d429409177-FRA
last-modified: Wed, 15 Jun 2022 13:21:57 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: lddRBrN7DgjgWWVROM195BSWLNg/JBegWHSC5GwIFUZn3C9dtS5BXGC24t9ye5nxKZh/RWTIkd8=
cf-bgj: minify
server: cloudflare
etag: W/"a0b4c82e20084745c33640f28da9e85c"
vary: Accept-Encoding
x-amz-version-id: 3W3V9xeUWqpKwHNTHWadBVM15xHpPtu5
cache-control: public, max-age=10800
content-type: text/javascript
expires: Wed, 31 Aug 2022 19:06:01 GMT

GET
H/1.1 200
OK opinion-default.jpg
www.publinews.gt/wp-content/uploads/2020/06/ 4 KB
5 KB 18ms
15ms Image
image/jpeg 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.publinews.gt/wp-content/uploads/2020/06/opinion-default.jpg

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

3be29565ed74ebe94b47d147f84748dc076566e4348c72db227ad8cf72a75f24

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Last-Modified: Mon, 29 Jun 2020 01:13:59 GMT
Server: nginx/1.20.1
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4519
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK flickity.css
www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/vendor/flickity/ 2 KB
949 B 16ms
16ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/vendor/flickity/flickity.css?ver=2.2.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

20a22e2a0610fa88287f0f8a033e1f8c5fb3abb7f0a0d527115b6ce3dde328a1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:18:54 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 654
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK shortcodes.css
www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/includes/css/ 45 KB
8 KB 15ms
15ms Stylesheet
text/css 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=5.11.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

568de4a237f78930c495806b9302c91df36f7212ee5af1cc6d9f4abc3ff03b38

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:18:54 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7777
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.js Show response
www.publinews.gt/gt/wp-content/plugins/meks-flexible-shortcodes/js/ 7 KB
2 KB 19ms
14ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/meks-flexible-shortcodes/js/main.js?ver=1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

02007cb9ea5401983a0a4a34d08c1a57c75484d0852194291e124c94b848d474

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:18:36 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1500
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK sps_front_js.js Show response
www.publinews.gt/gt/wp-content/plugins/sync-post-with-other-site/assets/js/ 0
260 B 18ms
13ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/sync-post-with-other-site/assets/js/sps_front_js.js?rand=994&ver=1.3.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Last-Modified: Thu, 16 Dec 2021 03:19:01 GMT
Server: nginx/1.20.1
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top-10-tracker.min.js Show response
www.publinews.gt/gt/wp-content/plugins/top-10/includes/js/ 286 B
459 B 19ms
14ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/top-10/includes/js/top-10-tracker.min.js?ver=1.0

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

d0a77e495359613dd0f75850a9b9a541f059b6f215c76acddb418bedb7a2cf6b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:19:03 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 150
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK imagesloaded.min.js Show response
www.publinews.gt/gt/wp-includes/js/ 5 KB
2 KB 19ms
14ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-includes/js/imagesloaded.min.js?ver=4.1.4

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Sat, 12 Sep 2020 03:45:57 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1834
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK min.js Show response
www.publinews.gt/gt/wp-content/themes/herald/assets/js/ 87 KB
25 KB 23ms
23ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/themes/herald/assets/js/min.js?ver=2.3.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

85d423c5c3713d5ad1fb1529618fb0f6530869a98b53374f292ab1bb5f5bb9ff

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Jul 2021 21:09:18 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25466
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.js Show response
www.publinews.gt/gt/wp-content/plugins/meks-easy-social-share/assets/js/ 551 B
632 B 16ms
16ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/meks-easy-social-share/assets/js/main.js?ver=1.2.6

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

8efd7ef0887f8d97df1f68248a4d6f603ab11021a0f683e61584227ee7a71909

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:18:34 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 323
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK js.cookie.min.js Show response
www.publinews.gt/gt/wp-content/plugins/wp-review/public/js/ 2 KB
1 KB 18ms
18ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/wp-review/public/js/js.cookie.min.js?ver=2.1.4

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

d5b071fda01315f271998e251812dcf8465dcf34bb9e436bb502235700c40eac

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:19:11 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 866
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK underscore.min.js Show response
www.publinews.gt/gt/wp-includes/js/ 19 KB
7 KB 18ms
17ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-includes/js/underscore.min.js?ver=1.13.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:17:26 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7319
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK wp-util.min.js Show response
www.publinews.gt/gt/wp-includes/js/ 1 KB
1014 B 16ms
16ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-includes/js/wp-util.min.js?ver=5.8.2

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:17:26 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 705
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.js Show response
www.publinews.gt/gt/wp-content/plugins/wp-review/public/js/ 3 KB
1 KB 17ms
16ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/wp-review/public/js/main.js?ver=5.3.5

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

b471033f1864708331e5945f9003e0eed1d563d673d2666aca296198b9cc6ca7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:19:11 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1158
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK wp-embed.min.js Show response
www.publinews.gt/gt/wp-includes/js/ 1 KB
1 KB 15ms
15ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-includes/js/wp-embed.min.js?ver=5.8.2

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:17:26 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 765
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK flickity.js Show response
www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/vendor/flickity/ 53 KB
14 KB 17ms
17ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/vendor/flickity/flickity.js?ver=2.2.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

dcc6aaeccd530bcb0e91ef01e2046485f1ad113a865aafb17a740eee4da61e32

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:18:54 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13635
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK index.js Show response
www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/ 12 KB
4 KB 20ms
19ms Script
application/javascript 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/plugins/shortcodes-ultimate/includes/js/shortcodes/index.js?ver=5.11.1

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

860d562b0a45cb007e7a669dc845cc85bec45a5229c67ddc3b11534ff54a9947

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 03:18:54 GMT
Server: nginx/1.20.1
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3666
X-XSS-Protection: 1; mode=block

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/7.15.5/ 19 KB
7 KB 62ms
18ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.15.5/firebase-app.js

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bedab15fd177a9715568682a8b3a04edd59939cafffa07dfd2e6e64b010f757c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 21:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6604
x-xss-protection: 0
last-modified: Thu, 25 Jun 2020 23:15:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 21:55:02 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/7.15.5/ 38 KB
10 KB 64ms
19ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/7.15.5/firebase-messaging.js

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aee7d2f3931049f9fbdccac3d0e7e36eca23ce66c76c464ed28372d7d4559597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 22:21:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10593
x-xss-protection: 0
last-modified: Thu, 25 Jun 2020 23:15:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Aug 2023 22:21:28 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 113 KB
43 KB 32ms
29ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NQLFSFD

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9d57f8635bfcdc58a8a6c09b3d27f6a777637489a8cdb48225fa369051f2f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44362
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Aug 2022 16:06:01 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 113 KB
43 KB 40ms
37ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P5DVV5N

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea35a80e208bae77db49a8e799568fdeb7009b029b0dba356cd5ea658b5d7085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44397
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Aug 2022 16:06:01 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 113 KB
43 KB 38ms
35ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3XQFVX

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd01031da1cd8b94a8a259f39670cd781c2d0c6209a31b2b6052abb23d6ecd74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44396
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Aug 2022 16:06:01 GMT

GET
H2 200 fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
5 KB 42ms
8ms Script
application/javascript 18.66.97.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-24.fra56.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 15:24:03 GMT
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
server: nginx/1.20.0
age: 2518
etag: "61b8b8ab-1090"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 4240
x-amz-cf-id: d-CSRslJPW9a5wd-eYYDbxqGCTnchTgqrlQDGUkvFgqSFa_rpvRpWQ==
expires: Wed, 31 Aug 2022 16:24:03 GMT

GET
H2 200 fi_client.js Show response
ecdn.firstimpression.io/ 347 KB
92 KB 45ms
9ms Script
application/javascript 18.66.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-74.fra60.r.cloudfront.net

Software

nginx/1.20.0 / PHP/8.0.14

Resource Hash

8f5bd601553ad1344a1eac25b660bca1938c94e7907b979e91194e98b0ad90d0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 15:33:25 GMT
content-encoding: br
etag: W/"a680c4d42e35b6226b139a1f65aa0cde"
last-modified: Wed, 31 Aug 2022 15:33:25 UTC
server: nginx/1.20.0
age: 1956
x-powered-by: PHP/8.0.14
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: xhf5BnFujytAxNVnqCueTUZTYpJO3_9y93vIjCfHeOr9JiVl1OafSw==
x-xss-protection: 0

GET
H2 200 pubads_impl_2022082501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
130 KB 105ms
30ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aad48e612efa9d7364a3ad0e06aaa0d46320b7a57cc13697a8997ee9ef7c9101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 31 Aug 2022 15:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132254
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 08:41:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 31 Aug 2023 15:35:03 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 345 B
800 B 129ms
51ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.publinews.gt

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eec356b27f72f835e55d2b242a94ce15e32fb8c83872a47838936ced10968f09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 16:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163
x-xss-protection: 0
expires: Wed, 31 Aug 2022 16:06:01 GMT

GET
H2 200 NaPKcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda1f-uug.woff2
fonts.gstatic.com/s/firasansextracondensed/v10/ 22 KB
23 KB 96ms
31ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasansextracondensed/v10/NaPKcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda1f-uug.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed%3A400%2C700%2C600&subset=latin%2Clatin-ext&ver=2.3.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1ec9625d1c2d3ff00cb5891990c4541a89f096540ee2226e565713d1a189e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.publinews.gt
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 08:12:43 GMT
x-content-type-options: nosniff
age: 114798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22676
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:06:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 08:12:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
73 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5QX73SF3RL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-53456215-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

724e625136faa2b7de23fbae1529a06c26e0d97f69d81a3daac2a771e78dd500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:01 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74582
x-xss-protection: 0
expires: Wed, 31 Aug 2022 16:06:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 62ms
21ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-53456215-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3841
date: Wed, 31 Aug 2022 15:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 31 Aug 2022 17:02:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
72 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1JWRY3SKE9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-53456215-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3cc008988546228de3fb9b305dc5334545fd611363a600fcd68916aa29213d49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:01 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73546
x-xss-protection: 0
expires: Wed, 31 Aug 2022 16:06:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-90285-12&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-53456215-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4afdceff8c9e3c856821320d48b80b7b1ed2263ada5e437b618bbd8d2adfbc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41983
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Aug 2022 16:06:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-52170176-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-53456215-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c9d1dceb9ee7f0e62f7eff491e08042799c74a1e864f809ef0445d893f8142b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41925
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 31 Aug 2022 16:06:01 GMT

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
339 B 153ms
69ms XHR
text/plain 23.47.209.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_15725&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=4f65ebf&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.209.72 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-72.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Aug 2022 16:06:01 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://www.publinews.gt
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Wed, 31 Aug 2022 16:06:01 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
348 B 50ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1JWRY3SKE9&gtm=2oe8t0&_p=305441450&_gaz=1&cid=463825994.1661961962&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661961961&sct=1&seg=0&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1JWRY3SKE9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
348 B 64ms
20ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1JWRY3SKE9&cid=463825994.1661961962&gtm=2oe8t0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1JWRY3SKE9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 90ms
51ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1JWRY3SKE9&cid=463825994.1661961962&gtm=2oe8t0&aip=1&z=2007190012

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 89ms
27ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.publinews.gt

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 16:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 77ms
24ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.publinews.gt

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 16:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 36 KB
12 KB 104ms
73ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3672797894874316&correlator=3789238837071055&eid=31068498%2C31068928%2C31069201%2C44770639%2C44752586&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=168615172%2CGT_PN%2Cad_layer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=3023400616&didk=748846289&sfv=1-0-38&fsapi=false&eri=2&sc=1&cookie_enabled=1&abxe=1&dt=1661961961686&lmt=1661961961&dlt=1661961961328&idt=334&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=463825994.1661961962&ga_sid=1661961962&ga_hid=305441450&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8546c5d40008a98da4af114586dd8aa895fa44a5b7d9eeb8b67bc822c29bb105

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12294
x-xss-protection: 0
google-lineitem-id: 6079252777
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138400463707
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5D31 6 KB
4 KB 153ms
26ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 16:06:01 GMT
expires: Thu, 31 Aug 2023 16:06:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 53ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5QX73SF3RL&gtm=2oe8t0&_p=305441450&_gaz=1&cid=463825994.1661961962&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661961961&sct=1&seg=0&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5QX73SF3RL
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 22ms
22ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5QX73SF3RL&cid=463825994.1661961962&gtm=2oe8t0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5QX73SF3RL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 51ms
51ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5QX73SF3RL&cid=463825994.1661961962&gtm=2oe8t0&aip=1&z=1553122515

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 397 B
236 B 63ms
63ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3672797894874316&correlator=3789238837071055&eid=31068498%2C31068928%2C31069201%2C44770639%2C44752586&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=129480178%2Cpixel&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=1811529524&didk=877900939&sfv=1-0-38&fsapi=false&eri=2&sc=1&cookie_enabled=1&abxe=1&dt=1661961961731&lmt=1661961961&dlt=1661961961328&idt=334&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=463825994.1661961962&ga_sid=1661961962&ga_hid=305441450&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eaca3f440604c93c3caa05b03b5ac1dbefad75f2f393589c23d3dfd3a9174546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 206
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 262ms
261ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3672797894874316&correlator=3789238837071055&eid=31068498%2C31068928%2C31069201%2C44770639%2C44752586&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=168615172%2CGT_PN%2Cad_header&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C970x90%7C970x250%7C320x50%7C320x320%7C320x100%7C320x60%7C350x200&ifi=3&adks=3455657583&didk=3104045238&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1661961961745&lmt=1661961961&dlt=1661961961328&idt=334&adxs=650&adys=8&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&frm=20&vis=1&psz=1600x50&msz=1600x50&fws=0&ohw=0&ga_vid=463825994.1661961962&ga_sid=1661961962&ga_hid=305441450&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01e4cf6fb67b99d8941a2b22c97fb7731c252a251464b0ef213186265926f48f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8929
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.publinews.gt/gt/wp-content/themes/herald/assets/fonts/ 75 KB
76 KB 16ms
15ms Font
application/octet-stream 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/wp-content/themes/herald/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/wp-content/themes/herald/assets/css/min.css?ver=2.3.1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.publinews.gt/gt/wp-content/themes/herald/assets/css/min.css?ver=2.3.1
Origin: https://www.publinews.gt
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Last-Modified: Wed, 05 Jun 2019 17:45:26 GMT
Server: nginx/1.20.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77160
X-XSS-Protection: 1; mode=block

GET
H3 200 NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3SCKr3i-oQ.woff2
fonts.gstatic.com/s/firasansextracondensed/v10/ 23 KB
23 KB 99ms
41ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasansextracondensed/v10/NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3SCKr3i-oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed%3A400%2C700%2C600&subset=latin%2Clatin-ext&ver=2.3.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d9969d56cafe0bcc63350313033ca15ab1acca206040bbfbbdf99e22a1ad2ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.publinews.gt
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 21:40:21 GMT
x-content-type-options: nosniff
age: 498340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23712
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:06:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 21:40:21 GMT

GET
H3 200 NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3USLr3i-oQ.woff2
fonts.gstatic.com/s/firasansextracondensed/v10/ 24 KB
24 KB 82ms
27ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasansextracondensed/v10/NaPPcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda3USLr3i-oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Extra+Condensed%3A400%2C700%2C600&subset=latin%2Clatin-ext&ver=2.3.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f6eeb511e853211c742d1fa125b45ece32fe5711f407c5eb43613670082b3e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.publinews.gt
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 00:07:50 GMT
x-content-type-options: nosniff
age: 489491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24064
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:01:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Aug 2023 00:07:50 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
663 B 69ms
15ms Image
image/x-icon 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 15:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3272
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Sep 2022 15:11:29 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 141ms
26ms Image
image/svg+xml 2.21.185.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.185.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:01 GMT
last-modified: Sun, 03 Jul 2022 06:49:40 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1656855957.074767"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Fri, 30 Sep 2022 16:06:01 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/ 343 KB
121 KB 117ms
85ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6383764698994707&plah=www.publinews.gt

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6383764698994707

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb568542327d4264166e9839781916f91331fc0bae0bb29397ee3ebb4cc66ed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123441
x-xss-protection: 0
server: cafe
etag: 7010565757551956371
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 31 Aug 2022 16:06:01 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/ Frame E872 10 KB
5 KB 52ms
14ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6383764698994707

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16723
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 11:27:18 GMT
etag: 8616628553774171045
expires: Wed, 14 Sep 2022 11:27:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 60ms
31ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=305441450&t=pageview&_s=1&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ul=en-us&de=UTF-8&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1821292393&gjid=2078015005&cid=463825994.1661961962&tid=UA-53456215-1&_gid=298483430.1661961962&_r=1&gtm=2ou8t0&z=421416693

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 58ms
33ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=305441450&t=pageview&_s=1&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ul=en-us&de=UTF-8&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=959825034&gjid=1024378513&cid=463825994.1661961962&tid=UA-90285-12&_gid=298483430.1661961962&_r=1&gtm=2ou8t0&z=638907109

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 54ms
33ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=305441450&t=pageview&_s=1&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ul=en-us&de=UTF-8&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1400850477&gjid=2024487521&cid=463825994.1661961962&tid=UA-52170176-1&_gid=298483430.1661961962&_r=1&gtm=2ou8t0&z=1823612632

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Skin-upa-agosto-publinews-2022.jpg
static.publinews.gt/2022/07/ 470 KB
470 KB 25ms
24ms Image
image/jpeg 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/07/Skin-upa-agosto-publinews-2022.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: b07fe8d2c18f44d35ffaa187fd48bddc1ef81c69476cd0457279790e4c2e0725

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:01 GMT
Last-Modified: Fri, 29 Jul 2022 20:02:40 GMT
Server: nginx/1.20.1
ETag: "62e43ce0-756e3"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 480995

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 32ms
31ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=305441450&t=pageview&_s=1&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ul=en-us&de=UTF-8&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAAC~&jid=854387023&gjid=1617452028&cid=463825994.1661961962&tid=UA-53456215-1&_gid=298483430.1661961962&_r=1&gtm=2wg8t0NQLFSFD&z=124308136

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 33ms
33ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=305441450&t=pageview&_s=1&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ul=en-us&de=UTF-8&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAAC~&jid=557691260&gjid=545173903&cid=463825994.1661961962&tid=UA-52170176-1&_gid=298483430.1661961962&_r=1&gtm=2wg8t0K3XQFVX&z=1416285873

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 33ms
33ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=305441450&t=pageview&_s=1&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ul=en-us&de=UTF-8&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAAC~&jid=439686320&gjid=1419130921&cid=463825994.1661961962&tid=UA-90285-12&_gid=298483430.1661961962&_r=1&gtm=2wg8t0P5DVV5N&z=63902683

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FB2A 0
0 50ms
50ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0dMXQhCjWuT56PXiy2H-p8WAZq3obLn5dBUbcf4X9X8WsunRlTLTfcnO6Aa-thXsQu_TC1Y8hCuY1_Q-G_8xTBtZlWR87f0KPWhQw4y9G6fUkX6JE7VyfDp_2_jVsKQeHQY_qYsr9BS-Od3J3L1RqO2_5qADY4z-_w69rhHVFOWXanXm_rEiezMkz-qXldLjyJGUoBOxWBcXspO8hD-8w6tQVau_MWqxEb9UpqrzQltyyWqHKyID0sxAm-SXLCynmkv6RhcQDRmjab7CR0TBxG6r5NG1n-UO_H5ejvlQvdTypB5m4zzyWJbJWEz4fOahfMiRlBDETe9cMC-EcHAdmf-vLjWxw&sai=AMfl-YTXZ-_-lvpD_yxgmzPAH9n9nPMuqJ3IEDs5nr2ruxHGFazsm_dZ7T6h6QLgO5IYmLPcJBsDtL_iaJVgmDSrgBswM78ygVLUzWLVea05FqHS3HmT8M7iEYxeqP0UqJAfqA&sig=Cg0ArKJSzEs5D26b8NUqEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 16:06:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 31 Aug 2022 16:06:01 GMT

GET
H/1.1 200
OK index.html Show response
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame DBB5 91 KB
92 KB 64ms
11ms Document
text/html 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash: def3fda286cea0ab75ea959813f6965f453356dc35b05fac9e48921cbf3d4668

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 93369
Content-Type: text/html; charset=UTF-8
Date: Wed, 31 Aug 2022 16:06:02 GMT
ETag: "16cb9-5e4cac90dc696"
Keep-Alive: timeout=5, max=100
Last-Modified: Wed, 27 Jul 2022 15:08:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33

GET
H/1.1 200
OK index.html Show response
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame 6228 91 KB
92 KB 69ms
17ms Document
text/html 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash: def3fda286cea0ab75ea959813f6965f453356dc35b05fac9e48921cbf3d4668

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 93369
Content-Type: text/html; charset=UTF-8
Date: Wed, 31 Aug 2022 16:06:02 GMT
ETag: "16cb9-5e4cac90dc696"
Keep-Alive: timeout=5, max=100
Last-Modified: Wed, 27 Jul 2022 15:08:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33

GET
H/1.1 200
OK index.html Show response
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame ECA2 91 KB
92 KB 69ms
18ms Document
text/html 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash: def3fda286cea0ab75ea959813f6965f453356dc35b05fac9e48921cbf3d4668

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 93369
Content-Type: text/html; charset=UTF-8
Date: Wed, 31 Aug 2022 16:06:02 GMT
ETag: "16cb9-5e4cac90dc696"
Keep-Alive: timeout=5, max=100
Last-Modified: Wed, 27 Jul 2022 15:08:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FB2A 141 KB
44 KB 103ms
43ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44757
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661773661488070"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 16:06:02 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FB2A 0
29 B 55ms
54ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 16:06:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 31 Aug 2022 16:06:01 GMT

GET
H/1.1

200
OK

previa-quinta-etapa-vuelta-ciclistica-a-guatemala-2020-publinews-1-300x300.png
static.publinews.gt/2020/10/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/10/previa-quinta-etapa-vuelta-ciclistica-a-guatemala-2020-publinews-1-300x300.png
https://static.publinews.gt/2020/10/previa-quinta-etapa-vuelta-ciclistica-a-guatemala-2020-publinews-1-300x300.png

136 KB
136 KB

28ms
15ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/10/previa-quinta-etapa-vuelta-ciclistica-a-guatemala-2020-publinews-1-300x300.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: a6f0352702b7604323c13594f1c3b74e58b11c1c0847a537511261d06f80ba25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Tue, 27 Oct 2020 03:57:29 GMT
Server: nginx/1.20.1
ETag: "5f979aa9-21e6c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 138860

Redirect headers

Location: https://static.publinews.gt/2020/10/previa-quinta-etapa-vuelta-ciclistica-a-guatemala-2020-publinews-1-300x300.png
Date: Wed, 31 Aug 2022 16:06:01 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

manifestacion-en-contra-de-suspencion-de-los-estatutos-del-COG-3-300x168.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/manifestacion-en-contra-de-suspencion-de-los-estatutos-del-COG-3-300x168.jpg
https://static.publinews.gt/2022/08/manifestacion-en-contra-de-suspencion-de-los-estatutos-del-COG-3-300x168.jpg

16 KB
17 KB

46ms
12ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/manifestacion-en-contra-de-suspencion-de-los-estatutos-del-COG-3-300x168.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: f448ed9142035fd376ba0fe2bd66a804431bad6676b34725297b770d21d64f37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Tue, 30 Aug 2022 18:52:09 GMT
Server: nginx/1.20.1
ETag: "630e5c59-4114"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16660

Redirect headers

Location: https://static.publinews.gt/2022/08/manifestacion-en-contra-de-suspencion-de-los-estatutos-del-COG-3-300x168.jpg
Date: Wed, 31 Aug 2022 16:06:01 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
10 KB 325ms
325ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3672797894874316&correlator=3789238837071055&eid=31068498%2C31068928%2C31069201%2C44770639%2C44752586&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=168615172%2CGT_PN%2Cad_300x250_4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C320x320%7C300x250%7C300x400&ifi=5&adks=1855378003&didk=2409741&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3Da96ead3411a60e86%3AT%3D1661961961%3AS%3DALNI_MY6JD2uwi20VByJoL9x6k2M1siPUA&abxe=1&dt=1661961961990&lmt=1661961961&dlt=1661961961328&idt=334&adxs=805&adys=1129&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&frm=20&vis=1&psz=500x250&msz=500x250&fws=0&ohw=0&psts=AEC3cPJbUmdre4EUetNSgypgfgttgf6wL4wU_ZIIhoU-SteZ30cd3aPDckmPwwUbLRhCuul2xWG-f62t83gCJdjVMSdORg&ga_vid=463825994.1661961962&ga_sid=1661961962&ga_hid=305441450&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99430b6e3b3d0e55d9f3fa7aad1a919743bfbbe97e698a0357787ec967b03af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9791
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 34ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5QX73SF3RL&gtm=2oe8t0&_p=305441450&cid=463825994.1661961962&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1661961961&sct=1&seg=0&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&en=scroll&epn.percent_scrolled=90&_et=8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5QX73SF3RL
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK coronaVirus.jpg
static.publinews.gt/2020/06/ 78 KB
78 KB 18ms
18ms Image
image/jpeg 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/coronaVirus.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 20a7cab4c3d02182a4adf415218a7bf45485746273fba452bf48c4d3cf5df9d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 29 Jun 2020 04:49:00 GMT
Server: nginx/1.20.1
ETag: "5ef972bc-137fb"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79867

GET
H/1.1

200
OK

accidente-de-transito-300x168.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/accidente-de-transito-300x168.jpg
https://static.publinews.gt/2022/08/accidente-de-transito-300x168.jpg

17 KB
17 KB

15ms
15ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/accidente-de-transito-300x168.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: f8100ddd5433052f55abbd975cbaf4d300b5acaeef36e0e47e8a285941920bd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Wed, 31 Aug 2022 14:58:10 GMT
Server: nginx/1.20.1
ETag: "630f7702-449d"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17565

Redirect headers

Location: https://static.publinews.gt/2022/08/accidente-de-transito-300x168.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

accidente-de-transito-trailer-volcado-periferico-31-agosto-2022-pmt-300x168.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/accidente-de-transito-trailer-volcado-periferico-31-agosto-2022-pmt-300x168.jpg
https://static.publinews.gt/2022/08/accidente-de-transito-trailer-volcado-periferico-31-agosto-2022-pmt-300x168.jpg

15 KB
15 KB

28ms
28ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/accidente-de-transito-trailer-volcado-periferico-31-agosto-2022-pmt-300x168.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: ad0cb034a1ea6a2c67906a36f384b1960f3130f9a8605feb0d030878a508c8a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Wed, 31 Aug 2022 14:25:42 GMT
Server: nginx/1.20.1
ETag: "630f6f66-3ae1"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15073

Redirect headers

Location: https://static.publinews.gt/2022/08/accidente-de-transito-trailer-volcado-periferico-31-agosto-2022-pmt-300x168.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

nelson-carreras-publinews-300x168.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/nelson-carreras-publinews-300x168.jpg
https://static.publinews.gt/2022/08/nelson-carreras-publinews-300x168.jpg

14 KB
14 KB

26ms
25ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/nelson-carreras-publinews-300x168.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 1b15e526bc6cb6b3e03ab22a6c585f1ca05e34bbee1be501676126492fb3c8a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 08 Aug 2022 04:24:21 GMT
Server: nginx/1.20.1
ETag: "62f08ff5-378b"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14219

Redirect headers

Location: https://static.publinews.gt/2022/08/nelson-carreras-publinews-300x168.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

hospital-san-juan-de-dios-pandemia-covid-19-coronavirus-guatemala-1-de-septiembre-2021-publinews-edwin-bercian-7-300x168.jpg
static.publinews.gt/2021/09/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2021/09/hospital-san-juan-de-dios-pandemia-covid-19-coronavirus-guatemala-1-de-septiembre-2021-publinews-edwin-bercian-7-300x168.jpg
https://static.publinews.gt/2021/09/hospital-san-juan-de-dios-pandemia-covid-19-coronavirus-guatemala-1-de-septiembre-2021-publinews-edwin-bercian-7-300x168.jpg

13 KB
13 KB

38ms
19ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2021/09/hospital-san-juan-de-dios-pandemia-covid-19-coronavirus-guatemala-1-de-septiembre-2021-publinews-edwin-bercian-7-300x168.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 5481dd7de36de039271fe67000794500e2b58e5c3928941c2d455c90da69f596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Wed, 01 Sep 2021 19:06:00 GMT
Server: nginx/1.20.1
ETag: "612fcf18-33e1"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13281

Redirect headers

Location: https://static.publinews.gt/2021/09/hospital-san-juan-de-dios-pandemia-covid-19-coronavirus-guatemala-1-de-septiembre-2021-publinews-edwin-bercian-7-300x168.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

laboratorio-movil-hisopados-pruebas-covid-19-coronavirus-guatemala-julio-2022-3-foto-ministerio-de-salud-187x140.jpg
static.publinews.gt/2022/07/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/07/laboratorio-movil-hisopados-pruebas-covid-19-coronavirus-guatemala-julio-2022-3-foto-ministerio-de-salud-187x140.jpg
https://static.publinews.gt/2022/07/laboratorio-movil-hisopados-pruebas-covid-19-coronavirus-guatemala-julio-2022-3-foto-ministerio-de-salud-187x140.jpg

9 KB
9 KB

38ms
14ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/07/laboratorio-movil-hisopados-pruebas-covid-19-coronavirus-guatemala-julio-2022-3-foto-ministerio-de-salud-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: d9d5edd148587000bfe55d7aac8dbb8cca56983ea943193fc9a86fa75f9febc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Wed, 06 Jul 2022 15:48:35 GMT
Server: nginx/1.20.1
ETag: "62c5aed3-224a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8778

Redirect headers

Location: https://static.publinews.gt/2022/07/laboratorio-movil-hisopados-pruebas-covid-19-coronavirus-guatemala-julio-2022-3-foto-ministerio-de-salud-187x140.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

pruebas-covid-19-hisopados-plaza-constitucion-publinews5-187x140.jpg
static.publinews.gt/2022/07/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/07/pruebas-covid-19-hisopados-plaza-constitucion-publinews5-187x140.jpg
https://static.publinews.gt/2022/07/pruebas-covid-19-hisopados-plaza-constitucion-publinews5-187x140.jpg

7 KB
7 KB

36ms
14ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/07/pruebas-covid-19-hisopados-plaza-constitucion-publinews5-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 4fe5b47e7a09066a05bddeccd186c45d843df3ca22377b8c8d6e49d9fcd53f7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Sat, 09 Jul 2022 19:41:26 GMT
Server: nginx/1.20.1
ETag: "62c9d9e6-1aea"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6890

Redirect headers

Location: https://static.publinews.gt/2022/07/pruebas-covid-19-hisopados-plaza-constitucion-publinews5-187x140.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

corea-norte-reporta-4-posibles-nuevos-casos-covid-19-publinews-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/corea-norte-reporta-4-posibles-nuevos-casos-covid-19-publinews-187x140.jpg
https://static.publinews.gt/2022/08/corea-norte-reporta-4-posibles-nuevos-casos-covid-19-publinews-187x140.jpg

7 KB
7 KB

15ms
15ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/corea-norte-reporta-4-posibles-nuevos-casos-covid-19-publinews-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 0ff7037954a24b7731d5a03a63186a85b4a7198516650a00fb3cd0620d7d06e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Thu, 25 Aug 2022 13:59:11 GMT
Server: nginx/1.20.1
ETag: "6307802f-1a03"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6659

Redirect headers

Location: https://static.publinews.gt/2022/08/corea-norte-reporta-4-posibles-nuevos-casos-covid-19-publinews-187x140.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 66ms
28ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.publinews.gt

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 64ms
26ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.publinews.gt

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 118 KB
43 KB 565ms
565ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3672797894874316&correlator=3789238837071055&eid=31068498%2C31068928%2C31069201%2C44770639%2C44752586&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=168615172%2CGT_PN%2Cad_300x250_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x400%7C300x600%7C320x320&ifi=6&adks=1216183410&didk=4218488591&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3Da96ead3411a60e86%3AT%3D1661961961%3AS%3DALNI_MY6JD2uwi20VByJoL9x6k2M1siPUA&abxe=1&dt=1661961962035&lmt=1661961962&dlt=1661961961328&idt=334&adxs=1148&adys=2032&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&frm=20&vis=1&psz=332x28&msz=332x28&fws=0&ohw=0&psts=AEC3cPJbUmdre4EUetNSgypgfgttgf6wL4wU_ZIIhoU-SteZ30cd3aPDckmPwwUbLRhCuul2xWG-f62t83gCJdjVMSdORg&ga_vid=463825994.1661961962&ga_sid=1661961962&ga_hid=305441450&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06e0998bb8c350d47471adeaf521b8d9e6c75a24c6bb5426dbdb24ad86ddfa81

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CILukuO68fkCFcv7dwodv9MHVw&gqi=&layout=/sadbundle/%24csp%253Der3%24/3163706257327840831/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CILukuO68fkCFcv7dwodv9MHVw&gqi=&layout=/sadbundle/%24csp%253Der3%24/3163706257327840831/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44162
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Wed, 31 Aug 2022 16:06:02 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 spc_fi.php Show response
cdn.firstimpression.io/delivery/ 58 KB
13 KB 81ms
57ms XHR
application/json 18.66.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=7934&url=%2Fgt%2F&charset=UTF-8&ch=16&ref=www.publinews.gt&viewerId=null&referer=&_firid=24364879
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-74.fra60.r.cloudfront.net
Software: nginx/1.20.0 / PHP/8.0.14
Resource Hash: 636afd2a6d36095b82bdedd230ffe3020243582d46a259749d5be8258d9b4a65

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: gzip
x-amz-cf-pop: FRA60-P2
x-powered-by: PHP/8.0.14
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
access-control-allow-origin: https://www.publinews.gt
server: nginx/1.20.0
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: ppjH01Qmthinpxti2XczGKu5OyAtom9t8V8FfLmMhLmTy7WW1Xly3g==
expires: 0

GET
H3 200 container.html Show response
f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6151 6 KB
3 KB 75ms
22ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 16:06:02 GMT
expires: Thu, 31 Aug 2023 16:06:02 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

pacientes-en-el-hospital-roosevelt-en-guatemala-dan-positivo-a-pruebas-de-covid-19-pandemia-coronavirus-31-de-enero-de-2022-fotos-publinews-300x300.jpg
static.publinews.gt/2022/01/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/01/pacientes-en-el-hospital-roosevelt-en-guatemala-dan-positivo-a-pruebas-de-covid-19-pandemia-coronavirus-31-de-enero-de-2022-fotos-publinews-30...
https://static.publinews.gt/2022/01/pacientes-en-el-hospital-roosevelt-en-guatemala-dan-positivo-a-pruebas-de-covid-19-pandemia-coronavirus-31-de-enero-de-2022-fotos-publinews-300x300.jpg

13 KB
13 KB

13ms
13ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/01/pacientes-en-el-hospital-roosevelt-en-guatemala-dan-positivo-a-pruebas-de-covid-19-pandemia-coronavirus-31-de-enero-de-2022-fotos-publinews-300x300.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 501e62c6e0c1d488fc66e31ced03aba2702df783387148fe1b8c4239bcc7d074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 31 Jan 2022 19:32:54 GMT
Server: nginx/1.20.1
ETag: "61f83966-330d"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13069

Redirect headers

Location: https://static.publinews.gt/2022/01/pacientes-en-el-hospital-roosevelt-en-guatemala-dan-positivo-a-pruebas-de-covid-19-pandemia-coronavirus-31-de-enero-de-2022-fotos-publinews-300x300.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

jornada-vacunacion-contra-la-covid-coronavirus-en-paseo-la-sexta-avenida-guatemala-zona-1-7-de-febrero-2022-foto-edwin-bercian-publinews-emisoras-unidas-4-300x300.jpg
static.publinews.gt/2022/02/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/02/jornada-vacunacion-contra-la-covid-coronavirus-en-paseo-la-sexta-avenida-guatemala-zona-1-7-de-febrero-2022-foto-edwin-bercian-publinews-emiso...
https://static.publinews.gt/2022/02/jornada-vacunacion-contra-la-covid-coronavirus-en-paseo-la-sexta-avenida-guatemala-zona-1-7-de-febrero-2022-foto-edwin-bercian-publinews-emisoras-unidas-4-300x30...

16 KB
16 KB

14ms
14ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/02/jornada-vacunacion-contra-la-covid-coronavirus-en-paseo-la-sexta-avenida-guatemala-zona-1-7-de-febrero-2022-foto-edwin-bercian-publinews-emisoras-unidas-4-300x300.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e35db8b1d2fa2c61290c6d2963bbb8c944825be440a59e40c2ca6a8e1bbdba3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 07 Feb 2022 19:00:53 GMT
Server: nginx/1.20.1
ETag: "62016c65-3e54"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15956

Redirect headers

Location: https://static.publinews.gt/2022/02/jornada-vacunacion-contra-la-covid-coronavirus-en-paseo-la-sexta-avenida-guatemala-zona-1-7-de-febrero-2022-foto-edwin-bercian-publinews-emisoras-unidas-4-300x300.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

jeringa-vacuna-300x300.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/jeringa-vacuna-300x300.jpg
https://static.publinews.gt/2022/08/jeringa-vacuna-300x300.jpg

13 KB
14 KB

25ms
25ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/jeringa-vacuna-300x300.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: f85d0f6cef01d5f18cfc5a169161c7d723039494ef0fc712878aafc2e690fbd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Wed, 31 Aug 2022 05:40:27 GMT
Server: nginx/1.20.1
ETag: "630ef44b-35c1"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13761

Redirect headers

Location: https://static.publinews.gt/2022/08/jeringa-vacuna-300x300.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Candidoilegalidades-300x168.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Candidoilegalidades-300x168.jpg
https://static.publinews.gt/2022/08/Candidoilegalidades-300x168.jpg

10 KB
10 KB

15ms
13ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/Candidoilegalidades-300x168.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: f57845b064a26d7f08b24b1ab52fc7e0b6fc185cf3d3a6818f882faa7c9c46ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Wed, 31 Aug 2022 04:10:02 GMT
Server: nginx/1.20.1
ETag: "630edf1a-27c0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10176

Redirect headers

Location: https://static.publinews.gt/2022/08/Candidoilegalidades-300x168.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

omar-franco-extitular-sat-300x300.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/omar-franco-extitular-sat-300x300.jpg
https://static.publinews.gt/2022/08/omar-franco-extitular-sat-300x300.jpg

14 KB
14 KB

15ms
13ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/omar-franco-extitular-sat-300x300.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: ba64d0b9ec6285834517ef3f3d3029ec5e07c50380f911de891f7a92216d7562

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Wed, 31 Aug 2022 01:32:26 GMT
Server: nginx/1.20.1
ETag: "630eba2a-378d"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14221

Redirect headers

Location: https://static.publinews.gt/2022/08/omar-franco-extitular-sat-300x300.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

inauguran-edificio-atencion-animal-santa-catarina-pinula-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/inauguran-edificio-atencion-animal-santa-catarina-pinula-187x140.jpg
https://static.publinews.gt/2022/08/inauguran-edificio-atencion-animal-santa-catarina-pinula-187x140.jpg

8 KB
9 KB

16ms
16ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/inauguran-edificio-atencion-animal-santa-catarina-pinula-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: bebd22e0d2e170ed848979c4a2d7b46b947aab1f85887421bc99bcf8cb18a535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Wed, 31 Aug 2022 00:10:04 GMT
Server: nginx/1.20.1
ETag: "630ea6dc-212c"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8492

Redirect headers

Location: https://static.publinews.gt/2022/08/inauguran-edificio-atencion-animal-santa-catarina-pinula-187x140.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

heart-intercambio-medicos-eeuu-guatemala-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/heart-intercambio-medicos-eeuu-guatemala-187x140.jpg
https://static.publinews.gt/2022/08/heart-intercambio-medicos-eeuu-guatemala-187x140.jpg

8 KB
8 KB

16ms
16ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/heart-intercambio-medicos-eeuu-guatemala-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 25742a542a49a5e301deb22ccbbf81d19f779a63427ba59eff1a01ce68fd29ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Tue, 30 Aug 2022 20:56:01 GMT
Server: nginx/1.20.1
ETag: "630e7961-20b8"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8376

Redirect headers

Location: https://static.publinews.gt/2022/08/heart-intercambio-medicos-eeuu-guatemala-187x140.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 74ms
32ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-53456215-1&cid=463825994.1661961962&jid=1821292393&gjid=2078015005&_gid=298483430.1661961962&_u=YADAAUAAAAAAAC~&z=815421007

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 31 Aug 2022 16:06:02 GMT
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 73ms
31ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-90285-12&cid=463825994.1661961962&jid=959825034&gjid=1024378513&_gid=298483430.1661961962&_u=YADAAUABAAAAAC~&z=1589964469

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 31 Aug 2022 16:06:02 GMT
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 74ms
33ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-52170176-1&cid=463825994.1661961962&jid=1400850477&gjid=2024487521&_gid=298483430.1661961962&_u=YADAAUABAAAAAC~&z=1152515294

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 31 Aug 2022 16:06:02 GMT
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 73ms
32ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-53456215-1&cid=463825994.1661961962&jid=854387023&gjid=1617452028&_gid=298483430.1661961962&_u=aADAAUABAAAAAC~&z=1515400977

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 31 Aug 2022 16:06:02 GMT
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 58ms
34ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-52170176-1&cid=463825994.1661961962&jid=557691260&gjid=545173903&_gid=298483430.1661961962&_u=aADAAUABAAAAAC~&z=394920493

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 31 Aug 2022 16:06:02 GMT
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 57ms
33ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-90285-12&cid=463825994.1661961962&jid=439686320&gjid=1419130921&_gid=298483430.1661961962&_u=aADAAUABAAAAAC~&z=462340266

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 31 Aug 2022 16:06:02 GMT
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 118 KB
43 KB 761ms
761ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3672797894874316&correlator=3789238837071055&eid=31068498%2C31068928%2C31069201%2C44770639%2C44752586&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=168615172%2CGT_PN%2Cad_300x250_3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x400%7C300x600%7C320x320&ifi=7&adks=3649687490&didk=4218488588&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3Dcd6cea47d8f1844f%3AT%3D1661961961%3AS%3DALNI_MZvvvsOUiZk6ZoyRb3yR-BYpbQkfA&abxe=1&dt=1661961962130&lmt=1661961962&dlt=1661961961328&idt=334&adxs=1148&adys=3016&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&frm=20&vis=1&psz=332x28&msz=332x28&fws=0&ohw=0&psts=AEC3cPJbUmdre4EUetNSgypgfgttgf6wL4wU_ZIIhoU-SteZ30cd3aPDckmPwwUbLRhCuul2xWG-f62t83gCJdjVMSdORg&ga_vid=463825994.1661961962&ga_sid=1661961962&ga_hid=305441450&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5f15c0f650cd556ffd2a583ca17bc0eea93896a368e498becb94cc70ed2d389

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLTQo-O68fkCFYOIgwcdrTQDhw&gqi=&layout=/sadbundle/%24csp%253Der3%24/3163706257327840831/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLTQo-O68fkCFYOIgwcdrTQDhw&gqi=&layout=/sadbundle/%24csp%253Der3%24/3163706257327840831/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44379
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Wed, 31 Aug 2022 16:06:02 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

centinelas-oracion-juventud-congreso-6-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/centinelas-oracion-juventud-congreso-6-187x140.jpg
https://static.publinews.gt/2022/08/centinelas-oracion-juventud-congreso-6-187x140.jpg

10 KB
10 KB

17ms
16ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/centinelas-oracion-juventud-congreso-6-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 11c06de8ef1ec20c136bdfdd382c33b766a571ab8054d1ac9986c3ad153e9514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Tue, 30 Aug 2022 18:42:27 GMT
Server: nginx/1.20.1
ETag: "630e5a13-283b"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10299

Redirect headers

Location: https://static.publinews.gt/2022/08/centinelas-oracion-juventud-congreso-6-187x140.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

nina-muere-golpeada-granizo-tormenta-espana-publinews-300x168.jpeg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/nina-muere-golpeada-granizo-tormenta-espana-publinews-300x168.jpeg
https://static.publinews.gt/2022/08/nina-muere-golpeada-granizo-tormenta-espana-publinews-300x168.jpeg

18 KB
18 KB

17ms
16ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/nina-muere-golpeada-granizo-tormenta-espana-publinews-300x168.jpeg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 0b1e3fa98eb243884f760147e9304bc32541d99e61a4382e3cdc66f2a9121abb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Wed, 31 Aug 2022 13:42:31 GMT
Server: nginx/1.20.1
ETag: "630f6547-4856"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18518

Redirect headers

Location: https://static.publinews.gt/2022/08/nina-muere-golpeada-granizo-tormenta-espana-publinews-300x168.jpeg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

murio-expresidente-sovietico-mijail-gorbachov-publinews-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/murio-expresidente-sovietico-mijail-gorbachov-publinews-187x140.jpg
https://static.publinews.gt/2022/08/murio-expresidente-sovietico-mijail-gorbachov-publinews-187x140.jpg

6 KB
6 KB

17ms
16ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/murio-expresidente-sovietico-mijail-gorbachov-publinews-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: fa9aefda737b61a1b83c8ee9fcbd6ea14c2a61f48ee6d6bdaf1531fd96afa714

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Tue, 30 Aug 2022 21:12:27 GMT
Server: nginx/1.20.1
ETag: "630e7d3b-1606"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5638

Redirect headers

Location: https://static.publinews.gt/2022/08/murio-expresidente-sovietico-mijail-gorbachov-publinews-187x140.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

murio-camilo-guevara-march-hijo-che-guevara-publinews-187x140.png
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/murio-camilo-guevara-march-hijo-che-guevara-publinews-187x140.png
https://static.publinews.gt/2022/08/murio-camilo-guevara-march-hijo-che-guevara-publinews-187x140.png

33 KB
34 KB

34ms
33ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/murio-camilo-guevara-march-hijo-che-guevara-publinews-187x140.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 20105a9ea23b5e61401fa1f3fbf846c4ecdfc5544a8094b98e07fc0e610fe91f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Tue, 30 Aug 2022 13:20:16 GMT
Server: nginx/1.20.1
ETag: "630e0e90-85f1"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34289

Redirect headers

Location: https://static.publinews.gt/2022/08/murio-camilo-guevara-march-hijo-che-guevara-publinews-187x140.png
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

murio-hombre-mas-solitario-mundo-amazonia-brasilena-publinews-187x140.png
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/murio-hombre-mas-solitario-mundo-amazonia-brasilena-publinews-187x140.png
https://static.publinews.gt/2022/08/murio-hombre-mas-solitario-mundo-amazonia-brasilena-publinews-187x140.png

46 KB
46 KB

24ms
24ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/murio-hombre-mas-solitario-mundo-amazonia-brasilena-publinews-187x140.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 4f790ff3954d68b63058e55090a0342c4da8553f87b82bf1bb1863e0fb889543

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 29 Aug 2022 22:21:55 GMT
Server: nginx/1.20.1
ETag: "630d3c03-b626"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46630

Redirect headers

Location: https://static.publinews.gt/2022/08/murio-hombre-mas-solitario-mundo-amazonia-brasilena-publinews-187x140.png
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

soldado-ruso-que-muestra-el-cra%CC%81neo-de-un-ucraniano-300x300.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/soldado-ruso-que-muestra-el-cra%CC%81neo-de-un-ucraniano-300x300.jpg
https://static.publinews.gt/2022/08/soldado-ruso-que-muestra-el-cra%CC%81neo-de-un-ucraniano-300x300.jpg

16 KB
16 KB

14ms
13ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/soldado-ruso-que-muestra-el-cra%CC%81neo-de-un-ucraniano-300x300.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 4f5d84442beb96eed73c1fe4d54cb86b3ad4ba90b041c1c44e4f314d7ad9e1bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 29 Aug 2022 18:49:54 GMT
Server: nginx/1.20.1
ETag: "630d0a52-3fbd"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16317

Redirect headers

Location: https://static.publinews.gt/2022/08/soldado-ruso-que-muestra-el-cra%CC%81neo-de-un-ucraniano-300x300.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H2 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame DBB5 136 KB
46 KB 94ms
26ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.emisorasunidas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:01:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46978
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 19:45:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Aug 2022 16:16:33 GMT

GET
H2 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame 6228 136 KB
46 KB 124ms
57ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.emisorasunidas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:01:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46978
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 19:45:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Aug 2022 16:16:33 GMT

GET
H2 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame ECA2 136 KB
46 KB 138ms
70ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.emisorasunidas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:01:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46978
x-xss-protection: 0
last-modified: Mon, 06 Jun 2022 19:45:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Aug 2022 16:16:33 GMT

GET
H/1.1 200
OK / Show response
tag.escalated.io/ 103 KB
40 KB 149ms
39ms Script
text/javascript 54.78.253.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.publinews.gt&type=display&cust=7934&sid=direct&c=&cust2=direct

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-78-253-158.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

e2bc317a3f54afb1933d31d4f51a70dfa52a29e19a02bf8dadaebb3f4596b56f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 29 Aug 2022 15:02:45 GMT
Server: Apache
ETag: "19c1a-5e7628e5faf40"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 40512
X-XSS-Protection: 1; mode=block

GET
H2 200 prebidamp.js Show response
ecdn.firstimpression.io/static/js/ 312 KB
97 KB 31ms
8ms Script
application/javascript 18.66.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-74.fra60.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer: https://www.publinews.gt/
Origin: https://www.publinews.gt
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 15:52:24 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
server: nginx/1.20.0
age: 3017
etag: W/"61b8b8ab-4e128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: a7VJsKqPnX9eeF2FAG8Xxsw3dskh0vQzQID0F76zp9rNHTst456KEQ==
via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
expires: Wed, 31 Aug 2022 16:15:45 GMT

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ 26 KB
9 KB 36ms
11ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.publinews.gt/
Origin: https://www.publinews.gt
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 24972
x-jsd-version: 1.13.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8874
etag: W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
x-served-by: cache-fra19158-FRA
x-jsd-version-type: version
date: Wed, 31 Aug 2022 16:06:02 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 161 KB
41 KB 51ms
12ms Script
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a17bf5a5e1a1e1c69faa10ec7a45118181b51ca287bb2374c32798eff7edbb09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 31 Aug 2022 15:36:43 GMT
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront), 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 16:04:10 GMT
server: AmazonS3
age: 1760
etag: W/"a702d6a9b82e18143638cd1f28cbb7a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA56-P3
content-encoding: gzip
x-amz-cf-id: y0MdvqKtLZzu4NOrmUxEFhORlM0JJvVM264tZKAwmAzrjjRxv5sDrg==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
647 B 97ms
34ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.publinews.gt&callback=_gfp_s_&client=ca-pub-6383764698994707&cookie=ID%3Dcd6cea47d8f1844f%3AT%3D1661961961%3AS%3DALNI_MZvvvsOUiZk6ZoyRb3yR-BYpbQkfA

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6383764698994707&plah=www.publinews.gt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

0527094a14ae07f5261f23217802d0d9175fb4451727954adea8c3a46b82d678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&tn=IFRAME&id=google_ads_iframe_%2F168615172%2FGT_PN%2Fad_layer_1&ign=false&pw=1600&ph=1200&x=0&y=69.6

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A406 0
16 B 171ms
120ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&adk=1812271804&adf=1573534164&lmt=1661961962&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661961961807&bpp=3&bdt=479&idt=381&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd6cea47d8f1844f%3AT%3D1661961961%3AS%3DALNI_MZvvvsOUiZk6ZoyRb3yR-BYpbQkfA&nras=1&correlator=4211812736668&frm=20&pv=2&ga_vid=463825994.1661961962&ga_sid=1661961962&ga_hid=305441450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771162%2C44771548&oid=2&pvsid=3672797894874316&tmod=193539051&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=401

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 16:06:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

aplazan-lanzamiento-mision-artemis-i-nasa-problema-motor-publinews-187x140.png
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/aplazan-lanzamiento-mision-artemis-i-nasa-problema-motor-publinews-187x140.png
https://static.publinews.gt/2022/08/aplazan-lanzamiento-mision-artemis-i-nasa-problema-motor-publinews-187x140.png

41 KB
42 KB

13ms
12ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/aplazan-lanzamiento-mision-artemis-i-nasa-problema-motor-publinews-187x140.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 47f0d2d106e5abe1a5aa5f092d8d1d09dff436c1dfc4b47f2a944b66b9792311

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 29 Aug 2022 13:09:07 GMT
Server: nginx/1.20.1
ETag: "630cba73-a5d7"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42455

Redirect headers

Location: https://static.publinews.gt/2022/08/aplazan-lanzamiento-mision-artemis-i-nasa-problema-motor-publinews-187x140.png
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

debate-presidencial-bolsonaro-lula-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/debate-presidencial-bolsonaro-lula-187x140.jpg
https://static.publinews.gt/2022/08/debate-presidencial-bolsonaro-lula-187x140.jpg

9 KB
9 KB

14ms
14ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/debate-presidencial-bolsonaro-lula-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: dfaf8d73be470252fc6dd20cfccda6c98ed6d6503cf0ba944ec4b6482820b2b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 29 Aug 2022 05:17:28 GMT
Server: nginx/1.20.1
ETag: "630c4be8-223f"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8767

Redirect headers

Location: https://static.publinews.gt/2022/08/debate-presidencial-bolsonaro-lula-187x140.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

hillary-clinton-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/hillary-clinton-187x140.jpg
https://static.publinews.gt/2022/08/hillary-clinton-187x140.jpg

6 KB
6 KB

15ms
14ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/hillary-clinton-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 390eedd6493a1a6fcbc79bbdf9dbaa97af9dc20ae608746e18f2d541378b5d91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 29 Aug 2022 00:48:10 GMT
Server: nginx/1.20.1
ETag: "630c0cca-17c8"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6088

Redirect headers

Location: https://static.publinews.gt/2022/08/hillary-clinton-187x140.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Al-menos-12-heridos-dejo%CC%81-un-accidente-en-una-montan%CC%83a-rusa-300x168.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Al-menos-12-heridos-dejo%CC%81-un-accidente-en-una-montan%CC%83a-rusa-300x168.jpg
https://static.publinews.gt/2022/08/Al-menos-12-heridos-dejo%CC%81-un-accidente-en-una-montan%CC%83a-rusa-300x168.jpg

10 KB
10 KB

13ms
12ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/Al-menos-12-heridos-dejo%CC%81-un-accidente-en-una-montan%CC%83a-rusa-300x168.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 6e24d3527c0d9bebc03ee87d68544d0543471a2da12361beaa3729b2ba16beee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Sat, 27 Aug 2022 15:47:11 GMT
Server: nginx/1.20.1
ETag: "630a3c7f-2766"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10086

Redirect headers

Location: https://static.publinews.gt/2022/08/Al-menos-12-heridos-dejo%CC%81-un-accidente-en-una-montan%CC%83a-rusa-300x168.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FB2A 0
0 111ms
68ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVpzjei_gKiWCNNqGCeM_LrdsKh3LT9waQAlyVm_M8lWjM6ZpLVpNMUuBrbRoFVzyCwCKSj-FHeta_1qAnc8JiCyXhBOi9ZhHbpTuVn-c7EcW3dkS7LCGr0otOsxvIyGfKWgh7clzCfumt7h2p8Kp9NDxWie23SWa4bVRCcy9qWxR7fXVtya_Vk0547vRErlvH2b0NwbkUkutC8qK6z3sCGRCAPFBi0RlzqQm98vRK7EAWuL2RV1gItPdhF4Y84g-NsBxifM5RB35hoUgNk0xQkCKMDQNUbMwcUBdqfhWT9JfS4KSAn40E1Qq4Be3z9QQybAZVSmeWxver&sai=AMfl-YTXXYMd6EKZLPV6w-SanfkdEy8KB1aOEjmv4fIWGcDNx2kDGmm34KuISC-VMyXJNcpWdbUgJ8ba8rWy6-SBlPV0IPGG_XcNgIhw377mZbyzxs21WaHzwuawQ18X5AcMtg&sig=Cg0ArKJSzFyld0YiGTihEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 16:06:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 31 Aug 2022 16:06:02 GMT

GET
DATA 200
OK truncated
/ Frame FB2A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6a65b953da6fbfe82f4edf5cd9656efc22d6b120f6d4ecc17add6ddeba79e2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 105ms
54ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-90285-12&cid=463825994.1661961962&jid=959825034&_u=YADAAUABAAAAAC~&z=453435377

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 102ms
60ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-90285-12&cid=463825994.1661961962&jid=959825034&_u=YADAAUABAAAAAC~&z=453435377

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 88ms
57ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53456215-1&cid=463825994.1661961962&jid=1821292393&_u=YADAAUAAAAAAAC~&z=1290369039

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 101ms
61ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53456215-1&cid=463825994.1661961962&jid=1821292393&_u=YADAAUAAAAAAAC~&z=1290369039

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 92ms
55ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53456215-1&cid=463825994.1661961962&jid=854387023&_u=aADAAUABAAAAAC~&z=1182812665

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 101ms
61ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-53456215-1&cid=463825994.1661961962&jid=854387023&_u=aADAAUABAAAAAC~&z=1182812665

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 89ms
52ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-90285-12&cid=463825994.1661961962&jid=439686320&_u=aADAAUABAAAAAC~&z=1740637521

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 99ms
61ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-90285-12&cid=463825994.1661961962&jid=439686320&_u=aADAAUABAAAAAC~&z=1740637521

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E800 95 KB
34 KB 390ms
389ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=215320707&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661961962&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661961962168&bpp=4&bdt=840&idt=140&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd6cea47d8f1844f%3AT%3D1661961961%3AS%3DALNI_MZvvvsOUiZk6ZoyRb3yR-BYpbQkfA&prev_fmts=0x0&nras=1&correlator=4211812736668&frm=20&pv=1&ga_vid=463825994.1661961962&ga_sid=1661961962&ga_hid=305441450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=4082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771162%2C44771548&oid=2&pvsid=3672797894874316&tmod=193539051&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=ptyd6rNA46&p=https%3A//www.publinews.gt&dtd=147

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9c3306f6614477fc8941790c3a9335ea0da61d7ec5b383791edd33624ba0e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 34874
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 16:06:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK paperBG.png
static.publinews.gt/2020/06/ 102 KB
102 KB 13ms
12ms Image
image/png 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/paperBG.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: a61a648444a16a41ef29c2f3ce95053de667e244321323ea9a669c35768e0397

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 29 Jun 2020 04:48:55 GMT
Server: nginx/1.20.1
ETag: "5ef972b7-19897"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104599

GET
H3 200 container.html Show response
f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5E3E 6 KB
3 KB 29ms
29ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 16:06:02 GMT
expires: Thu, 31 Aug 2023 16:06:02 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 842C 624 B
297 B 55ms
55ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNWaktrnKTzOUgTn52-o_o1a19ZZa3AFpKi6fmLglkUN6pyIqVP6PVia8LKQK7Cnl8mH-qNcGn2de22_R3j6ah3WgHIm0Ldqa53i_iGb8-QL27U7qFaG1gDm9X2wGPYfnm_WD8CDBrZgZEAmNLhM8Ca5wl8tG8HoIMjZnlbTNftCfpd1CnA

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 16:06:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6151 27 KB
17 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DAFlEG_Za4F2MwAumy1cvSIUDUwnByoxNKawrLZLskzDbu_hN6ZBd4-3Mfwre3GkHJHzCGTiiwNZpYKBukPTjXQyNwg3UgmETgCOn5jZ0F_jwMmY3KsQvId2wTpdvwzoWux6WMYMBpCKC_dsbKkmBuMp-CUg&cry=1&dbm_d=AKAmf-AWQM1a1cwD1c-e4jJlCAC3wPTGYNOCNgjD9MONehTd2XrdVi5u35-ie7OM7oYxllD54rbP5S-pBxhGYloDjgS6iDxtVLBiPBQKHXMUJlIy7E-ILyYtgAXZtiAd1Z1uog0mLobPSMWP1XdEmdOixfVcDYyOqv-Z8EEo61TFavcVoE9Aoi0Sfoe1e7KgvcU4NRtOVIgRjI1U3OvUl4ZmzvbAfVzObigCV6WcaGTY_uX7OEHL4e01Z1-9zfrTPI2-YIhC9EEwzONyiBWmLkXAxXcUiemjn4YN2U9bbxm2LDAcVhn008kG4FsPasvRjAiKIfKMqMMr_-msVRVfxwx-Ru0nlGsC1WmXzfjHNEt5us5Rgb_um_GIe1xryzueYKyr83x6Y88fN7Id8y751KxwmhWcFXE1oT6YIBAGwLCiqZja64LVU__B7HOGDBG_p6uFllGB2LuMbNgYTSP5sn7dFfBaqSQJc5pNoLcg03wp2nsMUhKDvkT5Yjkn38rZ8drJV_LmKABNOs1-tGxV8rZjEhLbWwY2v3lM6IIEGsmJpARSLXRJvIACf66rbMhoqg-PUJmEN_pII5p6dSTaAHY7HhBTgdo2XKIFprXyhFdtmMchF7Yk5qs_bjxFs_pBecxoOK95VdizmolYAqtbCeDVimuXEReKnnU7aah_ZPnEJDYXSzJTSaAqJp3qN3GE-PIGOSptx5NEmYIWw0vXq--iPv7RvjBEagc4XsOAmW6DxzS3tRr5qvHL2fZE4RIabURjbRUKJ4OBqHEwxubOofLhZHh0urZERQqWUW7FjBc6Ytpa3njXKYhyYcjRal-KbgKI2IP-vG8OnI_CesEP_RymO3YCX2fZYRjFpgbNOJRAUgY5tydTOPyY6E5GgW3AHNattq7wiLr5fjyzR8mRZfgEimIk3mhdUJ-251LwhIAYrFo2hnOCzNHTRuPhfnwKJmFS8yIPo9GhKKhd4xx51girW4sZI0C4dL-cRxc4EprVvaGoopHMFVW0FfajLvgLCJXFP4xrGBWdz6J7NIYI1GWrOsW0rUUAS3XfWT-eXKzZcOBAQIH7M23nErMGMsjcmAwD7ILWJ1iJRMnqsNRoTtYHm9jIGFkuLx-TDRIVqx32Wko2djqOXKurYpK8-2Ct7gLlyAh85Q2dtnzILS66ph_4oKRPj7tMaN5PuVxGlUdN-XmWCOdPi-E0qnW65TSQcWP9YYEUH8bsSrNdrFKJkqsDdH5mysyK3qbncpGrShbvN_IS5uMTP2CVr_jUIaW_YSqHYDLVLxx8E2HmXuaaVQnVH3uK_pZTRwJ5EgHX3UpJHRSrQV_Ipo2ahWuM62iD4IsSyWwp-BGsTDqKZIVntk5nOArLih3eYSCSAIMKKk07XuHCD4CMzME2RGmPvb61u5KKVy8q_vczhJZgPJgi_fQgtio66mxkzn0ipShANgmdG_4OnpXINL1EomK4vwXdR-_zuOKNScGS2Zw_RkZRnkZ77898tyfrMLif74y_Who0hX4OgvynHK70RgrNiWJRIT4rKwJbaeFDz2fEl1ta_kFfykEgMdfygrdFlOF1ZjNJK9oRlSWaupOE2n5Fz_EbarjO_WY1qDi9lu5jq3uHu-_7deoBJEzLIjIcmFBzke--GXMFFuWuej1np_tXiJZugEbIkoRwhW8zLa3PwKaWxom3IVTGh5XHWBTIrCSoAnj6gsjk5OsAYHXeAzzqblwq49xFh1s0Ds19wrfeQpZ09ppEgJU3_viNIK5xZmQGIMpHplR3UOo4DGrd3HuhbLPwc603ltZDlt1_vH11gwG1Uqx_XyPfyyDRBfTfUEuGCJxS8DMPWT035aQO9Xjp_fEOVs6G3ZgvnHAZIhS00gs1LzTt6-NnwLmQ6Sm1Jp1si7mMFZ9MBMf1thv-IVvcAYxyGkxcC7LuudE_aEZQRFI4C5yOkMZWjFiRKyrnkTvTX5txXkpMbsil1oFjhdWjh1QiYJ0pibopg2_3xHHPJhcg7cdoM_5BEiRwX3mulWtfAwk4LKL69WeFq07Rk-poFoY23HY9fr_dDzvFJVPve5TVfAYoiUb2jpMevTgZ5fgc1kncwiLZ_6tZ_q_-UE9FyAip0mx_FY_Vmgdq6ujcKfwoIbHea3j2zrUZh0Pnb5Rf-xsw-obFGKKJWMiaacIkgT8LTCibbOdPW7XW59SMvlqaAy3luxHHei7Ozh1k1scql11OHl4DQPiE_oz3unfRg7PT7I3UBRZLoE8zbFFlEPO7rScb6fvGTBIySaSY2rahOVoXELTYV_aUtlYF0rqpU9E0BB5HEwawdnnpyP92EUIOEfeB75fqyR5jb-Mh58-gKMhAsCh91CxxvOtVFfAFcdUfVHD-ryINXf8g1BlvZ4enbppqK9UfIqgiBVNIDJv8gUDXc2ETRGdIWNcUlsVetMYP4NskIvJwHQclCU1UP4aw9C0mQJiw_Ap_G9fuA751BPPQ-a0F6ux2LHryY3114kvWiPftlm9lmB3Z_TDiDQYvNnmSSckeupVrqF83DVVu-LOv-5kZ8wJZN7SnAIxB6s8e1o5lJ1UQkPykZt8Hc8YBTro23nZE3V6F8hEWUAJqXRv5Ez2-iqRvtiObUgr6dqRm-M8EFwtgfkaV93sf4M_i1zQrbU1i9u_dFayB2WXZ7zFQJ0_b_qwEKT7WqFDQzSf3Y1SkXaEQ-NGXMF6Hs24dm2491kPyxUxKmi015-94xhrwiLcQqjw2bOpyjo16espRu-dtBLNhQpQLi4IKPwlTHtCFmVAk_0wfDXJQIou6qsn5I4MFXxBTerqI2scv9TuTrnXGFFH3fbhCKV5-tt7alQggw0uTksyN3nuUwnXe0-iq9pii3edCqkchZnGX3w9nIr0uLnnKPwsJ6budQJT__3qatTOr-jrfbnAKQm3j8cmSNq9avDv4Cf7PwKUm-DVQzrnR_ROfQM3kZs4D3T6MA9Q-O3OGI-N7DN1IHEkJJDUfQlprOQyuwUv_TydRfARdCt9hVM58MDZz0WWGzieyDroNluFa0FTZ2dW8rwdlFoBJBnmKe-7D56gGa31B3FBLNF5NRmNvHrovz-BrMbaWdMVLdefxgYfkJrRccF3d1DJqXJ9a6s5rrQTfitGjODT2qRVz1WIwmt_51Ode8_NNEKNkGJXLCq-qI1xh7OS0jqwTRuHxP2BEe5Shqs-sJjJoN49WRLVY2rbOlRY2S9i-YhrvLtveBFDpU2tot9J9x1Vd9ztCYjyyPt0J2LQzcPLyp1ogIg-zRLcPbYg4plppuIRcWC5fh0IDYF2GoIn1aDA-GMpCDFRkDfwJlR2m5hPubQzn35deTDlKCqCaUnBFbwZWH7_LeL1Uv17AIduNkNZiqZ9v01U0JodlMtGF1xXys8ofjVrPV8bT1TKUwfMBD0hdr8NVAYdj4-gax7c6VuDWAvTv9IiBlvIwsX32Tpd_COuJLJbg6AaRBjJJqaOSF6OvN1Cythi9Cp__2wD7gD9aruwwCE4kcIKdj9P9XpUvK6M1KHFxganHhMsOA6G1jvJnryipgawXiw&cid=CAQSLgCsnQUxQykVlEe9bolkZfsPcNI58CtMlCfZCTkxIHCP0tBgoQ1jBvpq8qP-Fbc&rfl=1%2Chttps%253A%252F%252Fwww.publinews.gt%252F%240

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2a7e2576eec7fdeff7652fc79f5b57c7dda190d394424a66d7a6e421f40e77a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16872
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6151 42 B
63 B 55ms
54ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Csz0i_SgtgUB9-NC_cyhrQS7hnrps0Razq4P4881NhzTPePmjTH4kxOXm7bS-Df36aXTY1cPL_IOYXZ0HlTno4MnO8eTfX1qGjYw62_MozmrucIxc

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 6151 3 KB
1 KB 32ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus_fy2021.js

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 16:04:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 6151 17 KB
8 KB 31ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 15:55:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 15:55:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6151 141 KB
44 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44757
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661773661488070"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 16:06:02 GMT

GET
H3 200 publinews.gt.1129387.es6.js Show response
jsc.mgid.com/p/u/ 265 KB
76 KB 223ms
206ms Script
text/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba2509a2b7e125a486a751d0f50e1be8319240ba60a66e6612c6daf4c0525688

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: RJDRQH6DH6J1BF8X
cf-polished: origSize=271107
cf-ray: 743702d92b8f9174-FRA
last-modified: Wed, 24 Aug 2022 10:13:54 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: dA96oKhLHo6W4kOROuGK/kSmKL/UlXTF5i7tEUMG93VS4EQx0QM00cfH6/07LBpR1MGPEIKochk=
cf-bgj: minify
server: cloudflare
etag: W/"e56936ed2e96b92878eb01574ed8f167"
vary: Accept-Encoding
x-amz-version-id: Q.vPtjYAtwJqV21e2jT0qb5RFEuHBqH3
cache-control: public, max-age=10800
content-type: text/javascript
expires: Wed, 31 Aug 2022 19:06:02 GMT

GET
H/1.1 200
OK opinion-fondo.jpg
static.publinews.gt/2020/06/ 4 KB
4 KB 20ms
13ms Image
image/jpeg 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-fondo.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 142285bd07a14ae41f00f7a4abfb34d050e788f6d64e3935fda159cef378acab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 29 Jun 2020 01:14:06 GMT
Server: nginx/1.20.1
ETag: "5ef9405e-e83"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3715

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 26ms
26ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.publinews.gt

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 23ms
23ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.publinews.gt

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 424 B
258 B 422ms
421ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3672797894874316&correlator=3789238837071055&eid=31068498%2C31068928%2C31069201%2C44770639%2C44752586&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=168615172%2CGT_PN%2Cad_footer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=12&adks=27636735&didk=2542544624&sfv=1-0-38&ists=1&fsapi=false&sc=1&cookie=ID%3Dcd6cea47d8f1844f-22624d350ece00c3%3AT%3D1661961961%3ART%3D1661961962%3AS%3DALNI_MYhbPUZKpL9xsGhL41Fb8gMU0_Kuw&abxe=1&dt=1661961962465&lmt=1661961962&dlt=1661961961328&idt=334&adxs=0&adys=11114&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&frm=20&vis=1&psz=1600x11105&msz=1600x0&fws=0&ohw=0&psts=AEC3cPJbUmdre4EUetNSgypgfgttgf6wL4wU_ZIIhoU-SteZ30cd3aPDckmPwwUbLRhCuul2xWG-f62t83gCJdjVMSdORg&ga_vid=463825994.1661961962&ga_sid=1661961962&ga_hid=305441450&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b5ed54697e05d6b4df8b96cb22c5b8079b0f0c65610c9a76fc1f5fc981fbdc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 422 B
256 B 410ms
409ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3672797894874316&correlator=3789238837071055&eid=31068498%2C31068928%2C31069201%2C44770639%2C44752586&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=168615172%2CGT_PN%2Cad_skin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C4x4&ifi=13&adks=3787344750&didk=2542544627&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3Dcd6cea47d8f1844f-22624d350ece00c3%3AT%3D1661961961%3ART%3D1661961962%3AS%3DALNI_MYhbPUZKpL9xsGhL41Fb8gMU0_Kuw&abxe=1&dt=1661961962471&lmt=1661961962&dlt=1661961961328&idt=334&adxs=0&adys=11114&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&frm=20&vis=1&psz=1600x11105&msz=1600x0&fws=0&ohw=0&psts=AEC3cPJbUmdre4EUetNSgypgfgttgf6wL4wU_ZIIhoU-SteZ30cd3aPDckmPwwUbLRhCuul2xWG-f62t83gCJdjVMSdORg&ga_vid=463825994.1661961962&ga_sid=1661961962&ga_hid=305441450&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a809aee4a0c67d1b9882d91414bbbe19410bfa7f6d2a28f3f2976015c776d8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 425 B
256 B 415ms
414ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3672797894874316&correlator=3789238837071055&eid=31068498%2C31068928%2C31069201%2C44770639%2C44752586&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=168615172%2CGT_PN%2Cad_sponsor&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x40&ifi=14&adks=1143347988&didk=2542544628&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3Dcd6cea47d8f1844f-22624d350ece00c3%3AT%3D1661961961%3ART%3D1661961962%3AS%3DALNI_MYhbPUZKpL9xsGhL41Fb8gMU0_Kuw&abxe=1&dt=1661961962476&lmt=1661961962&dlt=1661961961328&idt=334&adxs=0&adys=11114&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&frm=20&vis=1&psz=1600x11105&msz=1600x0&fws=0&ohw=0&psts=AEC3cPJbUmdre4EUetNSgypgfgttgf6wL4wU_ZIIhoU-SteZ30cd3aPDckmPwwUbLRhCuul2xWG-f62t83gCJdjVMSdORg&ga_vid=463825994.1661961962&ga_sid=1661961962&ga_hid=305441450&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d37ad6dbde004df19f997c3535e3fe54635760b2e37da5060a9e7bf38bae4a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 428 B
260 B 381ms
380ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3672797894874316&correlator=3789238837071055&eid=31068498%2C31068928%2C31069201%2C44770639%2C44752586&output=ldjh&gdfp_req=1&vrg=2022082501&ptt=17&impl=fif&iu_parts=168615172%2CGT_PN%2Cad_footer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x100%7C970x100&ifi=15&adks=3733977308&didk=93605611&sfv=1-0-38&fsapi=false&sc=1&cookie=ID%3Dcd6cea47d8f1844f-22624d350ece00c3%3AT%3D1661961961%3ART%3D1661961962%3AS%3DALNI_MYhbPUZKpL9xsGhL41Fb8gMU0_Kuw&abxe=1&dt=1661961962519&lmt=1661961962&dlt=1661961961328&idt=334&adxs=640&adys=1095&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&frm=20&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&psts=AEC3cPJbUmdre4EUetNSgypgfgttgf6wL4wU_ZIIhoU-SteZ30cd3aPDckmPwwUbLRhCuul2xWG-f62t83gCJdjVMSdORg&ga_vid=463825994.1661961962&ga_sid=1661961962&ga_hid=305441450&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8216ef317fe2044ee78835b6f88b0b0a87c024b14da3daf4cff762f3065643b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 23D8 640 B
316 B 55ms
54ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYsa6jzAEwAQ&v=APEucNWnaheSIB8b3O2-XtmI5EV67s006WCMaG9L2O1OvrqNOdSJU8wzNCNj5WZs2MS-z0XrkP6Viq548JP89eF5J62KfiwSrfiWu1b4swCXzl_knURa8TCBV3-8H2SA1nKXZCgUKLLAFQl0VuBTW1evK6BR3lUWx3gLjqDzXiQexoyxEp4UV8o

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 16:06:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5E3E 96 KB
37 KB 75ms
73ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C1FTFvd-czitcwiT7ZGe8VrzUN3JPeHY_d7Lk1lA22mCWNL_BurcuXijnBxxTMUhHrABPLx98R6Q-rp3DrbrjBFHX3XP43aYBwY2b2wP7CQYKnI8b4Df8-WxpHNaPy9pyKOODAXjDPl7SZ7wD583oO1P0cSg&dbm_d=AKAmf-Cqgn9Ev2sdLIT-CTJTS0nOF8jby_lBGcgq0cQIvM3PYbPooTM5Nk8iUxXAo2sunqZ5NP9LSIgCzqK50mxnv--z9PHZBiPJ91aQhtrSu9-XCLMZWmobqQ1_gsEJ9WhZ0Dizt5FE2_wRr1P-uOoTrAzNv8kTlpdrSZGsVRBCgKJSswh-xCCLysxdhynvGNqgxbYphtMqATX-VKkdr98rQuhXrMtycUH-CqEdOLEh8AN9L9DzsVCXi-kcaFqT8WsD6r_qlWk0hH-X_IDp8FBMWGO5RsOdE8OljndUqZtZ0IZSg4ebfWhzofVZizcH0Sqc56jMhkM2gEVH5VP-53_GKOHybJAKl4agMTAdOad9m5N14ZHBJ9oJ_2olGcXHDthVx70PeH0YR1gfmitxLNdI2CrqE-U2B0EKvV_VfU1XxGZ0glmGtgQ7ppRt1H1QMkEFFGxFF_mzDm0pJSB2GuMhtDtgeIgkeIAcrunnwcsNGxg-00upqoidMw2_8Kz9-fKoo43Cn3q6fVa9LngEeZvBaEyI11bElNRL8CNob2-5L1-xbmRF27MMHnw0lePqOs9OHj0V3QO3JyPQ2TkLRYQM8p37QYV5UISqq1np7dDrrGt2A2jp7dx5QJNzX9CAtumL5FtA60SuIjMojdxGbZp9lnBt64Aw3C302V0Myz6JiuPMfAaOoglkR3RokTEnjrnlwqKMKcHrTSg8159Bm3PuIDgLT6WsjVD5QrXN0GR5-d2-sTVvAOXmSnA6k5jhV59DTOaRraa4W4vt3gLkQkodVkOJGvnOLs4-QNjKfHuT84oFXmTPMsfkNh05Qr0CsW9CztsirsLizsnVfqD5Lg-4ZQxyndsU3-wb_DL8ZYdGZX-gQTpDwfs3iXW1l74ur2E8kB_VsmbmhFi024p8M-BcsyDKzvLYXRQsOVRv2NXl9QoWFiOPA4jbYMUgaC2MSr_ogpNkO_VqFr8GFHRXOpfDqZP1wkLi07-62rRTaLKnHh_Iexoygacd-WbpOSNHuN1iKdfa_8NZ0VSYOcR3vfTq67X9p6UKKQ8VXTaIFgsvrwubMXNP5sUTQnO54X_xZhiYQfIQ8LGNONNh5-HIjII3NZOOJdpH9CXW9o6fQ-3rKhgQp0xZyTtm-T8RdkGguQpQcHiIeJrbbBONK7PCgCZRZyTZg8dZNmn2vxzTpDszBywsjdnU6g0cgOvrLw-MXfMBY3J04x88EZCVAierumoV1a1o7tvCFeKkiO1NWub_ytLafV1kno4JG6tTsfrcIopSSVSh9yEhIKqh0c5dzBALXuZDLcGieogXopB7RcNfqXbDAvSTCPSMn93z67bkEHkkcV9xXjBdDemFJknsO_gqeZe12pp_zaZuO58MLKEUV5O0vO_Qo0Fepj1h0mUQJvLf0sw_jqE2OxwAmT-ys_2vsoTWbhNAiZx9V_mUaW6bCvhl_OJ7_fd_kd8CVEWbuRtdhy6JEMqVyWks2wDu5kDmUtSZfEuMijoYRqkToSogsDrCDmPXhiJXeE4Yrf8LChcbH4bbhm5AnW6N4Atq-1h_C6eDPU17mVK6zcd4y-1AIEXfzRgsju_ZmHtVL_5Vrx6yFT_Ch0yoZon4fTK8PUEF_5aSHsP4TTmmXsALLL3oddZ2KqRHyV9LiUK-wN8SA1VRlztdjiXmKeG3dmE08sdjl6siFDMKVP6Y_4KBZX1cLq3YgbYmFr4c_FZmav0nbRTD4jjqaqSi1YheFXaSVNdj_lE0YlJHTlcezgGXFwXD0czRhegLoddvoFoGILOOGvHcMcO_07ZTiLs_m5PblY32PwIzQDsCRYDKToGP_9dFVGH2UJxURnIcBqGJWDMLpG1wcjsmoSe9YgY0G45G5qzbymppEN8HWwHTnYX2A0QYa2wBIkRJ34EXgazK2hPxxmRuzLgUl3UR4vOhaIrLvQirO0G9LDC69UZJe_TN-7alMsfVHh5WUgzj4Ez85c2hL7VN538FusGw6bAaZs2wAzOrVth1DDv_UaF-HkrGjpgwyFm8iCjQD9AKQQQ17mW9LhHrsqtnoSeKBa3ML55W1BUKNPL5HqO7iUwXxP9ZGbAzMeNrTjmH_TGgLLQ9WUz026BmMJSFnNFAtBNEpx7zDo8BIpenduKAfr2t8YDaRozezC1Kqx5bx1UmixvZ8NHKXVe8gYvXllIOZcC3BXH4c1npdN7EeQcUG6O86TYjrRDoZgaxwasyRwXhpIpbOBKnVPpkkwzpM0wKwCsNgeRi_gPwros27kN3PyCgnRsPF1kD0joS8nrl3lbzD9dcvv8EcYaX-6rIcgp_Mhfo3WTt1o0sFbuHFt4kQxtB1dZzLH3CNY_RWOMX6wMivLqtbSZRsGm9CJzXcuOzBwu2sx2oLszMCi4IVyK4DFKtlaaSR7zIBW0B1cgqZPrfd7vR1PrsbDLXEXzhgUi4w5ng3823j2pcm_x6y2REr6n_qGcSTCWa3di3-p54lV4qKcy3-d8OK_WQxQtUjuWL_edhP3LVtUug8AtcwI94WwhxciZD1Hn7cqPgDXGv_RaUGGgtpNC-9sV2lGE5moxWCHC6RgijUU1Cs-gT5iPqZ2yaRhoQEokHQMWWZAB-CiE7vf7ndwXnRZ4jkcrqjY8JgYGvYcUfthgb7vtLBd9eHfsGZbcFhJ-y13-OuTnUmqJiE8_ohn7pCycivxJ4xUBLkxd_G1R9_Wcc9QABJLUI37UUaZYOZxTL97B-MGxHwxCtOl60P1E5DmYGq6_fheJsN2703YQqZw38_zYJMbBKQVSNjOiNa2AqbJwS8Az9QXw6cxHg55PqMHvxr7xxQ0Pv8AQz1tOgAiyY6RjQpNRDF9h3G69I27BmYThqbFRxO_8YCGz-5rhslwVMQ4XzylDUIIG37I9qH4Mq6H1sJJ6GDRb9QSqhfKCrki7_kmnVoBv-xiqwDjNqJ-9UAn7mkv9A3AHUOjh6ng656jnHWzNifJZWCjXOfQoL65rF3kbOr5qvMOZZwA7i5jh1jyWqGr04wA-F4coXqkbSM2QIv-TRw7pqjdYaxq1iyp4Q55UwA8TIOj_FScH6ECVKmS-nkUA8PQLL8xHY6KVrAHfvKuqtv_YZw-JymrGvD-sdXKoZSYUuIQln-MuIzOiEcBKdio3Xe3-BPuOsemOUQelT-fKH6dC3JNCRjOmgzB1EL8C8BtsoLf3aZ-gD_yWRf72o7-dRF9BzlIw-H8X0oXaa7u4k8eUhLhSNNRV90iUVMf9ovCfQ4r1TvQsApZqa-zFZP_k9nmvLtpHq4E96zlFIyvjHdR40DwZOe4uxqrgj5rVynGigGtn_nvO8QZ0creb1oOkDHocyelLo9uYGplMmP_mW8ZMyxlrICB3_-N32XU07LIWeBvWZ5XjY9SAL0dg525VUTRJ-94TFo7PkgWCQQ4hb-Gfs5ca5j9y2q0-UEYgVrd4&cid=CAASJeRoBZtBe-CX7CKirEbCMPy5_WrZCGHGeXd3Mi37f8ySUhbERLk&rfl=1%2Chttps%253A%252F%252Fwww.publinews.gt%252F%240

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c50506f266440656215e0325d7080644885d774b09a937fe2feaa47d9f63c86c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37660
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E3E 42 B
63 B 56ms
54ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cgzn964NTxNbzVa-vrnEK0e8Y8gvG7_VuIrSQTc3CZWTOYuZ0XK5BjgqjuQGEbO7VIr8l34Ra9Fvv_xXIchAZiZ3ZaYEt5j7zjsXTSI3Xf8z67vIw

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 5E3E 3 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus_fy2021.js

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 16:05:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 5E3E 17 KB
7 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 15:55:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 15:55:40 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5E3E 0
0 24ms
23ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRaawOQ2FjivPF6yrV6Of87wbv1UoFVFLWqd0Y-0dlvuoH2VpFpNibj4HTbbkFHICA7aZhGFKtirw_qLfR4kBT7hVKZTw
Requested by: Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E3E 141 KB
44 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44757
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661773661488070"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 16:06:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/ Frame 6151 30 KB
12 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DAFlEG_Za4F2MwAumy1cvSIUDUwnByoxNKawrLZLskzDbu_hN6ZBd4-3Mfwre3GkHJHzCGTiiwNZpYKBukPTjXQyNwg3UgmETgCOn5jZ0F_jwMmY3KsQvId2wTpdvwzoWux6WMYMBpCKC_dsbKkmBuMp-CUg&cry=1&dbm_d=AKAmf-AWQM1a1cwD1c-e4jJlCAC3wPTGYNOCNgjD9MONehTd2XrdVi5u35-ie7OM7oYxllD54rbP5S-pBxhGYloDjgS6iDxtVLBiPBQKHXMUJlIy7E-ILyYtgAXZtiAd1Z1uog0mLobPSMWP1XdEmdOixfVcDYyOqv-Z8EEo61TFavcVoE9Aoi0Sfoe1e7KgvcU4NRtOVIgRjI1U3OvUl4ZmzvbAfVzObigCV6WcaGTY_uX7OEHL4e01Z1-9zfrTPI2-YIhC9EEwzONyiBWmLkXAxXcUiemjn4YN2U9bbxm2LDAcVhn008kG4FsPasvRjAiKIfKMqMMr_-msVRVfxwx-Ru0nlGsC1WmXzfjHNEt5us5Rgb_um_GIe1xryzueYKyr83x6Y88fN7Id8y751KxwmhWcFXE1oT6YIBAGwLCiqZja64LVU__B7HOGDBG_p6uFllGB2LuMbNgYTSP5sn7dFfBaqSQJc5pNoLcg03wp2nsMUhKDvkT5Yjkn38rZ8drJV_LmKABNOs1-tGxV8rZjEhLbWwY2v3lM6IIEGsmJpARSLXRJvIACf66rbMhoqg-PUJmEN_pII5p6dSTaAHY7HhBTgdo2XKIFprXyhFdtmMchF7Yk5qs_bjxFs_pBecxoOK95VdizmolYAqtbCeDVimuXEReKnnU7aah_ZPnEJDYXSzJTSaAqJp3qN3GE-PIGOSptx5NEmYIWw0vXq--iPv7RvjBEagc4XsOAmW6DxzS3tRr5qvHL2fZE4RIabURjbRUKJ4OBqHEwxubOofLhZHh0urZERQqWUW7FjBc6Ytpa3njXKYhyYcjRal-KbgKI2IP-vG8OnI_CesEP_RymO3YCX2fZYRjFpgbNOJRAUgY5tydTOPyY6E5GgW3AHNattq7wiLr5fjyzR8mRZfgEimIk3mhdUJ-251LwhIAYrFo2hnOCzNHTRuPhfnwKJmFS8yIPo9GhKKhd4xx51girW4sZI0C4dL-cRxc4EprVvaGoopHMFVW0FfajLvgLCJXFP4xrGBWdz6J7NIYI1GWrOsW0rUUAS3XfWT-eXKzZcOBAQIH7M23nErMGMsjcmAwD7ILWJ1iJRMnqsNRoTtYHm9jIGFkuLx-TDRIVqx32Wko2djqOXKurYpK8-2Ct7gLlyAh85Q2dtnzILS66ph_4oKRPj7tMaN5PuVxGlUdN-XmWCOdPi-E0qnW65TSQcWP9YYEUH8bsSrNdrFKJkqsDdH5mysyK3qbncpGrShbvN_IS5uMTP2CVr_jUIaW_YSqHYDLVLxx8E2HmXuaaVQnVH3uK_pZTRwJ5EgHX3UpJHRSrQV_Ipo2ahWuM62iD4IsSyWwp-BGsTDqKZIVntk5nOArLih3eYSCSAIMKKk07XuHCD4CMzME2RGmPvb61u5KKVy8q_vczhJZgPJgi_fQgtio66mxkzn0ipShANgmdG_4OnpXINL1EomK4vwXdR-_zuOKNScGS2Zw_RkZRnkZ77898tyfrMLif74y_Who0hX4OgvynHK70RgrNiWJRIT4rKwJbaeFDz2fEl1ta_kFfykEgMdfygrdFlOF1ZjNJK9oRlSWaupOE2n5Fz_EbarjO_WY1qDi9lu5jq3uHu-_7deoBJEzLIjIcmFBzke--GXMFFuWuej1np_tXiJZugEbIkoRwhW8zLa3PwKaWxom3IVTGh5XHWBTIrCSoAnj6gsjk5OsAYHXeAzzqblwq49xFh1s0Ds19wrfeQpZ09ppEgJU3_viNIK5xZmQGIMpHplR3UOo4DGrd3HuhbLPwc603ltZDlt1_vH11gwG1Uqx_XyPfyyDRBfTfUEuGCJxS8DMPWT035aQO9Xjp_fEOVs6G3ZgvnHAZIhS00gs1LzTt6-NnwLmQ6Sm1Jp1si7mMFZ9MBMf1thv-IVvcAYxyGkxcC7LuudE_aEZQRFI4C5yOkMZWjFiRKyrnkTvTX5txXkpMbsil1oFjhdWjh1QiYJ0pibopg2_3xHHPJhcg7cdoM_5BEiRwX3mulWtfAwk4LKL69WeFq07Rk-poFoY23HY9fr_dDzvFJVPve5TVfAYoiUb2jpMevTgZ5fgc1kncwiLZ_6tZ_q_-UE9FyAip0mx_FY_Vmgdq6ujcKfwoIbHea3j2zrUZh0Pnb5Rf-xsw-obFGKKJWMiaacIkgT8LTCibbOdPW7XW59SMvlqaAy3luxHHei7Ozh1k1scql11OHl4DQPiE_oz3unfRg7PT7I3UBRZLoE8zbFFlEPO7rScb6fvGTBIySaSY2rahOVoXELTYV_aUtlYF0rqpU9E0BB5HEwawdnnpyP92EUIOEfeB75fqyR5jb-Mh58-gKMhAsCh91CxxvOtVFfAFcdUfVHD-ryINXf8g1BlvZ4enbppqK9UfIqgiBVNIDJv8gUDXc2ETRGdIWNcUlsVetMYP4NskIvJwHQclCU1UP4aw9C0mQJiw_Ap_G9fuA751BPPQ-a0F6ux2LHryY3114kvWiPftlm9lmB3Z_TDiDQYvNnmSSckeupVrqF83DVVu-LOv-5kZ8wJZN7SnAIxB6s8e1o5lJ1UQkPykZt8Hc8YBTro23nZE3V6F8hEWUAJqXRv5Ez2-iqRvtiObUgr6dqRm-M8EFwtgfkaV93sf4M_i1zQrbU1i9u_dFayB2WXZ7zFQJ0_b_qwEKT7WqFDQzSf3Y1SkXaEQ-NGXMF6Hs24dm2491kPyxUxKmi015-94xhrwiLcQqjw2bOpyjo16espRu-dtBLNhQpQLi4IKPwlTHtCFmVAk_0wfDXJQIou6qsn5I4MFXxBTerqI2scv9TuTrnXGFFH3fbhCKV5-tt7alQggw0uTksyN3nuUwnXe0-iq9pii3edCqkchZnGX3w9nIr0uLnnKPwsJ6budQJT__3qatTOr-jrfbnAKQm3j8cmSNq9avDv4Cf7PwKUm-DVQzrnR_ROfQM3kZs4D3T6MA9Q-O3OGI-N7DN1IHEkJJDUfQlprOQyuwUv_TydRfARdCt9hVM58MDZz0WWGzieyDroNluFa0FTZ2dW8rwdlFoBJBnmKe-7D56gGa31B3FBLNF5NRmNvHrovz-BrMbaWdMVLdefxgYfkJrRccF3d1DJqXJ9a6s5rrQTfitGjODT2qRVz1WIwmt_51Ode8_NNEKNkGJXLCq-qI1xh7OS0jqwTRuHxP2BEe5Shqs-sJjJoN49WRLVY2rbOlRY2S9i-YhrvLtveBFDpU2tot9J9x1Vd9ztCYjyyPt0J2LQzcPLyp1ogIg-zRLcPbYg4plppuIRcWC5fh0IDYF2GoIn1aDA-GMpCDFRkDfwJlR2m5hPubQzn35deTDlKCqCaUnBFbwZWH7_LeL1Uv17AIduNkNZiqZ9v01U0JodlMtGF1xXys8ofjVrPV8bT1TKUwfMBD0hdr8NVAYdj4-gax7c6VuDWAvTv9IiBlvIwsX32Tpd_COuJLJbg6AaRBjJJqaOSF6OvN1Cythi9Cp__2wD7gD9aruwwCE4kcIKdj9P9XpUvK6M1KHFxganHhMsOA6G1jvJnryipgawXiw&cid=CAQSLgCsnQUxQykVlEe9bolkZfsPcNI58CtMlCfZCTkxIHCP0tBgoQ1jBvpq8qP-Fbc&rfl=1%2Chttps%253A%252F%252Fwww.publinews.gt%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dac404ab5c3fcdc83e30b66349bccf92526406c5fdd63b9c1394acf78348ac52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 15:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 497
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11766
x-xss-protection: 0
server: cafe
etag: 14053427913132020778
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 15:57:45 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6151 41 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 04:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 04:57:30 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 842C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIKOd-AmeNOgCY9Ez7ukMFQ&google_cver=1

43 B
845 B

33ms
33ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIKOd-AmeNOgCY9Ez7ukMFQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNWaktrnKTzOUgTn52-o_o1a19ZZa3AFpKi6fmLglkUN6pyIqVP6PVia8LKQK7Cnl8mH-qNcGn2de22_R3j6ah3WgHIm0Ldqa53i_iGb8-QL27U7qFaG1gDm9X2wGPYfnm_WD8CDBrZgZEAmNLhM8Ca5wl8tG8HoIMjZnlbTNftCfpd1CnA
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 743702db1b519a0f-FRA
pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7na%2F3CjyYg%2F4BqOK4QHR4XXsHYCseANs1XJ7ukZWqBiPnfuFKAAO9U3b614pQFoQPhisGYlAE3G6WPOhhBzwfNd5l%2BOAsxEzW6KwPCgS11BbxzjOyQMOR5hR%2BQBV3o6w1JIUPiSuwIOfLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIKOd-AmeNOgCY9Ez7ukMFQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 842C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yw.G6kGj6AJO3OUoCkFB.wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIKOd-AmeNOgCY9Ez7ukMFQ&google_cver=1&google_hm=2

43 B
844 B

36ms
36ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIKOd-AmeNOgCY9Ez7ukMFQ&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNWaktrnKTzOUgTn52-o_o1a19ZZa3AFpKi6fmLglkUN6pyIqVP6PVia8LKQK7Cnl8mH-qNcGn2de22_R3j6ah3WgHIm0Ldqa53i_iGb8-QL27U7qFaG1gDm9X2wGPYfnm_WD8CDBrZgZEAmNLhM8Ca5wl8tG8HoIMjZnlbTNftCfpd1CnA
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 743702dc9e6a9a0f-FRA
pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ztm0XwLvHnmeu%2FNotO6EGKsvUfHmAyUj44arGH9RgxfTATfhuojF0MzeiHY9CIqBTY1JwOsCuxIBzSxpAb%2FHSuozZK51G8n2ogoayQvBt%2F4jGi%2FnNXBuEAWzWj2ssMivX5Dd5V6HG0NIw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIKOd-AmeNOgCY9Ez7ukMFQ&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 842C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH83HrrIQ8g_9ymSYLRRAO4&google_cver=1

43 B
1020 B

14ms
13ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEH83HrrIQ8g_9ymSYLRRAO4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNWaktrnKTzOUgTn52-o_o1a19ZZa3AFpKi6fmLglkUN6pyIqVP6PVia8LKQK7Cnl8mH-qNcGn2de22_R3j6ah3WgHIm0Ldqa53i_iGb8-QL27U7qFaG1gDm9X2wGPYfnm_WD8CDBrZgZEAmNLhM8Ca5wl8tG8HoIMjZnlbTNftCfpd1CnA

Protocol

HTTP/1.1

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Aug 2022 16:06:02 GMT
X-Proxy-Origin: 178.162.209.138; 178.162.209.138; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 94bd4561-ad74-4940-81f4-eb01cca70198
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEH83HrrIQ8g_9ymSYLRRAO4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 842C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYxMTA3NTQzMjA0MjY5NDYxMQ%3D%3D

170 B
188 B

37ms
26ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYxMTA3NTQzMjA0MjY5NDYxMQ%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 31 Aug 2022 16:06:02 GMT
X-Proxy-Origin: 178.162.209.138; 178.162.209.138; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: e87c87c1-10bc-4ff0-a698-81e4ee1d7634
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYxMTA3NTQzMjA0MjY5NDYxMQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 600 KB
132 KB 15ms
10ms Script
text/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/82680/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 99725e21800ccc55e79d462f475db2fec19f1c82057b6b5bc87bdfe5212927d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: br
last-modified: Tue, 23 Aug 2022 13:37:13 GMT
x-amz-request-id: XANJST7VCBJB3XDG
etag: "64ef8a8414b0709762a104370ec0c6fc"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 6
accept-ranges: bytes
content-length: 134075
x-amz-id-2: Oove3I2Ppcpc0LPesrPpYfNdOEneFo2nSyWNI1W+WDRNvGYu3xtgvqy/1/+YRQsVjuAcxmZVabk=
expires: Wed, 31 Aug 2022 16:36:02 GMT

GET
H/1.1 200
OK widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html Show response
platform.twitter.com/widgets/ Frame 3D15 320 KB
104 KB 10ms
9ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html?origin=https%3A%2F%2Fwww.publinews.gt
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 37323
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Wed, 31 Aug 2022 16:06:02 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Mon, 15 Aug 2022 23:01:14 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

POST
H/1.1 204
No Content / Show response
www.publinews.gt/gt/ 0
222 B 98ms
96ms XHR
text/html 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.publinews.gt/gt/

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.168.125.12.49.clients.your-server.de

Software

nginx/1.20.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.publinews.gt/gt/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Cache-Control: max-age=15, s-maxage=0
Server: nginx/1.20.1
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK opinion-mariaace%C3%B1a.jpg
static.publinews.gt/2020/06/ 6 KB
6 KB 36ms
35ms Image
image/jpeg 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-mariaace%C3%B1a.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: a0aad236d91f8a4ccca9299f760e17fff3a18635872a6e38ae4900eead00cd38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 29 Jun 2020 01:14:43 GMT
Server: nginx/1.20.1
ETag: "5ef94083-18a4"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6308

GET
H/1.1 200
OK opinion-josesanabria.jpg
static.publinews.gt/2020/06/ 5 KB
5 KB 22ms
20ms Image
image/jpeg 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-josesanabria.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 3f43187776cc2fd671ed841523cc7bfd3d8d4dc3c0a32e0ae3b1b84e32f6d871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 29 Jun 2020 01:14:22 GMT
Server: nginx/1.20.1
ETag: "5ef9406e-1426"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5158

GET
H/1.1 200
OK opinion-giovannifratti.jpg
static.publinews.gt/2020/06/ 5 KB
5 KB 23ms
22ms Image
image/jpeg 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-giovannifratti.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 1adf337204d2f4cee5264b18e3212be7a93cd619c705e30bf89a3d27192b77f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 29 Jun 2020 01:14:17 GMT
Server: nginx/1.20.1
ETag: "5ef94069-1406"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5126

GET
H/1.1 200
OK opinion-default.jpg
static.publinews.gt/2020/06/ 4 KB
5 KB 22ms
21ms Image
image/jpeg 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-default.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 3be29565ed74ebe94b47d147f84748dc076566e4348c72db227ad8cf72a75f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 29 Jun 2020 01:13:59 GMT
Server: nginx/1.20.1
ETag: "5ef94057-11a7"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4519

GET
H/1.1 200
OK opinion-luisvalenzuela.jpg
static.publinews.gt/2020/06/ 5 KB
5 KB 23ms
22ms Image
image/jpeg 49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-luisvalenzuela.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 8195ec559939a3299a302f8e0c182ba87ddc46b9d26de044d2b8b69fd412a645

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 29 Jun 2020 01:14:33 GMT
Server: nginx/1.20.1
ETag: "5ef94079-1358"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4952

POST
H/1.1 200
OK post Show response
tag.escalated.io/ 31 B
464 B 167ms
46ms Fetch
application/json 54.78.253.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.escalated.io/post

Requested by

Host: tag.escalated.io
URL: https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.publinews.gt&type=display&cust=7934&sid=direct&c=&cust2=direct

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-78-253-158.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

7b1d77153cd55fc5b3085fabd7b5b468ea6294bfdde84821afcabbc274ffd549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Connection: close
Access-Control-Allow-Headers: content-type
Content-Length: 51
X-XSS-Protection: 1; mode=block

GET
H3 200 container.html Show response
f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 86F4 6 KB
3 KB 24ms
19ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 16:06:02 GMT
expires: Thu, 31 Aug 2023 16:06:02 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

opinion-chechapaiz-150x150.jpg
static.publinews.gt/2020/06/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-chechapaiz-150x150.jpg
https://static.publinews.gt/2020/06/opinion-chechapaiz-150x150.jpg

4 KB
4 KB

16ms
15ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-chechapaiz-150x150.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 6c25b976778ba4a030773a7897d64c44197eb5e393115ff8367c9d78aeffdc3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 29 Jun 2020 04:38:44 GMT
Server: nginx/1.20.1
ETag: "5ef97054-10c0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4288

Redirect headers

Location: https://static.publinews.gt/2020/06/opinion-chechapaiz-150x150.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

opinion-giovannifratti.jpg
static.publinews.gt/2020/06/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-giovannifratti.jpg
https://static.publinews.gt/2020/06/opinion-giovannifratti.jpg

5 KB
5 KB

14ms
13ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-giovannifratti.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 1adf337204d2f4cee5264b18e3212be7a93cd619c705e30bf89a3d27192b77f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 29 Jun 2020 01:14:17 GMT
Server: nginx/1.20.1
ETag: "5ef94069-1406"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5126

Redirect headers

Location: https://static.publinews.gt/2020/06/opinion-giovannifratti.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

opinion-josesanabria.jpg
static.publinews.gt/2020/06/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-josesanabria.jpg
https://static.publinews.gt/2020/06/opinion-josesanabria.jpg

5 KB
5 KB

17ms
15ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-josesanabria.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 3f43187776cc2fd671ed841523cc7bfd3d8d4dc3c0a32e0ae3b1b84e32f6d871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 29 Jun 2020 01:14:22 GMT
Server: nginx/1.20.1
ETag: "5ef9406e-1426"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5158

Redirect headers

Location: https://static.publinews.gt/2020/06/opinion-josesanabria.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

opinion-julissamartinez-150x150.jpg
static.publinews.gt/2020/06/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-julissamartinez-150x150.jpg
https://static.publinews.gt/2020/06/opinion-julissamartinez-150x150.jpg

5 KB
5 KB

17ms
16ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-julissamartinez-150x150.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 0da563d8fc4e14fac20984e96e83406f2554ee1bef09f5de660a7662c1713ecc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 29 Jun 2020 04:38:42 GMT
Server: nginx/1.20.1
ETag: "5ef97052-1256"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4694

Redirect headers

Location: https://static.publinews.gt/2020/06/opinion-julissamartinez-150x150.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

opinion-luisvalenzuela.jpg
static.publinews.gt/2020/06/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-luisvalenzuela.jpg
https://static.publinews.gt/2020/06/opinion-luisvalenzuela.jpg

5 KB
5 KB

17ms
15ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-luisvalenzuela.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 8195ec559939a3299a302f8e0c182ba87ddc46b9d26de044d2b8b69fd412a645

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 29 Jun 2020 01:14:33 GMT
Server: nginx/1.20.1
ETag: "5ef94079-1358"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4952

Redirect headers

Location: https://static.publinews.gt/2020/06/opinion-luisvalenzuela.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

opinion-mariaace%C3%B1a.jpg
static.publinews.gt/2020/06/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-mariaace%C3%B1a.jpg
https://static.publinews.gt/2020/06/opinion-mariaace%C3%B1a.jpg

6 KB
6 KB

17ms
16ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-mariaace%C3%B1a.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: a0aad236d91f8a4ccca9299f760e17fff3a18635872a6e38ae4900eead00cd38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 29 Jun 2020 01:14:43 GMT
Server: nginx/1.20.1
ETag: "5ef94083-18a4"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6308

Redirect headers

Location: https://static.publinews.gt/2020/06/opinion-mariaace%C3%B1a.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

opinion-nelsonleal-150x150.jpg
static.publinews.gt/2020/06/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-nelsonleal-150x150.jpg
https://static.publinews.gt/2020/06/opinion-nelsonleal-150x150.jpg

6 KB
6 KB

19ms
18ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-nelsonleal-150x150.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e91580f860a460f66df16f1383f3a285780216e698edf0407e07ff45ff1cd0c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 29 Jun 2020 04:38:41 GMT
Server: nginx/1.20.1
ETag: "5ef97051-1838"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6200

Redirect headers

Location: https://static.publinews.gt/2020/06/opinion-nelsonleal-150x150.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

opinion-paolarivano.jpg
static.publinews.gt/2020/06/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2020/06/opinion-paolarivano.jpg
https://static.publinews.gt/2020/06/opinion-paolarivano.jpg

6 KB
6 KB

14ms
14ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2020/06/opinion-paolarivano.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: cf85242e9b3ceb7147907911c2f6a14da84b99d06aba24c4daad28cbbf93209b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Mon, 29 Jun 2020 01:14:53 GMT
Server: nginx/1.20.1
ETag: "5ef9408d-181a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6170

Redirect headers

Location: https://static.publinews.gt/2020/06/opinion-paolarivano.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

NIN%CC%83O-CREA-SU-PROPIO-A%CC%81LBUM-DEL-MUNDIAL-640x576.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/NIN%CC%83O-CREA-SU-PROPIO-A%CC%81LBUM-DEL-MUNDIAL-640x576.jpg
https://static.publinews.gt/2022/08/NIN%CC%83O-CREA-SU-PROPIO-A%CC%81LBUM-DEL-MUNDIAL-640x576.jpg

42 KB
42 KB

18ms
17ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/NIN%CC%83O-CREA-SU-PROPIO-A%CC%81LBUM-DEL-MUNDIAL-640x576.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 9f9fdc49f32f71acb66c5ecce0ebc7724952ba9147196f3d2b46d2c783e0bade

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Wed, 31 Aug 2022 15:44:20 GMT
Server: nginx/1.20.1
ETag: "630f81d4-a86f"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43119

Redirect headers

Location: https://static.publinews.gt/2022/08/NIN%CC%83O-CREA-SU-PROPIO-A%CC%81LBUM-DEL-MUNDIAL-640x576.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

aparicio-lynner-414x232.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/aparicio-lynner-414x232.jpg
https://static.publinews.gt/2022/08/aparicio-lynner-414x232.jpg

17 KB
18 KB

18ms
17ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/aparicio-lynner-414x232.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: fb98c93cbc8f3b8213bcf9b5e149a22210238854b41e7cd1b6c05b89765e86b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Wed, 31 Aug 2022 15:21:48 GMT
Server: nginx/1.20.1
ETag: "630f7c8c-45f0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17904

Redirect headers

Location: https://static.publinews.gt/2022/08/aparicio-lynner-414x232.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

visita-de-infantino-a-Guatemala-1-414x232.jpeg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/visita-de-infantino-a-Guatemala-1-414x232.jpeg
https://static.publinews.gt/2022/08/visita-de-infantino-a-Guatemala-1-414x232.jpeg

14 KB
14 KB

18ms
17ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/visita-de-infantino-a-Guatemala-1-414x232.jpeg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 0f5e3f3cdc5c53c1abc30a8519e086fed3793f2f580ecee4a9b34fc2c40d8892

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Tue, 30 Aug 2022 20:59:19 GMT
Server: nginx/1.20.1
ETag: "630e7a27-38d6"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14550

Redirect headers

Location: https://static.publinews.gt/2022/08/visita-de-infantino-a-Guatemala-1-414x232.jpeg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

gianni-infantino-presidente-fifa-anima-guatemala-clasificar-mundial-publinews--414x232.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/gianni-infantino-presidente-fifa-anima-guatemala-clasificar-mundial-publinews--414x232.jpg
https://static.publinews.gt/2022/08/gianni-infantino-presidente-fifa-anima-guatemala-clasificar-mundial-publinews--414x232.jpg

14 KB
15 KB

13ms
12ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/gianni-infantino-presidente-fifa-anima-guatemala-clasificar-mundial-publinews--414x232.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: dfaaebdec60dc0454116815d8287e7975ba3ce5b6b575cbf4a301d251b4947b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:02 GMT
Last-Modified: Wed, 31 Aug 2022 00:48:31 GMT
Server: nginx/1.20.1
ETag: "630eafdf-39dc"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14812

Redirect headers

Location: https://static.publinews.gt/2022/08/gianni-infantino-presidente-fifa-anima-guatemala-clasificar-mundial-publinews--414x232.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

visita-de-infantino-a-Guatemala-1-640x640.jpeg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/visita-de-infantino-a-Guatemala-1-640x640.jpeg
https://static.publinews.gt/2022/08/visita-de-infantino-a-Guatemala-1-640x640.jpeg

36 KB
36 KB

12ms
12ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/visita-de-infantino-a-Guatemala-1-640x640.jpeg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: d77df218a292b8f67740205b6d1dc75666f15f1645b95519b7bef5f161a0f8f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Tue, 30 Aug 2022 20:59:19 GMT
Server: nginx/1.20.1
ETag: "630e7a27-8f58"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36696

Redirect headers

Location: https://static.publinews.gt/2022/08/visita-de-infantino-a-Guatemala-1-640x640.jpeg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

gianni-infantino-presidente-de-FIFA-visita-guatemala-publinews--414x232.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/gianni-infantino-presidente-de-FIFA-visita-guatemala-publinews--414x232.jpg
https://static.publinews.gt/2022/08/gianni-infantino-presidente-de-FIFA-visita-guatemala-publinews--414x232.jpg

13 KB
13 KB

16ms
14ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/gianni-infantino-presidente-de-FIFA-visita-guatemala-publinews--414x232.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 6eb371fe2cdba0f5fae6d062346e86535f2c667b80e23c4c65cd3fd24be65cef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Tue, 30 Aug 2022 22:24:51 GMT
Server: nginx/1.20.1
ETag: "630e8e33-349d"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13469

Redirect headers

Location: https://static.publinews.gt/2022/08/gianni-infantino-presidente-de-FIFA-visita-guatemala-publinews--414x232.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

eugenio-derbez-comediante-300x168.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/eugenio-derbez-comediante-300x168.jpg
https://static.publinews.gt/2022/08/eugenio-derbez-comediante-300x168.jpg

8 KB
8 KB

17ms
14ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/eugenio-derbez-comediante-300x168.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 5d4738110b480f423e4f0c054dd3444f7eb0388186dd356a8c171f26db1faaef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Tue, 30 Aug 2022 03:19:36 GMT
Server: nginx/1.20.1
ETag: "630d81c8-1f35"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7989

Redirect headers

Location: https://static.publinews.gt/2022/08/eugenio-derbez-comediante-300x168.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Presentador-de-La-Academia-acciona-contra-mujer-que-lo-acusa-de-abuso-sexual-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Presentador-de-La-Academia-acciona-contra-mujer-que-lo-acusa-de-abuso-sexual-187x140.jpg
https://static.publinews.gt/2022/08/Presentador-de-La-Academia-acciona-contra-mujer-que-lo-acusa-de-abuso-sexual-187x140.jpg

9 KB
9 KB

15ms
12ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/Presentador-de-La-Academia-acciona-contra-mujer-que-lo-acusa-de-abuso-sexual-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 880249a25ca053564710985b7a778579dc4839896e16b063816f9b068de5f1de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Wed, 31 Aug 2022 14:27:03 GMT
Server: nginx/1.20.1
ETag: "630f6fb7-2231"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8753

Redirect headers

Location: https://static.publinews.gt/2022/08/Presentador-de-La-Academia-acciona-contra-mujer-que-lo-acusa-de-abuso-sexual-187x140.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

yailin-la-mas-viral-publinews-1-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/yailin-la-mas-viral-publinews-1-187x140.jpg
https://static.publinews.gt/2022/08/yailin-la-mas-viral-publinews-1-187x140.jpg

6 KB
7 KB

16ms
14ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/yailin-la-mas-viral-publinews-1-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 37af9af0b46dbfcd7484c63a7436233e85730db5241bcab7aa6f84fdfd11b931

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Wed, 31 Aug 2022 00:50:57 GMT
Server: nginx/1.20.1
ETag: "630eb071-19d1"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6609

Redirect headers

Location: https://static.publinews.gt/2022/08/yailin-la-mas-viral-publinews-1-187x140.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

georgina-rodriguez-publinews-1-1-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/georgina-rodriguez-publinews-1-1-187x140.jpg
https://static.publinews.gt/2022/08/georgina-rodriguez-publinews-1-1-187x140.jpg

9 KB
9 KB

16ms
14ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/georgina-rodriguez-publinews-1-1-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 3be60f209c08e90c16558d5d32d6953439f287f5c88565c2e43cdcb40d6c3d58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Wed, 31 Aug 2022 00:24:17 GMT
Server: nginx/1.20.1
ETag: "630eaa31-2446"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9286

Redirect headers

Location: https://static.publinews.gt/2022/08/georgina-rodriguez-publinews-1-1-187x140.jpg
Date: Wed, 31 Aug 2022 16:06:02 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Van-Gogh-Suen%CC%83o-Inmersivo-publinews-1-300x300.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Van-Gogh-Suen%CC%83o-Inmersivo-publinews-1-300x300.jpg
https://static.publinews.gt/2022/08/Van-Gogh-Suen%CC%83o-Inmersivo-publinews-1-300x300.jpg

24 KB
24 KB

12ms
12ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/Van-Gogh-Suen%CC%83o-Inmersivo-publinews-1-300x300.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 364d1741b1499d9100a6b2324534a452e66a45f392481cec3f62e70e76da1419

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Tue, 30 Aug 2022 23:33:22 GMT
Server: nginx/1.20.1
ETag: "630e9e42-60cd"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24781

Redirect headers

Location: https://static.publinews.gt/2022/08/Van-Gogh-Suen%CC%83o-Inmersivo-publinews-1-300x300.jpg
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Cesia-y-Andre%CC%81s-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Cesia-y-Andre%CC%81s-187x140.jpg
https://static.publinews.gt/2022/08/Cesia-y-Andre%CC%81s-187x140.jpg

7 KB
8 KB

15ms
15ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/Cesia-y-Andre%CC%81s-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 487c60b5e53c1d237b331698067d65073bf3bce979a6149ec0c12b622efc819f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Tue, 30 Aug 2022 22:55:43 GMT
Server: nginx/1.20.1
ETag: "630e956f-1dfd"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7677

Redirect headers

Location: https://static.publinews.gt/2022/08/Cesia-y-Andre%CC%81s-187x140.jpg
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

eugenioderbezyal-03e2ad4f6af7ed3584aa69493660eb43-187x140.jpg
static.publinews.gt/2019/12/24/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2019/12/24/eugenioderbezyal-03e2ad4f6af7ed3584aa69493660eb43-187x140.jpg
https://static.publinews.gt/2019/12/24/eugenioderbezyal-03e2ad4f6af7ed3584aa69493660eb43-187x140.jpg

10 KB
10 KB

19ms
18ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2019/12/24/eugenioderbezyal-03e2ad4f6af7ed3584aa69493660eb43-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 9af9b37392830c3d27d0370c7e36fe4a21ff49ef2a0465d3ea33ab9c8a537595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Sun, 12 Jul 2020 20:28:20 GMT
Server: nginx/1.20.1
ETag: "5f0b7264-27a0"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10144

Redirect headers

Location: https://static.publinews.gt/2019/12/24/eugenioderbezyal-03e2ad4f6af7ed3584aa69493660eb43-187x140.jpg
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

ashleygrahamencienderedessexybailelenceria-cf27fce9cade7c55f7f799b5bdaf1214-187x140.jpg
static.publinews.gt/2018/01/17/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2018/01/17/ashleygrahamencienderedessexybailelenceria-cf27fce9cade7c55f7f799b5bdaf1214-187x140.jpg
https://static.publinews.gt/2018/01/17/ashleygrahamencienderedessexybailelenceria-cf27fce9cade7c55f7f799b5bdaf1214-187x140.jpg

6 KB
6 KB

14ms
13ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2018/01/17/ashleygrahamencienderedessexybailelenceria-cf27fce9cade7c55f7f799b5bdaf1214-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 07253e76af1894dfbbca9fddb53ed63c85e95d1b55ff082b7e469baef6a984d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Sun, 05 Jul 2020 02:02:31 GMT
Server: nginx/1.20.1
ETag: "5f0134b7-16f6"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5878

Redirect headers

Location: https://static.publinews.gt/2018/01/17/ashleygrahamencienderedessexybailelenceria-cf27fce9cade7c55f7f799b5bdaf1214-187x140.jpg
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

laura-flores-300x168.jpg
static.publinews.gt/2017/08/23/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2017/08/23/laura-flores-300x168.jpg
https://static.publinews.gt/2017/08/23/laura-flores-300x168.jpg

7 KB
7 KB

18ms
18ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2017/08/23/laura-flores-300x168.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e38e2116e7fcecafc78b089ca5d6e23cb944090acae7e75dd87ccb1c776a1849

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Tue, 14 Jul 2020 03:25:34 GMT
Server: nginx/1.20.1
ETag: "5f0d25ae-1ccc"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7372

Redirect headers

Location: https://static.publinews.gt/2017/08/23/laura-flores-300x168.jpg
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Clara-Chia-Marti-y-Gerard-Pique-414x232.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Clara-Chia-Marti-y-Gerard-Pique-414x232.jpg
https://static.publinews.gt/2022/08/Clara-Chia-Marti-y-Gerard-Pique-414x232.jpg

22 KB
22 KB

20ms
19ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/Clara-Chia-Marti-y-Gerard-Pique-414x232.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 50c64c30ceeb83775f2b933b917c3657f818dfd38cad2180b0f2d262b1157e63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Tue, 30 Aug 2022 14:20:37 GMT
Server: nginx/1.20.1
ETag: "630e1cb5-56a6"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22182

Redirect headers

Location: https://static.publinews.gt/2022/08/Clara-Chia-Marti-y-Gerard-Pique-414x232.jpg
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Robert-Lupone-los-soprano-187x140.png
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Robert-Lupone-los-soprano-187x140.png
https://static.publinews.gt/2022/08/Robert-Lupone-los-soprano-187x140.png

65 KB
65 KB

16ms
15ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/Robert-Lupone-los-soprano-187x140.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: c86748710e797c6d7933b864f62834904876163ae177570a332a2c477ad6aca6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Tue, 30 Aug 2022 13:51:38 GMT
Server: nginx/1.20.1
ETag: "630e15ea-102a2"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66210

Redirect headers

Location: https://static.publinews.gt/2022/08/Robert-Lupone-los-soprano-187x140.png
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

eugenio-derbez-comediante-187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/eugenio-derbez-comediante-187x140.jpg
https://static.publinews.gt/2022/08/eugenio-derbez-comediante-187x140.jpg

5 KB
5 KB

15ms
12ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/eugenio-derbez-comediante-187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 76932632c4ba6d864a00b6341a9d5460f9b44ff952e478c47e68ffe664624efb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Tue, 30 Aug 2022 03:19:36 GMT
Server: nginx/1.20.1
ETag: "630d81c8-14ca"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5322

Redirect headers

Location: https://static.publinews.gt/2022/08/eugenio-derbez-comediante-187x140.jpg
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

arturo-lopez-gavito-publinews-1-414x232.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/arturo-lopez-gavito-publinews-1-414x232.jpg
https://static.publinews.gt/2022/08/arturo-lopez-gavito-publinews-1-414x232.jpg

8 KB
9 KB

17ms
14ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/arturo-lopez-gavito-publinews-1-414x232.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 2165620fa9b4145a3e19a084e259da7f094390109f8742410ebd36d8899c3e26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Tue, 30 Aug 2022 00:56:36 GMT
Server: nginx/1.20.1
ETag: "630d6044-2191"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8593

Redirect headers

Location: https://static.publinews.gt/2022/08/arturo-lopez-gavito-publinews-1-414x232.jpg
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

House-Of-the-Drago%CC%81n-publinews--187x140.png
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/House-Of-the-Drago%CC%81n-publinews--187x140.png
https://static.publinews.gt/2022/08/House-Of-the-Drago%CC%81n-publinews--187x140.png

46 KB
46 KB

18ms
15ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/House-Of-the-Drago%CC%81n-publinews--187x140.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 9251eeb3c03ab159a47dffd5e5740756c82f088da7b82d17541395ff101f227d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Tue, 30 Aug 2022 00:29:22 GMT
Server: nginx/1.20.1
ETag: "630d59e2-b887"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47239

Redirect headers

Location: https://static.publinews.gt/2022/08/House-Of-the-Drago%CC%81n-publinews--187x140.png
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

danna-paola-publinews--187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/danna-paola-publinews--187x140.jpg
https://static.publinews.gt/2022/08/danna-paola-publinews--187x140.jpg

6 KB
6 KB

15ms
13ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/danna-paola-publinews--187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 0f8794ef6a720afcd13b0681fd4d770447a5095d7e60330c52762bc8083d7953

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Tue, 30 Aug 2022 00:12:11 GMT
Server: nginx/1.20.1
ETag: "630d55db-1664"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5732

Redirect headers

Location: https://static.publinews.gt/2022/08/danna-paola-publinews--187x140.jpg
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

PORTADA-PUBLINEWS-31-AGOSTO-2022.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/PORTADA-PUBLINEWS-31-AGOSTO-2022.jpg
https://static.publinews.gt/2022/08/PORTADA-PUBLINEWS-31-AGOSTO-2022.jpg

441 KB
441 KB

16ms
14ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/PORTADA-PUBLINEWS-31-AGOSTO-2022.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: fc80d7c8c7af5d54f59d93bbbbb74c35d7834a85f3d363240fc0bca8bc43a1fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Wed, 31 Aug 2022 08:03:42 GMT
Server: nginx/1.20.1
ETag: "630f15de-6e2e6"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 451302

Redirect headers

Location: https://static.publinews.gt/2022/08/PORTADA-PUBLINEWS-31-AGOSTO-2022.jpg
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

espacio-ocupacional-restaurante-quetzaltenango-300x300.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/espacio-ocupacional-restaurante-quetzaltenango-300x300.jpg
https://static.publinews.gt/2022/08/espacio-ocupacional-restaurante-quetzaltenango-300x300.jpg

12 KB
13 KB

14ms
13ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/espacio-ocupacional-restaurante-quetzaltenango-300x300.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: f1887d08d005e0cb9f16eaffa7914de0f834f4292835a69561adad05b36b2436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Wed, 31 Aug 2022 14:40:16 GMT
Server: nginx/1.20.1
ETag: "630f72d0-31c5"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12741

Redirect headers

Location: https://static.publinews.gt/2022/08/espacio-ocupacional-restaurante-quetzaltenango-300x300.jpg
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

El-Chavo-del-8-don-Ramo%CC%81n-y-la-Chilindrina-se-lucieron-con-un-gran-show.--300x168.png
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/El-Chavo-del-8-don-Ramo%CC%81n-y-la-Chilindrina-se-lucieron-con-un-gran-show.--300x168.png
https://static.publinews.gt/2022/08/El-Chavo-del-8-don-Ramo%CC%81n-y-la-Chilindrina-se-lucieron-con-un-gran-show.--300x168.png

73 KB
73 KB

14ms
14ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/El-Chavo-del-8-don-Ramo%CC%81n-y-la-Chilindrina-se-lucieron-con-un-gran-show.--300x168.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: adb44f29ca95e43406f4c3434262b8e3016a378ee2e51223fd11ef3c79a6f5b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Tue, 30 Aug 2022 22:36:56 GMT
Server: nginx/1.20.1
ETag: "630e9108-12234"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 74292

Redirect headers

Location: https://static.publinews.gt/2022/08/El-Chavo-del-8-don-Ramo%CC%81n-y-la-Chilindrina-se-lucieron-con-un-gran-show.--300x168.png
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Reunio%CC%81n-escolar-termina-en-pelea-campal--187x140.png
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Reunio%CC%81n-escolar-termina-en-pelea-campal--187x140.png
https://static.publinews.gt/2022/08/Reunio%CC%81n-escolar-termina-en-pelea-campal--187x140.png

43 KB
43 KB

16ms
15ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/Reunio%CC%81n-escolar-termina-en-pelea-campal--187x140.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: d78ccee2910b62b729634ed37d0000e39dd0092cf3f278247668af30c0108f2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Tue, 30 Aug 2022 22:22:21 GMT
Server: nginx/1.20.1
ETag: "630e8d9d-ab2c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43820

Redirect headers

Location: https://static.publinews.gt/2022/08/Reunio%CC%81n-escolar-termina-en-pelea-campal--187x140.png
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Se-hace-viral-un-extran%CC%83o-animal-con-apariencia-de-perro-187x140.png
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Se-hace-viral-un-extran%CC%83o-animal-con-apariencia-de-perro-187x140.png
https://static.publinews.gt/2022/08/Se-hace-viral-un-extran%CC%83o-animal-con-apariencia-de-perro-187x140.png

48 KB
49 KB

17ms
16ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/Se-hace-viral-un-extran%CC%83o-animal-con-apariencia-de-perro-187x140.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 2e5e3213e89839fadc122682148b6f08fc41eb2f2ff8d8a3be8314e936df6368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Mon, 29 Aug 2022 13:23:38 GMT
Server: nginx/1.20.1
ETag: "630cbdda-c1a4"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49572

Redirect headers

Location: https://static.publinews.gt/2022/08/Se-hace-viral-un-extran%CC%83o-animal-con-apariencia-de-perro-187x140.png
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Maestra-reprueba-a-alumna-por-entregar-tarea-con-lenguaje-inclusivo22--187x140.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Maestra-reprueba-a-alumna-por-entregar-tarea-con-lenguaje-inclusivo22--187x140.jpg
https://static.publinews.gt/2022/08/Maestra-reprueba-a-alumna-por-entregar-tarea-con-lenguaje-inclusivo22--187x140.jpg

5 KB
5 KB

14ms
13ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/Maestra-reprueba-a-alumna-por-entregar-tarea-con-lenguaje-inclusivo22--187x140.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 8167cf5c527ce9551e0fc2e7bd7b315a9ef815d7f91f3338351bd498af468336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Sun, 28 Aug 2022 22:22:11 GMT
Server: nginx/1.20.1
ETag: "630bea93-14d4"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5332

Redirect headers

Location: https://static.publinews.gt/2022/08/Maestra-reprueba-a-alumna-por-entregar-tarea-con-lenguaje-inclusivo22--187x140.jpg
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Nin%CC%83a-de-2-an%CC%83os-mata-a-mordidas-a-una-serpiente-que-la-mordio%CC%81-primero-300x300.png
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Nin%CC%83a-de-2-an%CC%83os-mata-a-mordidas-a-una-serpiente-que-la-mordio%CC%81-primero-300x300.png
https://static.publinews.gt/2022/08/Nin%CC%83a-de-2-an%CC%83os-mata-a-mordidas-a-una-serpiente-que-la-mordio%CC%81-primero-300x300.png

132 KB
132 KB

14ms
14ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/Nin%CC%83a-de-2-an%CC%83os-mata-a-mordidas-a-una-serpiente-que-la-mordio%CC%81-primero-300x300.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: cd82d566535d0b66758f1b99b889967cd6828985bc98bfa0a4c7551f41fcd032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Sun, 28 Aug 2022 21:32:16 GMT
Server: nginx/1.20.1
ETag: "630bdee0-21097"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 135319

Redirect headers

Location: https://static.publinews.gt/2022/08/Nin%CC%83a-de-2-an%CC%83os-mata-a-mordidas-a-una-serpiente-que-la-mordio%CC%81-primero-300x300.png
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

Conductor-impacto%CC%81-su-auto-contra-vivienda-y-llego%CC%81-hasta-la-cocina-300x300.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/Conductor-impacto%CC%81-su-auto-contra-vivienda-y-llego%CC%81-hasta-la-cocina-300x300.jpg
https://static.publinews.gt/2022/08/Conductor-impacto%CC%81-su-auto-contra-vivienda-y-llego%CC%81-hasta-la-cocina-300x300.jpg

24 KB
25 KB

17ms
15ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/Conductor-impacto%CC%81-su-auto-contra-vivienda-y-llego%CC%81-hasta-la-cocina-300x300.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: a753f298789dae8ad91548a345d839638170cd51ae74260c2f262492e8751072

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Sat, 27 Aug 2022 18:50:48 GMT
Server: nginx/1.20.1
ETag: "630a6788-6186"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24966

Redirect headers

Location: https://static.publinews.gt/2022/08/Conductor-impacto%CC%81-su-auto-contra-vivienda-y-llego%CC%81-hasta-la-cocina-300x300.jpg
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

descubre-mcdonalandia-mcdonalds-zona-juegos-amenidades-naranjo-mall-publinews-1-300x300.jpeg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/descubre-mcdonalandia-mcdonalds-zona-juegos-amenidades-naranjo-mall-publinews-1-300x300.jpeg
https://static.publinews.gt/2022/08/descubre-mcdonalandia-mcdonalds-zona-juegos-amenidades-naranjo-mall-publinews-1-300x300.jpeg

30 KB
30 KB

15ms
13ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/descubre-mcdonalandia-mcdonalds-zona-juegos-amenidades-naranjo-mall-publinews-1-300x300.jpeg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 488866fa28bf7969cb05e48b0842dd23c409c8fcb15351df0c5b3cac4219a617

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Fri, 26 Aug 2022 16:45:07 GMT
Server: nginx/1.20.1
ETag: "6308f893-770d"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30477

Redirect headers

Location: https://static.publinews.gt/2022/08/descubre-mcdonalandia-mcdonalds-zona-juegos-amenidades-naranjo-mall-publinews-1-300x300.jpeg
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

comex-llena-de-color-mirador-las-nubes-solola-emisoras-unidas-publinews-1-300x168.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/comex-llena-de-color-mirador-las-nubes-solola-emisoras-unidas-publinews-1-300x168.jpg
https://static.publinews.gt/2022/08/comex-llena-de-color-mirador-las-nubes-solola-emisoras-unidas-publinews-1-300x168.jpg

13 KB
13 KB

14ms
13ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/comex-llena-de-color-mirador-las-nubes-solola-emisoras-unidas-publinews-1-300x168.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 59706d892b5158ca9fd1f3ea8b33035ea4894e449cbb06fe42e7ef2e93f4af6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Fri, 26 Aug 2022 19:08:52 GMT
Server: nginx/1.20.1
ETag: "63091a44-3321"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13089

Redirect headers

Location: https://static.publinews.gt/2022/08/comex-llena-de-color-mirador-las-nubes-solola-emisoras-unidas-publinews-1-300x168.jpg
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

participa-la-ruta-al-bienestar-financiero-bam-museo-ferrocarril-guatemala-publinews-11-300x168.png
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/participa-la-ruta-al-bienestar-financiero-bam-museo-ferrocarril-guatemala-publinews-11-300x168.png
https://static.publinews.gt/2022/08/participa-la-ruta-al-bienestar-financiero-bam-museo-ferrocarril-guatemala-publinews-11-300x168.png

91 KB
92 KB

15ms
14ms

Image
image/png

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/participa-la-ruta-al-bienestar-financiero-bam-museo-ferrocarril-guatemala-publinews-11-300x168.png
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: c9d8d2e92dd150ea79a80180174ddd106e3c5d2b27fb1511771e9dfba9428fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Thu, 18 Aug 2022 17:13:03 GMT
Server: nginx/1.20.1
ETag: "62fe731f-16d58"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93528

Redirect headers

Location: https://static.publinews.gt/2022/08/participa-la-ruta-al-bienestar-financiero-bam-museo-ferrocarril-guatemala-publinews-11-300x168.png
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

anuncian-la-decima-edicion-del-training-day-en-guatemala-publinews-emisoras-unidas-1-1-300x168.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/anuncian-la-decima-edicion-del-training-day-en-guatemala-publinews-emisoras-unidas-1-1-300x168.jpg
https://static.publinews.gt/2022/08/anuncian-la-decima-edicion-del-training-day-en-guatemala-publinews-emisoras-unidas-1-1-300x168.jpg

13 KB
13 KB

13ms
12ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/anuncian-la-decima-edicion-del-training-day-en-guatemala-publinews-emisoras-unidas-1-1-300x168.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 60cd5f5fd4564d87050ccdebef5e222235df46c8749240a0564eb34f1644648b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Tue, 23 Aug 2022 21:41:30 GMT
Server: nginx/1.20.1
ETag: "6305498a-33d5"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13269

Redirect headers

Location: https://static.publinews.gt/2022/08/anuncian-la-decima-edicion-del-training-day-en-guatemala-publinews-emisoras-unidas-1-1-300x168.jpg
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1

200
OK

tarjetas-cuscatlan-presenta-multipuntos-nuevo-programa-lealtad-emisoras-unidas-publinews-3-300x168.jpg
static.publinews.gt/2022/08/
Redirect Chain

https://www.publinews.gt/gt/wp-content/uploads/2022/08/tarjetas-cuscatlan-presenta-multipuntos-nuevo-programa-lealtad-emisoras-unidas-publinews-3-300x168.jpg
https://static.publinews.gt/2022/08/tarjetas-cuscatlan-presenta-multipuntos-nuevo-programa-lealtad-emisoras-unidas-publinews-3-300x168.jpg

18 KB
18 KB

17ms
16ms

Image
image/jpeg

49.12.125.168
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.publinews.gt/2022/08/tarjetas-cuscatlan-presenta-multipuntos-nuevo-programa-lealtad-emisoras-unidas-publinews-3-300x168.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Server: 49.12.125.168 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.168.125.12.49.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: 305fdde3249b89d0bddbadce2a090ea2877549b9f6ac836375f58f682cc84ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Last-Modified: Thu, 18 Aug 2022 17:52:10 GMT
Server: nginx/1.20.1
ETag: "62fe7c4a-48a8"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18600

Redirect headers

Location: https://static.publinews.gt/2022/08/tarjetas-cuscatlan-presenta-multipuntos-nuevo-programa-lealtad-emisoras-unidas-publinews-3-300x168.jpg
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: nginx/1.20.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H/1.1 200
OK 4as54di69f4s Show response
hal9000.redintelligence.net/zone/ Frame 6151 11 KB
4 KB 1003ms
15ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/4as54di69f4s?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCnf76YYPY46rMNL63wPa8ILICd2t6Khgu4_f1IgK8C4QASDm3vh9YJXCpoKwB8gBCakCojANkwrIsD6oAwGqBJ4CT9CBAlfD3qQE1lkZvLoDMoa5uK17yg4qBw8AtDG00xqYbiLZY4cMJRzoDMUlCdWNKaX3HLsURQVeRELBWQa3bVw390iYv5hcqFiLx8c_6442cuFGpTyVrH54RBN-VcuNoBfb7DlpwllwkRSzJDyoCjQrALYPvf3TNr8eCAduWbULSr_RIgveVzg15Nr_Q0TF7mD47R4K4XzGd6sYH3a45ccyqOQGw_CYTJ0_ylRYrJOoCySzSIb3_7MKT28VxlsosHT0iBqyoiOj4TDLV18rPo3klhnTd6CVoK9dNPhp2biQzYWpy5mugEGIGTv8cFoFjbQklOBUvgGJlmhFvOSgf6TIIAPKNp1_upYncDXP8HZe3ujVBWNMvEdNwEvKYsAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSLgCsnQUxQykVlEe9bolkZfsPcNI58CtMlCfZCTkxIHCP0tBgoQ1jBvpq8qP-Fbc%26sig%3DAOD64_1k-VImJ0_q-MUZmAu7wUtPm87Yow%26client%3Dca-pub-4922954394584665%26dbm_c%3DAKAmf-CU26BcM9WF_Y7IxDAyh5xE3YSGQqjDybGopUwTqTkyLO9ch3ltzQFlVBea8_0mtcHgSQztSFD2IdqE8LW-Lpz0ilppi-m8X4vDq-xSjXd3vSsb9eszR1ei9u91MRbrTWrds9o_Qr82Y_QJR4nvZOw1494CWA%26cry%3D1%26dbm_d%3DAKAmf-BViONy-B0t72xJ0x4lR0OA4W6Nyu3e4J7kb2nVtdjGPKPsZuB_ZihLZ4lUEr3un1EZu0K28mE0ScArI4VbnrmqTJHkbi8_LlWq9Sd_O4s0wvkPTUnqvnBWFBG8CmW8HDknswEJs4qjf7PLVCWibUnyhpSUxNensb-kKAb-fUPC-ORusTK29fU1BS3glish_75Fom16KTqGeIRqcSnC5sBbYzB4rBO_-zhuSilmEgGtpSr-h8siMLkgY56LRQvnCqmcV8a-H0s0By46o4dm444Y3p8ThA4yiq0s9ZiQcTz5nl-D2eaqmc735sEvera143AqUrnQilS_1Y3OSWDZeZps8n-pgnkNlTa_9kMPpD6G92AYNrzwU6v7s97dDxc6xe5IeU08pOoGXQVGXuUg1GfXZPSN6cxWudNwG0WcbGx8KJEyK6td80fwFw3pC8ZuCXejrczllU-RZZLxKQYi8W7DxFdamUrpqiWgthziUoFLvRFynGcZlLbpGAN9SFS6uXAXkvJf3wGfIUofl04maRbKmZrEwQ%26adurl%3D
Requested by: Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f28a421421e04b7000d12f4a4255b0d4b1c3455f993d343cbff460868cc960aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4067
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 23D8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKRlx80ax8oxRJN35f6kN2o&google_cver=1

43 B
61 B

42ms
23ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKRlx80ax8oxRJN35f6kN2o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYsa6jzAEwAQ&v=APEucNWnaheSIB8b3O2-XtmI5EV67s006WCMaG9L2O1OvrqNOdSJU8wzNCNj5WZs2MS-z0XrkP6Viq548JP89eF5J62KfiwSrfiWu1b4swCXzl_knURa8TCBV3-8H2SA1nKXZCgUKLLAFQl0VuBTW1evK6BR3lUWx3gLjqDzXiQexoyxEp4UV8o
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKRlx80ax8oxRJN35f6kN2o&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 23D8 43 B
304 B 76ms
13ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYsa6jzAEwAQ&v=APEucNWnaheSIB8b3O2-XtmI5EV67s006WCMaG9L2O1OvrqNOdSJU8wzNCNj5WZs2MS-z0XrkP6Viq548JP89eF5J62KfiwSrfiWu1b4swCXzl_knURa8TCBV3-8H2SA1nKXZCgUKLLAFQl0VuBTW1evK6BR3lUWx3gLjqDzXiQexoyxEp4UV8o
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 23D8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEFZWlrawSbAcIGvElw7RNQs&google_cver=1

23 B
172 B

58ms
57ms

Image
image/gif

23.47.209.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEFZWlrawSbAcIGvElw7RNQs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYsa6jzAEwAQ&v=APEucNWnaheSIB8b3O2-XtmI5EV67s006WCMaG9L2O1OvrqNOdSJU8wzNCNj5WZs2MS-z0XrkP6Viq548JP89eF5J62KfiwSrfiWu1b4swCXzl_knURa8TCBV3-8H2SA1nKXZCgUKLLAFQl0VuBTW1evK6BR3lUWx3gLjqDzXiQexoyxEp4UV8o
Protocol: H2
Server: 23.47.209.72 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-72.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 31 Aug 2022 16:06:03 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEFZWlrawSbAcIGvElw7RNQs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 23D8 23 B
172 B 162ms
75ms Image
image/gif 23.47.209.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYsa6jzAEwAQ&v=APEucNWnaheSIB8b3O2-XtmI5EV67s006WCMaG9L2O1OvrqNOdSJU8wzNCNj5WZs2MS-z0XrkP6Viq548JP89eF5J62KfiwSrfiWu1b4swCXzl_knURa8TCBV3-8H2SA1nKXZCgUKLLAFQl0VuBTW1evK6BR3lUWx3gLjqDzXiQexoyxEp4UV8o
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.209.72 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-72.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 31 Aug 2022 16:06:02 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1034476/65088021/ Frame 5E3E 46 KB
12 KB 132ms
39ms Script
application/javascript 52.17.139.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1034476/65088021/skeleton.js?ias_dspID=3&ias_campId=29064847&ias_pubId=pub-4922954394584665&ias_chanId=1&ias_placementId=17447215411&bidurl=https://www.publinews.gt/gt/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hY-X_nu7KpnNhO2vp7hz5f
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.139.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-139-148.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: fe28f6a7cecf2b2c30b9bc5b5c5b6d02acb5c1ec00fdb65cf3ff02975ec9bf86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 5E3E 170 KB
59 KB 87ms
25ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
Origin: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 07:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Sep 2022 07:50:59 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/elements/html/ Frame 5E3E 8 KB
3 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C1FTFvd-czitcwiT7ZGe8VrzUN3JPeHY_d7Lk1lA22mCWNL_BurcuXijnBxxTMUhHrABPLx98R6Q-rp3DrbrjBFHX3XP43aYBwY2b2wP7CQYKnI8b4Df8-WxpHNaPy9pyKOODAXjDPl7SZ7wD583oO1P0cSg&dbm_d=AKAmf-Cqgn9Ev2sdLIT-CTJTS0nOF8jby_lBGcgq0cQIvM3PYbPooTM5Nk8iUxXAo2sunqZ5NP9LSIgCzqK50mxnv--z9PHZBiPJ91aQhtrSu9-XCLMZWmobqQ1_gsEJ9WhZ0Dizt5FE2_wRr1P-uOoTrAzNv8kTlpdrSZGsVRBCgKJSswh-xCCLysxdhynvGNqgxbYphtMqATX-VKkdr98rQuhXrMtycUH-CqEdOLEh8AN9L9DzsVCXi-kcaFqT8WsD6r_qlWk0hH-X_IDp8FBMWGO5RsOdE8OljndUqZtZ0IZSg4ebfWhzofVZizcH0Sqc56jMhkM2gEVH5VP-53_GKOHybJAKl4agMTAdOad9m5N14ZHBJ9oJ_2olGcXHDthVx70PeH0YR1gfmitxLNdI2CrqE-U2B0EKvV_VfU1XxGZ0glmGtgQ7ppRt1H1QMkEFFGxFF_mzDm0pJSB2GuMhtDtgeIgkeIAcrunnwcsNGxg-00upqoidMw2_8Kz9-fKoo43Cn3q6fVa9LngEeZvBaEyI11bElNRL8CNob2-5L1-xbmRF27MMHnw0lePqOs9OHj0V3QO3JyPQ2TkLRYQM8p37QYV5UISqq1np7dDrrGt2A2jp7dx5QJNzX9CAtumL5FtA60SuIjMojdxGbZp9lnBt64Aw3C302V0Myz6JiuPMfAaOoglkR3RokTEnjrnlwqKMKcHrTSg8159Bm3PuIDgLT6WsjVD5QrXN0GR5-d2-sTVvAOXmSnA6k5jhV59DTOaRraa4W4vt3gLkQkodVkOJGvnOLs4-QNjKfHuT84oFXmTPMsfkNh05Qr0CsW9CztsirsLizsnVfqD5Lg-4ZQxyndsU3-wb_DL8ZYdGZX-gQTpDwfs3iXW1l74ur2E8kB_VsmbmhFi024p8M-BcsyDKzvLYXRQsOVRv2NXl9QoWFiOPA4jbYMUgaC2MSr_ogpNkO_VqFr8GFHRXOpfDqZP1wkLi07-62rRTaLKnHh_Iexoygacd-WbpOSNHuN1iKdfa_8NZ0VSYOcR3vfTq67X9p6UKKQ8VXTaIFgsvrwubMXNP5sUTQnO54X_xZhiYQfIQ8LGNONNh5-HIjII3NZOOJdpH9CXW9o6fQ-3rKhgQp0xZyTtm-T8RdkGguQpQcHiIeJrbbBONK7PCgCZRZyTZg8dZNmn2vxzTpDszBywsjdnU6g0cgOvrLw-MXfMBY3J04x88EZCVAierumoV1a1o7tvCFeKkiO1NWub_ytLafV1kno4JG6tTsfrcIopSSVSh9yEhIKqh0c5dzBALXuZDLcGieogXopB7RcNfqXbDAvSTCPSMn93z67bkEHkkcV9xXjBdDemFJknsO_gqeZe12pp_zaZuO58MLKEUV5O0vO_Qo0Fepj1h0mUQJvLf0sw_jqE2OxwAmT-ys_2vsoTWbhNAiZx9V_mUaW6bCvhl_OJ7_fd_kd8CVEWbuRtdhy6JEMqVyWks2wDu5kDmUtSZfEuMijoYRqkToSogsDrCDmPXhiJXeE4Yrf8LChcbH4bbhm5AnW6N4Atq-1h_C6eDPU17mVK6zcd4y-1AIEXfzRgsju_ZmHtVL_5Vrx6yFT_Ch0yoZon4fTK8PUEF_5aSHsP4TTmmXsALLL3oddZ2KqRHyV9LiUK-wN8SA1VRlztdjiXmKeG3dmE08sdjl6siFDMKVP6Y_4KBZX1cLq3YgbYmFr4c_FZmav0nbRTD4jjqaqSi1YheFXaSVNdj_lE0YlJHTlcezgGXFwXD0czRhegLoddvoFoGILOOGvHcMcO_07ZTiLs_m5PblY32PwIzQDsCRYDKToGP_9dFVGH2UJxURnIcBqGJWDMLpG1wcjsmoSe9YgY0G45G5qzbymppEN8HWwHTnYX2A0QYa2wBIkRJ34EXgazK2hPxxmRuzLgUl3UR4vOhaIrLvQirO0G9LDC69UZJe_TN-7alMsfVHh5WUgzj4Ez85c2hL7VN538FusGw6bAaZs2wAzOrVth1DDv_UaF-HkrGjpgwyFm8iCjQD9AKQQQ17mW9LhHrsqtnoSeKBa3ML55W1BUKNPL5HqO7iUwXxP9ZGbAzMeNrTjmH_TGgLLQ9WUz026BmMJSFnNFAtBNEpx7zDo8BIpenduKAfr2t8YDaRozezC1Kqx5bx1UmixvZ8NHKXVe8gYvXllIOZcC3BXH4c1npdN7EeQcUG6O86TYjrRDoZgaxwasyRwXhpIpbOBKnVPpkkwzpM0wKwCsNgeRi_gPwros27kN3PyCgnRsPF1kD0joS8nrl3lbzD9dcvv8EcYaX-6rIcgp_Mhfo3WTt1o0sFbuHFt4kQxtB1dZzLH3CNY_RWOMX6wMivLqtbSZRsGm9CJzXcuOzBwu2sx2oLszMCi4IVyK4DFKtlaaSR7zIBW0B1cgqZPrfd7vR1PrsbDLXEXzhgUi4w5ng3823j2pcm_x6y2REr6n_qGcSTCWa3di3-p54lV4qKcy3-d8OK_WQxQtUjuWL_edhP3LVtUug8AtcwI94WwhxciZD1Hn7cqPgDXGv_RaUGGgtpNC-9sV2lGE5moxWCHC6RgijUU1Cs-gT5iPqZ2yaRhoQEokHQMWWZAB-CiE7vf7ndwXnRZ4jkcrqjY8JgYGvYcUfthgb7vtLBd9eHfsGZbcFhJ-y13-OuTnUmqJiE8_ohn7pCycivxJ4xUBLkxd_G1R9_Wcc9QABJLUI37UUaZYOZxTL97B-MGxHwxCtOl60P1E5DmYGq6_fheJsN2703YQqZw38_zYJMbBKQVSNjOiNa2AqbJwS8Az9QXw6cxHg55PqMHvxr7xxQ0Pv8AQz1tOgAiyY6RjQpNRDF9h3G69I27BmYThqbFRxO_8YCGz-5rhslwVMQ4XzylDUIIG37I9qH4Mq6H1sJJ6GDRb9QSqhfKCrki7_kmnVoBv-xiqwDjNqJ-9UAn7mkv9A3AHUOjh6ng656jnHWzNifJZWCjXOfQoL65rF3kbOr5qvMOZZwA7i5jh1jyWqGr04wA-F4coXqkbSM2QIv-TRw7pqjdYaxq1iyp4Q55UwA8TIOj_FScH6ECVKmS-nkUA8PQLL8xHY6KVrAHfvKuqtv_YZw-JymrGvD-sdXKoZSYUuIQln-MuIzOiEcBKdio3Xe3-BPuOsemOUQelT-fKH6dC3JNCRjOmgzB1EL8C8BtsoLf3aZ-gD_yWRf72o7-dRF9BzlIw-H8X0oXaa7u4k8eUhLhSNNRV90iUVMf9ovCfQ4r1TvQsApZqa-zFZP_k9nmvLtpHq4E96zlFIyvjHdR40DwZOe4uxqrgj5rVynGigGtn_nvO8QZ0creb1oOkDHocyelLo9uYGplMmP_mW8ZMyxlrICB3_-N32XU07LIWeBvWZ5XjY9SAL0dg525VUTRJ-94TFo7PkgWCQQ4hb-Gfs5ca5j9y2q0-UEYgVrd4&cid=CAASJeRoBZtBe-CX7CKirEbCMPy5_WrZCGHGeXd3Mi37f8ySUhbERLk&rfl=1%2Chttps%253A%252F%252Fwww.publinews.gt%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 16:05:30 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/ Frame 5E3E 30 KB
12 KB 30ms
27ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220829/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dac404ab5c3fcdc83e30b66349bccf92526406c5fdd63b9c1394acf78348ac52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 15:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 497
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11766
x-xss-protection: 0
server: cafe
etag: 14053427913132020778
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 15:57:45 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3D15 709 B
590 B 152ms
112ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=a523be257c00bf7735885393b7cb849c15275a5b

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.9d00f3a022654eb8edfbc3190e981f9d.html?origin=https%3A%2F%2Fwww.publinews.gt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

d65246f2a98e02b32e2a0d80916e65eab499aebe923d078037efd692b31cef58

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-response-time: 105
date: Wed, 31 Aug 2022 16:06:02 GMT
content-encoding: gzip
last-modified: Wed, 31 Aug 2022 16:06:02 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 15d4a6c7665bd1436da72827753f3fe707f7a07eae5f161ff0b808a5ff05f3a1
content-length: 308

GET
H3 200 0e36d09df9ff74ac9a9a8e304d461f4b.js Show response
www.gstatic.com/mysidia/ Frame E800 10 KB
4 KB 51ms
16ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0e36d09df9ff74ac9a9a8e304d461f4b.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=215320707&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661961962&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661961962168&bpp=4&bdt=840&idt=140&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd6cea47d8f1844f%3AT%3D1661961961%3AS%3DALNI_MZvvvsOUiZk6ZoyRb3yR-BYpbQkfA&prev_fmts=0x0&nras=1&correlator=4211812736668&frm=20&pv=1&ga_vid=463825994.1661961962&ga_sid=1661961962&ga_hid=305441450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=4082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771162%2C44771548&oid=2&pvsid=3672797894874316&tmod=193539051&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=ptyd6rNA46&p=https%3A//www.publinews.gt&dtd=147

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a5dc38cec076d349128944270877cc436cf084bb9ea8130ad55a644c40b35f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 02:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4500
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 01:10:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 02:47:01 GMT

GET
H3 200 e2875713480840d8712332133311d4ea.js Show response
www.gstatic.com/mysidia/ Frame E800 19 KB
8 KB 52ms
18ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e2875713480840d8712332133311d4ea.js?tag=pingback

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d124788e480924e0a0917ef210d06075bd5166a9f9cc75f2937a98a4a497199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 03:37:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 563337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7767
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 03:37:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E800 6 KB
672 B 92ms
31ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 15:05:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 31 Aug 2022 16:06:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Aug 2022 16:06:02 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame E800 2 KB
902 B 17ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 15:59:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 15:59:19 GMT

GET
H3 200 a44a0b8f447061e92ca19622c4392a02.js Show response
www.gstatic.com/mysidia/ Frame E800 6 KB
2 KB 51ms
17ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 16:51:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2233
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 01:10:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 16:51:24 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/ Frame E800 23 KB
9 KB 24ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f63e08b18115b72e6d2cbe9db5f7527d2731545d38beae54317e10cfe0f58fc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9615
x-xss-protection: 0
server: cafe
etag: 5965352936607719246
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 16:05:24 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame E800 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 16:05:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame E800 17 KB
7 KB 25ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 15:55:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 15:55:40 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E800 0
0 28ms
27ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQlSSN7fFtxz_Q8XHSb-RTfg-oxT8hBbkYBSFnvNHrUDpxcsecSVhOhq0gufQiAy2ScfjbD9q9pDWnXYsEZIA--rvh1Wg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=215320707&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661961962&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661961962168&bpp=4&bdt=840&idt=140&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd6cea47d8f1844f%3AT%3D1661961961%3AS%3DALNI_MZvvvsOUiZk6ZoyRb3yR-BYpbQkfA&prev_fmts=0x0&nras=1&correlator=4211812736668&frm=20&pv=1&ga_vid=463825994.1661961962&ga_sid=1661961962&ga_hid=305441450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=4082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771162%2C44771548&oid=2&pvsid=3672797894874316&tmod=193539051&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=ptyd6rNA46&p=https%3A//www.publinews.gt&dtd=147
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E800 141 KB
44 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44757
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661773661488070"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 16:06:03 GMT

GET
H3 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame E800 33 KB
13 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 22:39:22 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F12E 22 KB
8 KB 18ms
14ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 04:57:32 GMT
expires: Thu, 31 Aug 2023 04:57:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 track
t.teads.tv/ 23 B
113 B 133ms
42ms Image
image/gif 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=07f91c18-6f64-484d-b447-607b76cc8e10&pageId=82680&pid=89486&debug_metadata=5arMqBmD0e&fv=1067&ts=1661961962875&f=1&referer=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:03 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 134ms
42ms Image
image/gif 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=07f91c18-6f64-484d-b447-607b76cc8e10&pageId=82680&pid=89486&slot=native&fv=1067&ts=1661961962885&f=1&referer=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:03 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
113 B 132ms
41ms Image
image/gif 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=e8c202a6-d150-4d32-9360-8ce455e843ac&pageId=82680&pid=167404&debug_metadata=vR02FxKAK9&fv=1067&ts=1661961962934&f=1&referer=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:03 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 131ms
41ms Image
image/gif 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=e8c202a6-d150-4d32-9360-8ce455e843ac&pageId=82680&pid=167404&slot=multislot&fv=1067&ts=1661961962938&f=1&referer=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:03 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/82680/ 537 B
569 B 73ms
72ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/82680/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&page=%7B%22id%22%3A82680%2C%22placements%22%3A%5B%7B%22id%22%3A89486%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A1360%2C%22height%22%3A765%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3A%5B%5D%7D%7D&auctid=07f91c18-6f64-484d-b447-607b76cc8e10&formatVersion=1067&env=js-web&netBw=10&ttfb=2272
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 87d9701e2c844875413ecc75d38c0b204c8741069756b7f04629f9870dc878a2

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.publinews.gt
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 361
expires: Wed, 31 Aug 2022 16:06:03 GMT

GET
H2 200 ad Show response
a.teads.tv/page/82680/ 540 B
573 B 75ms
75ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/82680/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&page=%7B%22id%22%3A82680%2C%22placements%22%3A%5B%7B%22id%22%3A167404%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A323%2C%22height%22%3A182%7D%2C%22slotType%22%3A%22multislot%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3A%5B%5D%7D%7D&auctid=e8c202a6-d150-4d32-9360-8ce455e843ac&formatVersion=1067&env=js-web&netBw=10&ttfb=2272
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 153c9c0218fd6251059d6883c4918f3b7b9bf960b069880906f11be3c929f40f

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.publinews.gt
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 365
expires: Wed, 31 Aug 2022 16:06:03 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/ Frame 249C 16 KB
4 KB 15ms
14ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1c6cebe3b1cde84c55e2189d7a3f12cd52a708975c740de7e31b581bf8d9301

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=0
content-encoding: gzip
content-length: 3904
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 15:29:26 GMT
expires: Wed, 31 Aug 2022 15:29:26 GMT
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 86F4 0
0 56ms
56ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1EgA6oYPY4LREsv33wO_p5-4BYmntcprn6z3oZQQ2abbv_oxEAEg5t74fWCVwqaCsAegAbKKwaoByAEJqQL-BmtO85epPuACAKgDAcgDSKoEnAJP0GwSzxvaXO0DH27hrcFmBruwIt6GZg2fdYx2bzpXMn4jrdJm3B8dhZJzYjpJwWM_cLVVHzO--YRred9o3Qw84tuPPgk-V994KBT41Ma_ePysY7EFddEiw1y10RiTbg2N8ZG5H6vx7pdmHHgoW9jnv4zYarF1ziDPMyF_Q2iLa2RpIJw7Hegh3m8fx6DD7B4NmQM2gbLAR1rNwaSgqD9PZJLbue0it5D7FbcHRwArsEq_lzGy-8_FQF0Nk3VwN2M1IpuFVbnr7BwG-wsJuCwqDEiulNCHWKYNt-bs-geGUIa6mr69sF1KwxZ3oIx1qIY-DIIP87pkKI6kFPvwsfAIFcMdgwM6eSzT7KQUg0FoBqRP1l24cnEK_p3IGcAE_7famYUE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7b1vtUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQkagH0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwrQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDkyMjk1NDM5NDU4NDY2NRicrBw&sigh=7Wx1QPlpEKY&uach_m=[UACH]&template_id=419
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/ Frame 86F4 23 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/abg_lite_fy2021.js

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f63e08b18115b72e6d2cbe9db5f7527d2731545d38beae54317e10cfe0f58fc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9615
x-xss-protection: 0
server: cafe
etag: 5965352936607719246
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 16:05:24 GMT

GET
BLOB 200
OK 0494ea50-48dc-47f7-bae5-25c309080ceb
https://www.publinews.gt/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.publinews.gt/0494ea50-48dc-47f7-bae5-25c309080ceb
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 43a5580b-f485-46e0-b42c-be419824302e
https://www.publinews.gt/ 245 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.publinews.gt/43a5580b-f485-46e0-b42c-be419824302e
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 245
Content-Type: text/javascript

GET
H3 200 container.html Show response
f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4952 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 16:06:02 GMT
expires: Thu, 31 Aug 2023 16:06:02 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E800 0
20 B 49ms
48ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoLCAEqB2Jhbm5lckIKCggCKgZzZXJ2ZXIKGggEKhZteXNpZGlhX2FuYWx5dGljc19leHAxCg0QKyEAAAAAAABDQDAECg0QAyEAAABmZvKHQDAEEhpDUHFvbHVPNjhma0NGUUt5bWdvZExra0lxZyIcc2NyZWFtL3Rocm9uZV9pbWFnZV9sb2dvX29jaCgR

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e2875713480840d8712332133311d4ea.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16899862225410034071/ Frame E800 10 KB
10 KB 61ms
60ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16899862225410034071/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d161af91c84c677474dfadf8da688f434fdffb4f4540fdfbeea306e159fb35b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:03 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9773
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 13:33:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 16:06:03 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11645051074584186708/ Frame E800 2 KB
2 KB 48ms
48ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11645051074584186708/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f19a739af1234409ececd164262417300b4091cc65900580dbe9e7e4cf367836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:03 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1734
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 13:59:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 16:06:03 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E800 0
20 B 56ms
51ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e2875713480840d8712332133311d4ea.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E800 0
20 B 57ms
52ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoLCAEqB2Jhbm5lckIKCggCKgZzZXJ2ZXIKGggEKhZteXNpZGlhX2FuYWx5dGljc19leHAxCg0QDSEAAAAAAAAAADAECg4QHioIMTIwMHgyODAwBAoOEBkqCDEyMDB4MjgwMAQSGkNQcW9sdU82OGZrQ0ZRS3ltZ29kTGtrSXFnIhxzY3JlYW0vdGhyb25lX2ltYWdlX2xvZ29fb2NoKBE=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e2875713480840d8712332133311d4ea.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E800 0
20 B 56ms
51ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e2875713480840d8712332133311d4ea.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E800 0
20 B 58ms
53ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e2875713480840d8712332133311d4ea.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E800 0
20 B 55ms
51ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e2875713480840d8712332133311d4ea.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E800 0
20 B 56ms
52ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoLCAEqB2Jhbm5lckIKCggCKgZzZXJ2ZXIKGggEKhZteXNpZGlhX2FuYWx5dGljc19leHAxCg0QKyEAAAAAAABMQDAECg0QBSEAAABmZnKIQDAEEhpDUHFvbHVPNjhma0NGUUt5bWdvZExra0lxZyIcc2NyZWFtL3Rocm9uZV9pbWFnZV9sb2dvX29jaCgR

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e2875713480840d8712332133311d4ea.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E800 0
0 65ms
58ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUlnO6oYPY_qLFoLk6gSukqHQCoqGxf5i7_KBpcMP_LWDnfgKEAEggrzqJGCVwqaCsAegAen7yr8ByAEJqQJbq5JJCb-wPqgDAcgDywSqBJACT9C3IWfx40HFM2SC-vzsgJ_Geqks-MpPEwib5APa3CXEE1lk9pTOW2RSfKlk91B3hrOOn9Jgqs0CLkK_RkAoYTjIH-X7bwUqFiDtzbe_w5onqfgtg7XBjybA1hnV6r65nAprJ0gmmIb0wYnsF-ahFkg7fz00wAZLGVbEDOF5j3vStCClGHuigaXIG8PRLWO0kZrlE1DlUPd_vjoh2j_SvdQz3VVX1OKq0s8Y0nC2oshjQ3G61b7oLMr1OfAfazvEaJ9Dcr5leMnLVmhGC9MyY02yMl6-Oks1_IsoDSTJvozR9O1wmyMC93G4znosUTbyNX8OQJtU4bMUPjiPbyZRPHevoNZH2d_-UBEpsOb7AcbABMb4_Zu4A5IFBAgEGAGSBQQIBRgEoAYugAf_g7XAAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEO--DdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTCtAVAYAXAbIXHAoaCAASFHB1Yi02MzgzNzY0Njk4OTk0NzA3GAA&sigh=_c-bfXOAfJk&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=215320707&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661961962&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661961962168&bpp=4&bdt=840&idt=140&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd6cea47d8f1844f%3AT%3D1661961961%3AS%3DALNI_MZvvvsOUiZk6ZoyRb3yR-BYpbQkfA&prev_fmts=0x0&nras=1&correlator=4211812736668&frm=20&pv=1&ga_vid=463825994.1661961962&ga_sid=1661961962&ga_hid=305441450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=4082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771162%2C44771548&oid=2&pvsid=3672797894874316&tmod=193539051&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=ptyd6rNA46&p=https%3A//www.publinews.gt&dtd=147
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 31 Aug 2022 16:06:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 16A6 1 KB
749 B 17ms
13ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 05:32:06 GMT
etag: 48472445140208031
expires: Thu, 01 Sep 2022 05:32:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/api/ Frame 249C 6 KB
3 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a3c4df376bbd4bc194cbc937fe521ffc4d712544c7ea330d1b4802a076958f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 10:45:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2639
x-xss-protection: 0
server: cafe
etag: 15893831270588722589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:45:54 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/ Frame 249C 26 KB
10 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 10:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:45:55 GMT

GET
H3 200 e6f40d138158e41bbc4290d1d8f9ae48.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/ Frame 249C 84 KB
22 KB 19ms
17ms Script
application/x-javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/e6f40d138158e41bbc4290d1d8f9ae48.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63b31da7c560861dc044a6b35c1b51b9664daf1008174e88053ca298a429c8ac

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 49303
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22268
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 31 Aug 2022 02:24:20 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 02:24:20 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12067022830250736275/ Frame AF8F 105 KB
26 KB 70ms
38ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12067022830250736275/index.html?e=69&leftOffset=0&topOffset=0&c=n8ZU5Zkzit&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c8f795775c551a46218aea6c5aeadbe7c367b8d4860c9471d48f53e7351641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 16:06:03 GMT
expires: Thu, 31 Aug 2023 16:06:03 GMT
last-modified: Tue, 07 Jun 2022 13:05:10 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5E3E 0
622 B 124ms
62ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstOSvptavkDpFWoVBgs0DlFr9IKKPIkxBhUYBCXJyL7dAci-jbq6CGiIcfkx1woS_vxlYsYtwWtU3odxQoTdkrUOvRSRlJlrxobUO8YV164cq8rHdycfdRlEEsLeqNL9JvC-2mH8F_wjpLmcyzHb3GRe-NNvXsoYyNz5bypN0asTg6ODZehALy-sr0Y9mCnk3tMIPj6wiFaMVK-DpDL43xgqMaV7xO_9IUiaHliX59bbFkvxx4zcx98bRlTinspZFeRDDTtZHNTa29XZ3sKS6tqLQ1PCrm28rQAQm0XCUSLj6xqVtAFx9ukV_Mg1N0KJCpGUQt3s2sDdhZ-bzssBeT5tccFEi_1GDfN5aA-eNA_07zCCw5cHh1xidf-QbX6eeqtkbi3Kkv4yQXhMbH1RgiFHByTmUNMksYWG8LeD4Hx85q0VetuufKEkmrWZdSfLcehl5_-PLl6EUDPUqGdAGddGnmPrBILk13caTq57P4rRQ--Cam-wnaBf5J6fG2TFJNc4IaTp2PTRw82ucxa0KOJhAy5C4ScvwiWLVjriTUnsjrs6dTjEP4v4eip_jElC4rcEB54h2mbyrEHiib0hxmnXGmTGlrL7q3Ywe-90GuQtDgIy87gl9qo7PBhqWFR-axTTRyVLesm8Vi55wj4mQXAYjLOC76_TmbMGe_oNt47UZejlMVS_Rp2ptr1YrOVDBDmO4cZLy0xuNScEBNgDWEC-tX3UOn-sN6eiHJSiJlbHWUtbkW7hgYIqRorFmw4wlP5rgEKfE2l2EF8Ifx5S2JGgUTIQlHuU-Q3l9sd1EyrEJ-PEONMbSGILz0SL3XLNasQmchkCTSNCItSXqZW2Idivey1EP4lauGu49yfWpVvHtMLqPyROoQ9waIHMnNeyEw8nbhqVrsAzHRDZPBD0IEdoK9-iKyi8pKByhSPsnDqHPdlWd4w8t14HW4Kzp0It6BEejFYIWglnc-IJDClzEP-ydJv33Ou4gPyAStF9VAl0MD_Z5DvEWY_8Vfp5eO4DcVmBgY0syCK8gL-ji_bJEOi7aP4WfshduS4nK7KTSJv2rf-9v1aGXQOmHyIlJ9jK5Sy3e1ODv5gtm4eRHoliKdAo2ZLUL-OXhbT8VrOI6tmJuWi7SEhPBfiGNl_wIgqsBFvLzDn2nTfPfyXNs5NnkW7rHtdGMvOiZUKvvifbQzjpathOlRiO9HsW5u8klNyCfGdkYm208b-QTDC6p8yLV5DF006J9tpFMRxg2LSUNLPB8sEEJ5HaRmIp6qzBCBTSW_JQlzIDDP7jPKI6y5PdCUKarXYz80NsuObzT48KeloHkTY7lgHeUg&sai=AMfl-YQHgkTKUrN9S4QO6XyMKiIGuleHiwYrIUsicLd_T88ukCWgc8-yexHfY-8c-FnP8zKi7sXQPAwfbnfTkwOk2f9PwHLwzg6medMYNfX8MWSLqKJCqlYBo_h9kyIA20YgMoVCUcEXgrgz0J7fwsGBj8GEOmUoeakN9h5D54ogI08htyevTy6PR_q3QM0MlhIT4fIWToWITxtYX722ktiKiTqp&sig=Cg0ArKJSzP3jBCX64KJCEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=358&cbvp=1&cstd=352&cisv=r20220829.35098&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 31 Aug 2022 16:06:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 main.19.8.346.js Show response
static.adsafeprotected.com/ Frame 5E3E 193 KB
60 KB 93ms
12ms Script
application/javascript 2600:9000:223f:f000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.346.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1034476/65088021/skeleton.js?ias_dspID=3&ias_campId=29064847&ias_pubId=pub-4922954394584665&ias_chanId=1&ias_placementId=17447215411&bidurl=https://www.publinews.gt/gt/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hY-X_nu7KpnNhO2vp7hz5f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 09d066e51f3699727a7533bdbe741b2aef7033a2d30f9a10f0ca730cd82fd4b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 15:43:56 GMT
content-encoding: gzip
age: 433327
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 26 Aug 2022 15:08:13 GMT
server: AmazonS3
etag: W/"569c14417cef79e09af1f97186222ebf"
vary: Accept-Encoding
x-amz-version-id: t9RhXwW8JdabXcjtbk8lQmz62Fe2eJie
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: ezGggkZZZNLne48KsAGeZhnV4Xg9Jl2Bny5120rYfcO5Bjzp6KKFCg==

GET
DATA 200
OK truncated
/ Frame E800 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2413c7ef853a7520c8eee7f11134415064ee009252d58fc8e84b0b75074c1fc1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5E3E 41 KB
15 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 04:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 04:57:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CC86 1 KB
749 B 18ms
18ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 05:32:06 GMT
etag: 48472445140208031
expires: Thu, 01 Sep 2022 05:32:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5E3E 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea21eb6b45495ad5ca748ab758e96aad706ebb22c069aab8b7d1d8ed1997e4db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A39E 143 B
163 B 16ms
15ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 31 Aug 2022 15:11:24 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 86F4 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus_fy2021.js

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 16:05:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 86F4 17 KB
7 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 15:55:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 15:55:40 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/ Frame B3D5 16 KB
4 KB 15ms
13ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1c6cebe3b1cde84c55e2189d7a3f12cd52a708975c740de7e31b581bf8d9301

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=0
content-encoding: gzip
content-length: 3904
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 15:29:26 GMT
expires: Wed, 31 Aug 2022 15:29:26 GMT
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4952 0
0 60ms
60ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-fdH6oYPY7SzI4ORjuwPremMuAiJp7XKa5-s96GUENmm27_6MRABIObe-H1glcKmgrAHoAGyisGqAcgBCakCu9hsNPOZqT7gAgCoAwHIA0iqBJsCT9BFkGqlHXFmJkySgPMgnGiMxcn7S63Bb2IHEVOIuwIav5lpixGJJSqfINzyORL752rloSBJ1s9clnGAAuZh8gaa1E_cIxFX2raR8LaWcbH-bkgOeAysv31XXYMOr2VQ8FbW5Gm0OhTuyEq68uzGtKdtB9MonBCfuLoNKjOhrUFB300YAyLViZ6FZ0k_PRMNn03JDRB7dobnPjDVEQ8xCABxkwXwB_6wPDpPA81Vc6NX05ExAa5bXll74katiph6oMLjhxGepbGwyfXX8qiZrUb9vCRhSV8TTZoBAs92yE2IMGbiOyg_TUwPeTC_qOAZPt8K_crEoLYycGAsaEpcmbeQeiWaRZG3UZlanb8gpBBywiQuUX1FWDmhCMAE_7famYUE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7b1vtUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQgPEN0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwrQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDkyMjk1NDM5NDU4NDY2NRicrBw&sigh=77lUI0RhCJ4&uach_m=[UACH]&template_id=419
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/ Frame 4952 23 KB
9 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/abg_lite_fy2021.js

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f63e08b18115b72e6d2cbe9db5f7527d2731545d38beae54317e10cfe0f58fc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9615
x-xss-protection: 0
server: cafe
etag: 5965352936607719246
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 16:05:24 GMT

GET
H/1.1 200
OK horizon_timeline.08c300ab95020b1109a05214ccb84dea.js Show response
platform.twitter.com/js/ 7 KB
3 KB 8ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/horizon_timeline.08c300ab95020b1109a05214ccb84dea.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6776) /
Resource Hash: e3a13155ff6fa3d1e25fccc2a0bbce4302b01c21c8b08c5922d70c62ec1b4bac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Content-Encoding: gzip
Age: 65374
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 2432
x-tw-cdn: VZ
Last-Modified: Mon, 15 Aug 2022 23:01:06 GMT
Server: ECS (frb/6776)
Etag: "d926fdf34ca16c29b65afc4b5fab0702+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
111 B 134ms
133ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22experiment_key%22%3A%22tfw_horizon_timeline_12034%22%2C%22bucket%22%3A%22treatment%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%7D%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1661961963210%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2231f0cdc1eaa0f%3A1660602114609%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_horizon_timeline_12034%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=a523be257c00bf7735885393b7cb849c15275a5b

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-response-time: 126
date: Wed, 31 Aug 2022 16:06:02 GMT
last-modified: Wed, 31 Aug 2022 16:06:03 GMT
server: tsa_o
vary: Origin
content-type: image/gif
cache-control: must-revalidate, max-age=600
x-connection-hash: 15d4a6c7665bd1436da72827753f3fe707f7a07eae5f161ff0b808a5ff05f3a1
strict-transport-security: max-age=631138519
content-length: 43

GET
H3 200 ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js Show response
pagead2.googlesyndication.com/bg/ Frame F12E 36 KB
16 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a69cecfa8fe80d32f2b04184919ae8201e75220c7300d0148148cafd8f155fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 11:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15877
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Aug 2023 11:57:15 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame AF8F 118 KB
40 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12067022830250736275/index.html?e=69&leftOffset=0&topOffset=0&c=n8ZU5Zkzit&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12067022830250736275/index.html?e=69&leftOffset=0&topOffset=0&c=n8ZU5Zkzit&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 07:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 01 Sep 2022 07:51:00 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/api/ Frame B3D5 6 KB
3 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a3c4df376bbd4bc194cbc937fe521ffc4d712544c7ea330d1b4802a076958f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 10:45:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2639
x-xss-protection: 0
server: cafe
etag: 15893831270588722589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:45:54 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/ Frame B3D5 26 KB
10 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 10:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 01 Sep 2022 10:45:55 GMT

GET
H3 200 e6f40d138158e41bbc4290d1d8f9ae48.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/ Frame B3D5 84 KB
22 KB 25ms
24ms Script
application/x-javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/e6f40d138158e41bbc4290d1d8f9ae48.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63b31da7c560861dc044a6b35c1b51b9664daf1008174e88053ca298a429c8ac

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 49303
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22268
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 31 Aug 2022 02:24:20 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 02:24:20 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 16A6 35 B
463 B 67ms
15ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDkx_3trziLxEvK847EYWy4&google_cver=1&google_push=AehlK4C7CX_IjFdZ-KF5TIbnMgSErFpZuyPfBRzbOmLQGPkpyZHyr-O-mAI1Wqoc6u067HSoi1E3tlP74U7JCCNTECXjj68rncI

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 16A6
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4DMXExsliuVBZOgpxQrSDUNyMy80eODHMzDfTJ...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdARzZ3QUFBSmJuU2huYg&google_push=AehlK4DMXExsliuVBZOgpxQrSDUNyMy80eODHMzDfTJlhVgjPwA_1DWfaZWPKPLxO-gAUZl2D-aJy54IrMRKz9DfAPMKBI2fhHQ

170 B
188 B

31ms
30ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdARzZ3QUFBSmJuU2huYg&google_push=AehlK4DMXExsliuVBZOgpxQrSDUNyMy80eODHMzDfTJlhVgjPwA_1DWfaZWPKPLxO-gAUZl2D-aJy54IrMRKz9DfAPMKBI2fhHQ

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdARzZ3QUFBSmJuU2huYg&google_push=AehlK4DMXExsliuVBZOgpxQrSDUNyMy80eODHMzDfTJlhVgjPwA_1DWfaZWPKPLxO-gAUZl2D-aJy54IrMRKz9DfAPMKBI2fhHQ
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 16A6 0
98 B 95ms
25ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4Dfp2G8FXLMmEjWLwdPU4ePBjyztCfH19ZqiNY6Uy8TpMWGdS1jSb0S4Gt0etjWdjaSc4Ln4Px_PdqA8YVFMfK4-aRBIQ&google_gid=CAESEMr19Ad6vyaEEA5m2NrvbmI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=215320707&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661961962&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661961962168&bpp=4&bdt=840&idt=140&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd6cea47d8f1844f%3AT%3D1661961961%3AS%3DALNI_MZvvvsOUiZk6ZoyRb3yR-BYpbQkfA&prev_fmts=0x0&nras=1&correlator=4211812736668&frm=20&pv=1&ga_vid=463825994.1661961962&ga_sid=1661961962&ga_hid=305441450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=4082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771162%2C44771548&oid=2&pvsid=3672797894874316&tmod=193539051&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=ptyd6rNA46&p=https%3A//www.publinews.gt&dtd=147
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 16A6 43 B
351 B 88ms
24ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEGdrkO0AI74L64KUmL0cos&google_cver=1&google_push=AehlK4AHL6P0HVT35Hlh9JetRKdlPP8II2jxD7oxIcYv3oEE5MoLLVm3XukbhUPqNAgPMReu2t5gq0mcP9WleZY_2nJkkDo2mgY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=215320707&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661961962&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661961962168&bpp=4&bdt=840&idt=140&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd6cea47d8f1844f%3AT%3D1661961961%3AS%3DALNI_MZvvvsOUiZk6ZoyRb3yR-BYpbQkfA&prev_fmts=0x0&nras=1&correlator=4211812736668&frm=20&pv=1&ga_vid=463825994.1661961962&ga_sid=1661961962&ga_hid=305441450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=4082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771162%2C44771548&oid=2&pvsid=3672797894874316&tmod=193539051&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=ptyd6rNA46&p=https%3A//www.publinews.gt&dtd=147
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: pciku2v49ulosvdlpkfsklajb9d5lqsl

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 16A6 0
166 B 73ms
22ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEYnjoyynOALo3EL_9YKeG4&google_cver=1&google_push=AehlK4BYyuv4wfFtN02__195RB7tQmXC7ucH-3EHurjZ58kL_ZYKLJZWwbXlB0OrPSl8OqL4m156uH3eNuQokTTNTeDJxjUDl18
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6383764698994707&output=html&h=280&slotname=3742502606&adk=174841845&adf=215320707&pi=t.ma~as.3742502606&w=1200&fwrn=4&fwrnh=100&lmt=1661961962&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661961962168&bpp=4&bdt=840&idt=140&shv=r20220829&mjsv=m202208250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcd6cea47d8f1844f%3AT%3D1661961961%3AS%3DALNI_MZvvvsOUiZk6ZoyRb3yR-BYpbQkfA&prev_fmts=0x0&nras=1&correlator=4211812736668&frm=20&pv=1&ga_vid=463825994.1661961962&ga_sid=1661961962&ga_hid=305441450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=120&ady=4082&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771162%2C44771548&oid=2&pvsid=3672797894874316&tmod=193539051&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=ptyd6rNA46&p=https%3A//www.publinews.gt&dtd=147
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 16A6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECtLw6KL9I7tzu323ozpdkE&google_cver=1&google_push=AehlK4ASP-HYmO-qRt5byAFV71R7R7brypW1KMkiTOWVw38vG5nRSAClz5t47GOc-kKeh6hZPBi...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdIVDhRNkItMUotRjNNMQ==&google_push=AehlK4ASP-HYmO-qRt5byAFV71R7R7brypW1KMkiTOWVw38vG5nRSAClz5t47GOc-kKeh6hZPBiQ2xa5tpAFos-Z1yBiRFoBKw

170 B
188 B

28ms
26ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdIVDhRNkItMUotRjNNMQ==&google_push=AehlK4ASP-HYmO-qRt5byAFV71R7R7brypW1KMkiTOWVw38vG5nRSAClz5t47GOc-kKeh6hZPBiQ2xa5tpAFos-Z1yBiRFoBKw

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdIVDhRNkItMUotRjNNMQ==&google_push=AehlK4ASP-HYmO-qRt5byAFV71R7R7brypW1KMkiTOWVw38vG5nRSAClz5t47GOc-kKeh6hZPBiQ2xa5tpAFos-Z1yBiRFoBKw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 16A6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG8Y1tQwBDdGC3BA1FKRf9A&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEG8Y1tQwBDdGC3BA1FKRf9A&google_hm=Yw-G6kGj6AJO3OUoCkFB-wAAFBQAAAIB&google_nid=index&google_push=AehlK4CXtlxEK_V6yPl2g-CJ1SWiqBbU1ax9r...

170 B
188 B

27ms
26ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEG8Y1tQwBDdGC3BA1FKRf9A&google_hm=Yw-G6kGj6AJO3OUoCkFB-wAAFBQAAAIB&google_nid=index&google_push=AehlK4CXtlxEK_V6yPl2g-CJ1SWiqBbU1ax9rQIS-b3SNrmVN9v7TJLXtkeVy73rCg2CN6ObwTxZpGzGHDNns1_Gsf2HJIUuyA

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MczbQ3cG9H4f9yiFUip9ugcOJUD2xm4V0gltgkwzxAdK3CkgDZy07AIxb4EUeoP6ohuJ%2FgX6zH7FKYD9N%2BERmCO3Vrl4jHbWUR1a%2FfbyFEtdpJsGuGNOP6684T83r0QP1Ke9JlEpo2FWbw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEG8Y1tQwBDdGC3BA1FKRf9A&google_hm=Yw-G6kGj6AJO3OUoCkFB-wAAFBQAAAIB&google_nid=index&google_push=AehlK4CXtlxEK_V6yPl2g-CJ1SWiqBbU1ax9rQIS-b3SNrmVN9v7TJLXtkeVy73rCg2CN6ObwTxZpGzGHDNns1_Gsf2HJIUuyA
cache-control: no-cache
cf-ray: 743702df0d129b2e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 16A6 0
12 B 26ms
25ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IZ_ifDBDkod_ecxfV1vghKwS-NJLyADjl2dCXMvhmYvlTUdg0vT4mZZmkoFDsYES0l_vew

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E800 0
20 B 49ms
49ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoLCAEqB2Jhbm5lckIKCggCKgZzZXJ2ZXIKGggEKhZteXNpZGlhX2FuYWx5dGljc19leHAxCg0QECEAAAAAwCzhQDAECg0QESEAAAAAACrUQDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAQQDAECg0QFyEAAADNzFCPQDAEEhpDUHFvbHVPNjhma0NGUUt5bWdvZExra0lxZyIcc2NyZWFtL3Rocm9uZV9pbWFnZV9sb2dvX29jaCgR

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e2875713480840d8712332133311d4ea.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 249C 2 KB
540 B 31ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/e6f40d138158e41bbc4290d1d8f9ae48.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e53fe7669a287b3f57bb942dcf1a1fc61c969891ddce211874c475996f8a029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 14:08:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 31 Aug 2022 16:06:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Aug 2022 16:06:03 GMT

GET
H3 200 835951689f5eccbfe1f83a4ee3647939.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/ Frame 249C 30 KB
30 KB 24ms
21ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/835951689f5eccbfe1f83a4ee3647939.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4ec8c02ce1156b46862a31790e01b86c2c1c40299b2636c553803d22f566b47

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 49303
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30602
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 31 Aug 2022 02:24:20 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 02:24:20 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1D07 143 B
163 B 22ms
17ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 31 Aug 2022 15:11:24 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 4952 3 KB
1 KB 21ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/window_focus_fy2021.js

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 16:05:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/ Frame 4952 17 KB
7 KB 21ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 15:55:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Sep 2022 15:55:40 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC86
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4CZciONva8KVmZpLo_1EL2VvdEE-ZPyrnITXdS...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdARzZ3QUFBVGxAejNnOA&google_push=AehlK4CZciONva8KVmZpLo_1EL2VvdEE-ZPyrnITXdSq_aTL71B8iGFxXSNUi2_oUj0rY2QJvREGFJDsPFbbqpZ53udVhLuWT6TM

170 B
188 B

26ms
26ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdARzZ3QUFBVGxAejNnOA&google_push=AehlK4CZciONva8KVmZpLo_1EL2VvdEE-ZPyrnITXdSq_aTL71B8iGFxXSNUi2_oUj0rY2QJvREGFJDsPFbbqpZ53udVhLuWT6TM

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXdARzZ3QUFBVGxAejNnOA&google_push=AehlK4CZciONva8KVmZpLo_1EL2VvdEE-ZPyrnITXdSq_aTL71B8iGFxXSNUi2_oUj0rY2QJvREGFJDsPFbbqpZ53udVhLuWT6TM
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame CC86
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEO-rr1GExw-wlNCrxPbU5EA&google_cver=1&google_push=AehlK4C1_F7BjcvFrYzx7iBirdbA3xEI85NoI60FmvTl4I3MkfyjsdpQlnbWQGZ4W8rAkTXN3VH5MgCl3Gb-_MvVhXDci94...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AehlK4C1_F7BjcvFrYzx7iBirdbA3xEI85NoI60FmvTl4I3MkfyjsdpQlnbWQGZ4W8rAkTXN3VH5MgCl3Gb-_MvVhXDci94O6OxU&google_hm=NjM1NjgwMDY...
https://a.rfihub.com/cm?pub=445&google_error=5

42 B
790 B

78ms
18ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&google_error=5
Requested by: Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:03 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.rfihub.com/cm?pub=445&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 503 5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame CC86 0
177 B 45ms
8ms Image
text/plain 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECloXzXmKhYK_th1-lGr_yA&google_cver=1&google_push=AehlK4AnBNtY6Hy9F0LePdlYMFIfvDQCiOl4067S1MZRA1TCD9xnB1mNTbBuTHUgqRgnxIYApogSdm2_Rys-ha25tBbQP9IGzFIN
Requested by: Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1661961963.417608,VS0,VE0
x-cache: MISS
cache-control: no-cache
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-fra19183-FRA

GET
H2 200 dds
rtb.openx.net/sync/ Frame CC86 43 B
134 B 28ms
25ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEGdrkO0AI74L64KUmL0cos&google_cver=1&google_push=AehlK4CfbFRsUdcwiou0eNz4ckU3_K5MzageMc1APkWHcWS4JiQDB4t_je2guvb_o_XJ4C5iirJiPfZ8SqnDLN6MWNC62RePGY5maw
Requested by: Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:02 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 7nm6gmo11hvs57s8ioegtsaj18bdas8j

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC86
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG8Y1tQwBDdGC3BA1FKRf9A&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEG8Y1tQwBDdGC3BA1FKRf9A&google_hm=Yw-G6kGj6AJO3OUoCkFB-wAAFBQAAAIB&google_nid=index&google_push=AehlK4Br68Ri_Wj5sJU9rxsg1gjLd_g3jxdFW...

170 B
188 B

32ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEG8Y1tQwBDdGC3BA1FKRf9A&google_hm=Yw-G6kGj6AJO3OUoCkFB-wAAFBQAAAIB&google_nid=index&google_push=AehlK4Br68Ri_Wj5sJU9rxsg1gjLd_g3jxdFWrSuM0MUpe5kJLGRAPTg6Oi9-0bLWiAyeQogMGQeyhAWJcjeK8yfu_mAt5_X5Dgeug

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N27bRGcMAyCvxAsFzpJKx8qjfxYyzhHJtQWENnDlmFcttlgi1Gc2vaqb3sC38MeUDOw4KefXFPGg%2FWESL8OF%2BMVbLanso8uP%2Fxl4%2F%2FnqMRW%2B5nz8CmmThTN4PwhB6Ud95%2FAZst2BU%2BxA9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEG8Y1tQwBDdGC3BA1FKRf9A&google_hm=Yw-G6kGj6AJO3OUoCkFB-wAAFBQAAAIB&google_nid=index&google_push=AehlK4Br68Ri_Wj5sJU9rxsg1gjLd_g3jxdFWrSuM0MUpe5kJLGRAPTg6Oi9-0bLWiAyeQogMGQeyhAWJcjeK8yfu_mAt5_X5Dgeug
cache-control: no-cache
cf-ray: 743702df2d549b2e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC86
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESELweTzmXVwwkZdoHfAX4wt0&google_cver=1&google_push=AehlK4BJq43ebq7fHc00YszouYatrI4Vb4-DR4dQCtqhXUQ5oeg4OlrjThCzQLMCUb7rgyFMwOYeYfmEE9sLzMMW-DdM0q...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELweTzmXVwwkZdoHfAX4wt0&google_cver=1&google_push=AehlK4BJq43ebq7fHc00YszouYatrI4Vb4-DR4dQCtqhXUQ5oeg4OlrjThCzQLMCUb7rgyFMwOYeYfmEE9sLzMMW...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-wMc6WmcTS2_Udc62KJTGQ&google_push=AehlK4BJq43ebq7fHc00YszouYatrI4Vb4-DR4dQCtqhXUQ5oeg4OlrjThCzQLMCUb7rgyFMwOYeYfmEE9sLzMM...

170 B
188 B

28ms
28ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-wMc6WmcTS2_Udc62KJTGQ&google_push=AehlK4BJq43ebq7fHc00YszouYatrI4Vb4-DR4dQCtqhXUQ5oeg4OlrjThCzQLMCUb7rgyFMwOYeYfmEE9sLzMMW-DdM0qobmeCa2Q

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-wMc6WmcTS2_Udc62KJTGQ&google_push=AehlK4BJq43ebq7fHc00YszouYatrI4Vb4-DR4dQCtqhXUQ5oeg4OlrjThCzQLMCUb7rgyFMwOYeYfmEE9sLzMMW-DdM0qobmeCa2Q
date: Wed, 31 Aug 2022 16:06:03 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC86
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJK4J8rQmm9h38uNILcSstE&google_cver=1&google_push=AehlK4CMwJhPyl_0cwV4rYAI7fEMVqeanlefoP_acAVLi85dVkhzL_Hg69WiCToxKpPCZXJJpa...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJK4J8rQmm9h38uNILcSstE&google_cver=1&google_push=AehlK4CMwJhPyl_0cwV4rYAI7fEMVqeanlefoP_acAVLi85dVkhzL_Hg69WiCToxKpPCZXJJpa...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1YbXdqajUxRTJ1RTNyM1NiTzNyeUlOSlM0X0Qyd0FoX35B&google_push=AehlK4CMwJhPyl_0cwV4rYAI7fEMVqeanlefoP_acAVLi85dVkhzL_Hg6...

170 B
188 B

27ms
27ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1YbXdqajUxRTJ1RTNyM1NiTzNyeUlOSlM0X0Qyd0FoX35B&google_push=AehlK4CMwJhPyl_0cwV4rYAI7fEMVqeanlefoP_acAVLi85dVkhzL_Hg69WiCToxKpPCZXJJpau4EZx34FZlK2hAfjIE9Q0GNcVIsg

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1YbXdqajUxRTJ1RTNyM1NiTzNyeUlOSlM0X0Qyd0FoX35B&google_push=AehlK4CMwJhPyl_0cwV4rYAI7fEMVqeanlefoP_acAVLi85dVkhzL_Hg69WiCToxKpPCZXJJpau4EZx34FZlK2hAfjIE9Q0GNcVIsg
date: Wed, 31 Aug 2022 16:06:03 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CC86 0
12 B 26ms
25ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KY6PmPWvkicWqdHglOtIEn_vPQmgqI4ZMm4QhuBUY7Jz7CzrA5qb4WyXNbDNbAJJT79pHXPw

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:03 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 PublinewsGT Show response
syndication.twitter.com/srv/timeline-profile/screen-name/ Frame 504F 163 KB
14 KB 636ms
636ms Document
text/html 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=a523be257c00bf7735885393b7cb849c15275a5b&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

f471e1f60bf2b4b4ac0202beeb5a9c659326dd73680224994c0f878269ce12b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Xss-Protection	0

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: must-revalidate, max-age=60
content-encoding: gzip
content-length: 14459
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 16:06:03 GMT
etag: "28abe-mP2CCvhVU81/YwmaCEpjuQXhqcc"
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 15d4a6c7665bd1436da72827753f3fe707f7a07eae5f161ff0b808a5ff05f3a1
x-response-time: 618
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E800 15 KB
15 KB 31ms
30ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 188326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 11:47:17 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E800 15 KB
16 KB 30ms
29ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 297382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 05:29:41 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E800 15 KB
15 KB 31ms
31ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 547452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 08:01:51 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FB2A 42 B
64 B 85ms
50ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCbPKZT7Mfz-EKF1jeXxq7EOAUnjydAJTzdwDvkYqU9esI4k5cw12hYpILczlpcl0VmXVKV1yI-3b11yM7v3gHGnWgrZB2PyqaY713W1OPjF6W-P-B&sig=Cg0ArKJSzCVb7Tzo0q44EAE&id=lidar2&mcvt=1099&p=8,0,808,1600&mtos=1099,1099,1099,1099,1099&tos=1099,0,0,0,0&v=20220829&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3023400616&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661961961947&rpt=299&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8BE7 22 KB
8 KB 17ms
16ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 04:57:32 GMT
expires: Thu, 31 Aug 2023 04:57:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 l
www.google.com/ads/measurement/ Frame 86F4 0
0 29ms
26ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR3xK9TRFT5uHZCg1G5cP7LqNwRBuUkj16v5EMTXkNAvZPM09FGYJ8GNZLZVlYRBZuAZeDBTCgbOi8nzAzAIZNWkmARbA
Requested by: Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 86F4 141 KB
44 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44757
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661773661488070"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 16:06:03 GMT

GET
DATA 200
OK truncated
/ Frame 86F4 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1699eb07e65fc769e068f6ba0d7c11a114ab9c8b8e2b3de7da70c7308cdb6a9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A39E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

30ms
30ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 16:06:03 GMT
expires: Wed, 31 Aug 2022 16:06:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 16:06:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 249C 15 KB
16 KB 26ms
26ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 297382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 05:29:41 GMT

GET
H3 200 155dcdf3ddeff9bb6e907995757ca0fa.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/ Frame 249C 20 KB
20 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/155dcdf3ddeff9bb6e907995757ca0fa.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81f5a77969e0be31aca8599391449b284d3faf2322bed3e186fcdfdd80c4a781

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 49303
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20858
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 31 Aug 2022 02:24:20 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 02:24:20 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E800 0
20 B 49ms
49ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoLCAEqB2Jhbm5lckIKCggCKgZzZXJ2ZXIKGggEKhZteXNpZGlhX2FuYWx5dGljc19leHAxCg0QFCEAAAAAMFT0QDAECg0QFSEAAAAAAAAyQDAECg0QFiEAAAAAAAAYQDAECg0QGCEAAICZmaWSQDAEEhpDUHFvbHVPNjhma0NGUUt5bWdvZExra0lxZyIcc2NyZWFtL3Rocm9uZV9pbWFnZV9sb2dvX29jaCgR

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e2875713480840d8712332133311d4ea.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

passback_300x600.js Show response
static.adsafeprotected.com/ Frame 5E3E
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1034476/65088021/skeleton.js?ias_dspID=3&ias_campId=29064847&ias_pubId=pub-4922954394584665&ias_chanId=1&ias_placementId=17447215411&bidurl=https://www.publine...
https://static.adsafeprotected.com/passback_300x600.js

3 KB
2 KB

11ms
10ms

Script
application/javascript

2600:9000:223f:f000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/passback_300x600.js
Requested by: Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:223f:f000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b542fa63865c7855e651a48910a341dfdd0508ec6f293e1253537b2778e2742

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: kTzCLI3J0Rawp2tFRAwfopfiJxzrNFGH
content-encoding: gzip
etag: W/"439e58c5a30158dbdc47481bb170410a"
age: 345594
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Feb 2022 23:29:42 GMT
server: AmazonS3
date: Sat, 27 Aug 2022 16:06:10 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: EqC9Y6o7h1VlH4wa0M2YlYTViV1oxXsV6720uhEbTOJ7NWNTAnpy3Q==

Redirect headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
x-server-name: app11.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/passback_300x600.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame F33E 80 KB
21 KB 11ms
10ms Script
application/javascript 2600:9000:223f:f000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:34:34 GMT
content-encoding: gzip
age: 9271890
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: kQlMsluUqE3UmLL8JQQ8Pr-J5QtzuKEBlG2JVTtoR2njpl1YsAw5WA==

GET
H3 200 ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js Show response
pagead2.googlesyndication.com/bg/ Frame 65B3 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a69cecfa8fe80d32f2b04184919ae8201e75220c7300d0148148cafd8f155fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 11:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15877
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Aug 2023 11:57:15 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E800 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoLCAEqB2Jhbm5lckIKCggCKgZzZXJ2ZXIKGggEKhZteXNpZGlhX2FuYWx5dGljc19leHAxCg0QMiEAAAAAmJnZPzAECg0QMyEAAAAAmJnZPzAECg0QNCEAAAAAmJnZPzAECg0QNSEAAAAAmJnZPzAECg0QNiEAAAAAmJnZPzAECg0QNyEAAAAAmJnZPzAECg0QOCEAAAAAZmYCQDAECg0QOSEAAAAAAHB4QDAECg0QOiEAAADMzMx4QDAECg0QOyEAAAAAAEyPQDAECg0QPCEAAAAAAEyPQDAECg0QPSEAAABmZlaPQDAECg0QPiEAAIBmZnaSQDAECg0QPyEAAADNzHaSQDAECg0QQCEAAICZmbGSQDAEEhpDUHFvbHVPNjhma0NGUUt5bWdvZExra0lxZyIcc2NyZWFtL3Rocm9uZV9pbWFnZV9sb2dvX29jaCgR

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e2875713480840d8712332133311d4ea.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5E3E 43 B
215 B 543ms
180ms Image
image/gif 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1034476&asId=e70f1ead-3413-e633-19dc-d7a573098838&tv=%7Bc:mSWp0l,pingTime:-3,time:470,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:411%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:470,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:410,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tg6z1ET+11%7C12%7C13%7C141%7C142%7C143%7C151%7C1521%7C16%7C171%7C172%7C18*.1034476-65088021%7C181%7C182%7C183%7C184%7C19%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1c,idMap:18*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:04 GMT
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5E3E 43 B
215 B 537ms
179ms Image
image/gif 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1034476&asId=e70f1ead-3413-e633-19dc-d7a573098838&tv=%7Bc:mSWp0n,pingTime:-6,time:472,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:472,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:410,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tg6z1ET+11%7C12%7C13%7C141%7C142%7C143%7C151%7C1521%7C16%7C171%7C172%7C18*.1034476-65088021%7C181%7C182%7C183%7C184%7C19%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1c,idMap:18*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:www.publinews.gt*&br=c
Requested by: Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:04 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 835951689f5eccbfe1f83a4ee3647939.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/ Frame B3D5 30 KB
30 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/835951689f5eccbfe1f83a4ee3647939.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/e6f40d138158e41bbc4290d1d8f9ae48.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4ec8c02ce1156b46862a31790e01b86c2c1c40299b2636c553803d22f566b47

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 49303
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30602
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 31 Aug 2022 02:24:20 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 02:24:20 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B3D5 2 KB
540 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/e6f40d138158e41bbc4290d1d8f9ae48.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e53fe7669a287b3f57bb942dcf1a1fc61c969891ddce211874c475996f8a029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 14:12:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 31 Aug 2022 16:06:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Aug 2022 16:06:03 GMT

GET
H3 200 LandRoverWeb-Bold.woff
s0.2mdn.net/creatives/assets/4524566/ Frame AF8F 19 KB
19 KB 29ms
29ms Font
font/woff 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4524566/LandRoverWeb-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12067022830250736275/index.html?e=69&leftOffset=0&topOffset=0&c=n8ZU5Zkzit&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5459851818636571b7286afd1a08ccd3991e479808e70ee8dc7b2ffca2201e63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12067022830250736275/index.html?e=69&leftOffset=0&topOffset=0&c=n8ZU5Zkzit&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:05:29 GMT
x-content-type-options: nosniff
age: 34
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18968
x-xss-protection: 0
last-modified: Thu, 05 May 2022 09:00:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Aug 2022 16:20:29 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5E3E 43 B
216 B 497ms
178ms Image
image/gif 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1034476&asId=e70f1ead-3413-e633-19dc-d7a573098838&tv=%7Bc:mSWp14,pingTime:-2,time:515,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:779,beZ:781,mfA:1171,cmA:1172,inA:1173,inZ:1177,prA:1177,prZ:1185,si:1191,poA:1192,poZ:1206,cmZ:1206,mfZ:1206,loA:1251,loZ:1255,ltA:1294,ltZ:1294,mdA:781,mdZ:885%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:411%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:515,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:410,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B120~0%5D,as:%5B120~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tg6z1ET+11%7C12%7C13%7C141%7C142%7C143%7C151%7C1521%7C16%7C171%7C172%7C18*.1034476-65088021%7C181%7C182%7C183%7C184%7C19%7C1a1%7C1a2%7C1a3%7C1b1%7C1b2%7C1b3%7C1c,idMap:18*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,sinceFw:102,readyFired:true%7D&br=c
Requested by: Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:04 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4952 0
0 28ms
27ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRU1ldz_DTmPb_3JCRnHSWEdx_2bCZQSxWSS50HTMWt9PN79FSmPXKMFqk4tOxWpcgayTyKTuvGC-j0CtjdzDiySInT-A
Requested by: Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4952 141 KB
44 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44757
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661773661488070"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 16:06:03 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1D07
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

61ms
60ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 16:06:03 GMT
expires: Wed, 31 Aug 2022 16:06:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 16:06:03 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4952 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7857a127e0c58222f8c5847f443a088038fafa976e59a657da9c8f25cadecb5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AF8F 7 KB
5 KB 62ms
61ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb5954af507e82a407de87c57a3a9f0dd2b05f2c47a0d166254ca2ae70f6d4f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 16:06:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5581
x-xss-protection: 0

GET
H3 200 155dcdf3ddeff9bb6e907995757ca0fa.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/ Frame B3D5 20 KB
20 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/155dcdf3ddeff9bb6e907995757ca0fa.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/e6f40d138158e41bbc4290d1d8f9ae48.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81f5a77969e0be31aca8599391449b284d3faf2322bed3e186fcdfdd80c4a781

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 49303
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20858
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 31 Aug 2022 02:24:20 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 02:24:20 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B3D5 15 KB
16 KB 27ms
27ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 297382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Aug 2023 05:29:41 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5E3E 0
26 B 90ms
57ms Ping
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstOSvptavkDpFWoVBgs0DlFr9IKKPIkxBhUYBCXJyL7dAci-jbq6CGiIcfkx1woS_vxlYsYtwWtU3odxQoTdkrUOvRSRlJlrxobUO8YV164cq8rHdycfdRlEEsLeqNL9JvC-2mH8F_wjpLmcyzHb3GRe-NNvXsoYyNz5bypN0asTg6ODZehALy-sr0Y9mCnk3tMIPj6wiFaMVK-DpDL43xgqMaV7xO_9IUiaHliX59bbFkvxx4zcx98bRlTinspZFeRDDTtZHNTa29XZ3sKS6tqLQ1PCrm28rQAQm0XCUSLj6xqVtAFx9ukV_Mg1N0KJCpGUQt3s2sDdhZ-bzssBeT5tccFEi_1GDfN5aA-eNA_07zCCw5cHh1xidf-QbX6eeqtkbi3Kkv4yQXhMbH1RgiFHByTmUNMksYWG8LeD4Hx85q0VetuufKEkmrWZdSfLcehl5_-PLl6EUDPUqGdAGddGnmPrBILk13caTq57P4rRQ--Cam-wnaBf5J6fG2TFJNc4IaTp2PTRw82ucxa0KOJhAy5C4ScvwiWLVjriTUnsjrs6dTjEP4v4eip_jElC4rcEB54h2mbyrEHiib0hxmnXGmTGlrL7q3Ywe-90GuQtDgIy87gl9qo7PBhqWFR-axTTRyVLesm8Vi55wj4mQXAYjLOC76_TmbMGe_oNt47UZejlMVS_Rp2ptr1YrOVDBDmO4cZLy0xuNScEBNgDWEC-tX3UOn-sN6eiHJSiJlbHWUtbkW7hgYIqRorFmw4wlP5rgEKfE2l2EF8Ifx5S2JGgUTIQlHuU-Q3l9sd1EyrEJ-PEONMbSGILz0SL3XLNasQmchkCTSNCItSXqZW2Idivey1EP4lauGu49yfWpVvHtMLqPyROoQ9waIHMnNeyEw8nbhqVrsAzHRDZPBD0IEdoK9-iKyi8pKByhSPsnDqHPdlWd4w8t14HW4Kzp0It6BEejFYIWglnc-IJDClzEP-ydJv33Ou4gPyAStF9VAl0MD_Z5DvEWY_8Vfp5eO4DcVmBgY0syCK8gL-ji_bJEOi7aP4WfshduS4nK7KTSJv2rf-9v1aGXQOmHyIlJ9jK5Sy3e1ODv5gtm4eRHoliKdAo2ZLUL-OXhbT8VrOI6tmJuWi7SEhPBfiGNl_wIgqsBFvLzDn2nTfPfyXNs5NnkW7rHtdGMvOiZUKvvifbQzjpathOlRiO9HsW5u8klNyCfGdkYm208b-QTDC6p8yLV5DF006J9tpFMRxg2LSUNLPB8sEEJ5HaRmIp6qzBCBTSW_JQlzIDDP7jPKI6y5PdCUKarXYz80NsuObzT48KeloHkTY7lgHeUg&sai=AMfl-YQHgkTKUrN9S4QO6XyMKiIGuleHiwYrIUsicLd_T88ukCWgc8-yexHfY-8c-FnP8zKi7sXQPAwfbnfTkwOk2f9PwHLwzg6medMYNfX8MWSLqKJCqlYBo_h9kyIA20YgMoVCUcEXgrgz0J7fwsGBj8GEOmUoeakN9h5D54ogI08htyevTy6PR_q3QM0MlhIT4fIWToWITxtYX722ktiKiTqp&sig=Cg0ArKJSzP3jBCX64KJCEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=932&vt=11&dtpt=574&dett=3&cstd=352&cisv=r20220829.35098&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 16:06:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js Show response
pagead2.googlesyndication.com/bg/ Frame 8BE7 36 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a69cecfa8fe80d32f2b04184919ae8201e75220c7300d0148148cafd8f155fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 11:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15877
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Aug 2023 11:57:15 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AF8F 17 KB
6 KB 396ms
395ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 16:06:04 GMT

GET
H2 200 IAS_PassbackAds_300x600.png
static.adsafeprotected.com/ Frame 5E3E 34 KB
34 KB 15ms
14ms Image
image/png 2600:9000:223f:f000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/IAS_PassbackAds_300x600.png
Requested by: Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:f000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e503fe67eef6d53b7297abd5062e4db7a6b381eaa7d4ac4f8c53a9bb08e248c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: tQgHbMfZoUlj3hcvrSYdqixcUVtCIeBK
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
etag: "26e2b461771f6fb855141aa77c859584"
age: 11361
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 34357
last-modified: Fri, 18 Feb 2022 23:29:00 GMT
server: AmazonS3
date: Wed, 31 Aug 2022 12:57:07 GMT
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: NYABJLSL7q3JXrHYKrIzwtHA-e95tcMvaCHF7NRWUbHOgNiKz9jm4w==

GET
H3 200 ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js Show response
pagead2.googlesyndication.com/bg/ Frame 249C 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a69cecfa8fe80d32f2b04184919ae8201e75220c7300d0148148cafd8f155fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 11:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15877
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Aug 2023 11:57:15 GMT

GET
H/1.1

200
OK

request.php Show response
hal90003.redintelligence.net/ Frame 6151
Redirect Chain

https://hal90003.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=ab0c77a892&subid=&uid=a896bfc1d8fb756c&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90003.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=ab0c77a892&subid=&uid=a896bfc1d8fb756c&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

2 KB
1 KB

97ms
72ms

Script
application/x-javascript

138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=ab0c77a892&subid=&uid=a896bfc1d8fb756c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCnf76YYPY46rMNL63wPa8ILICd2t6Khgu4_f1IgK8C4QASDm3vh9YJXCpoKwB8gBCakCojANkwrIsD6oAwGqBJ4CT9CBAlfD3qQE1lkZvLoDMoa5uK17yg4qBw8AtDG00xqYbiLZY4cMJRzoDMUlCdWNKaX3HLsURQVeRELBWQa3bVw390iYv5hcqFiLx8c_6442cuFGpTyVrH54RBN-VcuNoBfb7DlpwllwkRSzJDyoCjQrALYPvf3TNr8eCAduWbULSr_RIgveVzg15Nr_Q0TF7mD47R4K4XzGd6sYH3a45ccyqOQGw_CYTJ0_ylRYrJOoCySzSIb3_7MKT28VxlsosHT0iBqyoiOj4TDLV18rPo3klhnTd6CVoK9dNPhp2biQzYWpy5mugEGIGTv8cFoFjbQklOBUvgGJlmhFvOSgf6TIIAPKNp1_upYncDXP8HZe3ujVBWNMvEdNwEvKYsAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSLgCsnQUxQykVlEe9bolkZfsPcNI58CtMlCfZCTkxIHCP0tBgoQ1jBvpq8qP-Fbc%26sig%3DAOD64_1k-VImJ0_q-MUZmAu7wUtPm87Yow%26client%3Dca-pub-4922954394584665%26dbm_c%3DAKAmf-CU26BcM9WF_Y7IxDAyh5xE3YSGQqjDybGopUwTqTkyLO9ch3ltzQFlVBea8_0mtcHgSQztSFD2IdqE8LW-Lpz0ilppi-m8X4vDq-xSjXd3vSsb9eszR1ei9u91MRbrTWrds9o_Qr82Y_QJR4nvZOw1494CWA%26cry%3D1%26dbm_d%3DAKAmf-BViONy-B0t72xJ0x4lR0OA4W6Nyu3e4J7kb2nVtdjGPKPsZuB_ZihLZ4lUEr3un1EZu0K28mE0ScArI4VbnrmqTJHkbi8_LlWq9Sd_O4s0wvkPTUnqvnBWFBG8CmW8HDknswEJs4qjf7PLVCWibUnyhpSUxNensb-kKAb-fUPC-ORusTK29fU1BS3glish_75Fom16KTqGeIRqcSnC5sBbYzB4rBO_-zhuSilmEgGtpSr-h8siMLkgY56LRQvnCqmcV8a-H0s0By46o4dm444Y3p8ThA4yiq0s9ZiQcTz5nl-D2eaqmc735sEvera143AqUrnQilS_1Y3OSWDZeZps8n-pgnkNlTa_9kMPpD6G92AYNrzwU6v7s97dDxc6xe5IeU08pOoGXQVGXuUg1GfXZPSN6cxWudNwG0WcbGx8KJEyK6td80fwFw3pC8ZuCXejrczllU-RZZLxKQYi8W7DxFdamUrpqiWgthziUoFLvRFynGcZlLbpGAN9SFS6uXAXkvJf3wGfIUofl04maRbKmZrEwQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.publinews.gt%2F&ancestorOrigins=https%3A%2F%2Fwww.publinews.gt&random=3683725534557&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.117 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 0b3dd0a1bdd753cdbea07156fe5299f690e783f08353a500b05b80210d74f9a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Aug 2022 16:06:04 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 46587700109294100757589012068003
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 724
Expires: Wed, 31 Aug 2022 17:06:04 +0200

Redirect headers

Pragma: no-cache
Date: Wed, 31 Aug 2022 16:06:03 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=ab0c77a892&subid=&uid=a896bfc1d8fb756c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCnf76YYPY46rMNL63wPa8ILICd2t6Khgu4_f1IgK8C4QASDm3vh9YJXCpoKwB8gBCakCojANkwrIsD6oAwGqBJ4CT9CBAlfD3qQE1lkZvLoDMoa5uK17yg4qBw8AtDG00xqYbiLZY4cMJRzoDMUlCdWNKaX3HLsURQVeRELBWQa3bVw390iYv5hcqFiLx8c_6442cuFGpTyVrH54RBN-VcuNoBfb7DlpwllwkRSzJDyoCjQrALYPvf3TNr8eCAduWbULSr_RIgveVzg15Nr_Q0TF7mD47R4K4XzGd6sYH3a45ccyqOQGw_CYTJ0_ylRYrJOoCySzSIb3_7MKT28VxlsosHT0iBqyoiOj4TDLV18rPo3klhnTd6CVoK9dNPhp2biQzYWpy5mugEGIGTv8cFoFjbQklOBUvgGJlmhFvOSgf6TIIAPKNp1_upYncDXP8HZe3ujVBWNMvEdNwEvKYsAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSLgCsnQUxQykVlEe9bolkZfsPcNI58CtMlCfZCTkxIHCP0tBgoQ1jBvpq8qP-Fbc%26sig%3DAOD64_1k-VImJ0_q-MUZmAu7wUtPm87Yow%26client%3Dca-pub-4922954394584665%26dbm_c%3DAKAmf-CU26BcM9WF_Y7IxDAyh5xE3YSGQqjDybGopUwTqTkyLO9ch3ltzQFlVBea8_0mtcHgSQztSFD2IdqE8LW-Lpz0ilppi-m8X4vDq-xSjXd3vSsb9eszR1ei9u91MRbrTWrds9o_Qr82Y_QJR4nvZOw1494CWA%26cry%3D1%26dbm_d%3DAKAmf-BViONy-B0t72xJ0x4lR0OA4W6Nyu3e4J7kb2nVtdjGPKPsZuB_ZihLZ4lUEr3un1EZu0K28mE0ScArI4VbnrmqTJHkbi8_LlWq9Sd_O4s0wvkPTUnqvnBWFBG8CmW8HDknswEJs4qjf7PLVCWibUnyhpSUxNensb-kKAb-fUPC-ORusTK29fU1BS3glish_75Fom16KTqGeIRqcSnC5sBbYzB4rBO_-zhuSilmEgGtpSr-h8siMLkgY56LRQvnCqmcV8a-H0s0By46o4dm444Y3p8ThA4yiq0s9ZiQcTz5nl-D2eaqmc735sEvera143AqUrnQilS_1Y3OSWDZeZps8n-pgnkNlTa_9kMPpD6G92AYNrzwU6v7s97dDxc6xe5IeU08pOoGXQVGXuUg1GfXZPSN6cxWudNwG0WcbGx8KJEyK6td80fwFw3pC8ZuCXejrczllU-RZZLxKQYi8W7DxFdamUrpqiWgthziUoFLvRFynGcZlLbpGAN9SFS6uXAXkvJf3wGfIUofl04maRbKmZrEwQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.publinews.gt%2F&ancestorOrigins=https%3A%2F%2Fwww.publinews.gt&random=3683725534557&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 31 Aug 2022 17:06:03 +0200

GET
H3 200 ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js Show response
pagead2.googlesyndication.com/bg/ Frame B3D5 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a69cecfa8fe80d32f2b04184919ae8201e75220c7300d0148148cafd8f155fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 11:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15877
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Aug 2023 11:57:15 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5E3E 43 B
215 B 170ms
170ms Image
image/gif 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1034476&asId=e70f1ead-3413-e633-19dc-d7a573098838&tv=%7Bc:mSWp7j,pingTime:-10,time:902,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuNTIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1661961964025%7C%7Ccf85a316f11ee0be33d581c4e8280fdf%7C%7Ca3eeeeb410530a2973f34b9badfd9b71%7C%7C430942f7ecebb3d26b1a814cdb22d5b8%7C%7Caea681e2954dfa399d7977dd822f6d16%7C%7C8b7a907b4c3617e169d95df073f1ff74%7C%7Ccacc2d5bfe1d4b6b591b84ddd910a0eb%7C%7C74eb13b2cfb4a2c776909520279a7c3f%7C%7C1629390669,im:%7Bpci:%7Btdr:168%7D%7D%7D
Requested by: Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:04 GMT
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F12E 0
20 B 51ms
50ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwjOr6oYPY8CcF4KV7_UPzsG2sAUAAAAAOAHgBAI&bg=!kJOlk9fNAAaXrHhMt6w7ACkAdvg8WmLXErHsKioIA9Q0ytx779sXA07FYqlU5X7UrFb5bXhEc4rG0AIAAAJEUgAAAANoAQcKAAtMpnchLiRU5eiNapkC-F55sZiDYTOM1Dhg1hW7rZS_FTvHqbCHGaoVRsbTfBwBPrqkkeLCoX3snUA00567gHabPjycmRO8z6qYq4kVkMZyY-k4-i8DfdvFz8j58vZvaSdQHdg9Zo-I_LqTnrsGCi699Kt_Iy3gchW6SmAMQelD8PiWyA9BaKTwAxRb_ducSXxGpvr3AMNi_J7316uppi_QzZfvKhl_ng-evUpIlfMopHOkPz3jiiskVbVUDojjDRNVd-dNZ2F7S8KJXTOC7tGpNCNEGUlR0MDLL3o2wGUyd0Lcgj0X_aaOymqKQpop5ZDYlC7d-J62Y-sDTrVv5GQZcvVhqRgWhCz_IQ40H3mcMlaOcxhjuisE8TM9v0KF9xn34rWxtv_OjztqsxOoKM2aaHHLov10s4s8yeh_MlW3rDWujQ-v12IMI9u2Pj6qqNzlPhDfX740LVRxpj2g1OTx2ovGodgQLHaIjVU-5-zYpk0DjcgTGBpfyvQlIhxNLFsD0eoSbhLBf6ynaFMdHWhDZaXZlGDwP4lC8VVDSQvj0sTpw9WfGnQumHLshRklwKgK9KHloBgw1lCafloRxvasoXAa3e-wckMhiNVnQdjHJsvWQ_K9bJS2M6lsq6Yb1RZeeGlohXj__Lo_yM51rGpOKk5G061MW5l478QUZ7MCNshuvOzzGfQD51YWxIgNa-FTOJvX8E-8BQSOzvU5vFFNq3Mf9GcBdHxh-KytsWfciLmwvEapVcLlAfjgK9zVr4sI--InKtO-AOhqRLtydVGBLuvGFULZL4Xk3hYAFy7NulUSTpUnydOn_ridXA4_mwdij-5sY07OdHxNHKvbRRxizB8JqCWWqmoH6Aeg5RuBIsjToC4e91K4xhDbBW8kiJ4BSPKjemTF8cn_-P0z7l-y10OqI1-Bv7EjtBdgJL9VBlJnrxoOEml506LlTr6P7VYnFgd1YP6Cgm_xnaIodu5CSY78y2lbri9_UXdKJoTq2liGM7rrhAAA1ELje3F1cPxd03dIarQ

Requested by

Host: f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK runtime-d2ba011899a8bc832546.js Show response
platform.twitter.com/_next/static/chunks/ Frame 504F 4 KB
3 KB 12ms
10ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/runtime-d2ba011899a8bc832546.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=a523be257c00bf7735885393b7cb849c15275a5b&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: 9df8804be7bc833a0f7bda128387f950072b9c844a13747e22ae6cfdcb515b00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:04 GMT
Content-Encoding: gzip
Age: 65375
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 2102
x-tw-cdn: VZ
Last-Modified: Wed, 17 Aug 2022 17:37:20 GMT
Server: ECS (frb/6724)
Etag: "9f542b1e6fbe41a0a4865d93098693f4+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK modules.c7def0268c66f6a548ed.js Show response
platform.twitter.com/_next/static/chunks/ Frame 504F 286 KB
94 KB 33ms
20ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=a523be257c00bf7735885393b7cb849c15275a5b&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BC) /
Resource Hash: cdc46119f82b8cc0c4fa0ad51203da3154d0aee0e887aaf26a46988e5f359070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:04 GMT
Content-Encoding: gzip
Age: 65375
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 95749
x-tw-cdn: VZ
Last-Modified: Wed, 17 Aug 2022 17:37:21 GMT
Server: ECS (frb/67BC)
Etag: "51acddf0dbfab928b183f36c1ee67619+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK main-e9db78f5e7b3d83edd5e.js Show response
platform.twitter.com/_next/static/chunks/ Frame 504F 90 B
653 B 62ms
17ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/main-e9db78f5e7b3d83edd5e.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=a523be257c00bf7735885393b7cb849c15275a5b&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 80534a6e1ec41d37acec8be383f8d1112dbbeea31dd51ead47463095c13bff3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:04 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Wed, 17 Aug 2022 17:37:20 GMT
Server: ECS (frb/673A)
Age: 65375
Etag: "8e33207e7b788da9abde5b6d33da0b00"
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 90

GET
H/1.1 200
OK _app-f921177a8618779237dd.js Show response
platform.twitter.com/_next/static/chunks/pages/ Frame 504F 1 KB
1 KB 80ms
30ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/pages/_app-f921177a8618779237dd.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=a523be257c00bf7735885393b7cb849c15275a5b&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 0b646f6a0117000d7a12cb08668222c21cd3ae0194b31cb4a12a60547171e380

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:04 GMT
Content-Encoding: gzip
Age: 65375
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 668
x-tw-cdn: VZ
Last-Modified: Wed, 17 Aug 2022 17:37:20 GMT
Server: ECS (frb/6727)
Etag: "be3e428d416daa9027cecf70b5f26bf9+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK %5BscreenName%5D-18c5091b9b3426f0194f.js Show response
platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/ Frame 504F 13 KB
2 KB 80ms
31ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-18c5091b9b3426f0194f.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=a523be257c00bf7735885393b7cb849c15275a5b&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 32e5acf1b97e30e8721e8a3ee93bac752bc702eafd176b57074ea17f07063585

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:04 GMT
Content-Encoding: gzip
Age: 65375
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 1228
x-tw-cdn: VZ
Last-Modified: Wed, 17 Aug 2022 17:37:20 GMT
Server: ECS (frb/6712)
Etag: "894f10ff8654944198f92198524998a4+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK _buildManifest.js Show response
platform.twitter.com/_next/static/zCh8LVg1_TSeSe2HMSR25/ Frame 504F 1 KB
1012 B 74ms
33ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/zCh8LVg1_TSeSe2HMSR25/_buildManifest.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=a523be257c00bf7735885393b7cb849c15275a5b&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: 6796ccb15426d91d3311ea27d429c2d35605243125f7e30fb554271b393a9c27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:04 GMT
Content-Encoding: gzip
Age: 65375
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 416
x-tw-cdn: VZ
Last-Modified: Wed, 17 Aug 2022 17:37:20 GMT
Server: ECS (frb/6725)
Etag: "ac61950c88e23d04701a0e7b53c34aff+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK _ssgManifest.js Show response
platform.twitter.com/_next/static/zCh8LVg1_TSeSe2HMSR25/ Frame 504F 76 B
639 B 71ms
34ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/zCh8LVg1_TSeSe2HMSR25/_ssgManifest.js
Requested by: Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=a523be257c00bf7735885393b7cb849c15275a5b&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674D) /
Resource Hash: 653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:04 GMT
Access-Control-Allow-Methods: GET
Last-Modified: Wed, 17 Aug 2022 17:37:20 GMT
Server: ECS (frb/674D)
Age: 65375
Etag: "abee47769bf307639ace4945f9cfd4ff"
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 76

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 2DCE
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873bba48e32d9e4587b?subid=46587700109294100757589012068003&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=46587700109294100757589012068003&actionid=981741&produktid=&dt_url=

0
606 B

81ms
24ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=46587700109294100757589012068003&actionid=981741&produktid=&dt_url=

Requested by

Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=ab0c77a892&subid=&uid=a896bfc1d8fb756c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCnf76YYPY46rMNL63wPa8ILICd2t6Khgu4_f1IgK8C4QASDm3vh9YJXCpoKwB8gBCakCojANkwrIsD6oAwGqBJ4CT9CBAlfD3qQE1lkZvLoDMoa5uK17yg4qBw8AtDG00xqYbiLZY4cMJRzoDMUlCdWNKaX3HLsURQVeRELBWQa3bVw390iYv5hcqFiLx8c_6442cuFGpTyVrH54RBN-VcuNoBfb7DlpwllwkRSzJDyoCjQrALYPvf3TNr8eCAduWbULSr_RIgveVzg15Nr_Q0TF7mD47R4K4XzGd6sYH3a45ccyqOQGw_CYTJ0_ylRYrJOoCySzSIb3_7MKT28VxlsosHT0iBqyoiOj4TDLV18rPo3klhnTd6CVoK9dNPhp2biQzYWpy5mugEGIGTv8cFoFjbQklOBUvgGJlmhFvOSgf6TIIAPKNp1_upYncDXP8HZe3ujVBWNMvEdNwEvKYsAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSLgCsnQUxQykVlEe9bolkZfsPcNI58CtMlCfZCTkxIHCP0tBgoQ1jBvpq8qP-Fbc%26sig%3DAOD64_1k-VImJ0_q-MUZmAu7wUtPm87Yow%26client%3Dca-pub-4922954394584665%26dbm_c%3DAKAmf-CU26BcM9WF_Y7IxDAyh5xE3YSGQqjDybGopUwTqTkyLO9ch3ltzQFlVBea8_0mtcHgSQztSFD2IdqE8LW-Lpz0ilppi-m8X4vDq-xSjXd3vSsb9eszR1ei9u91MRbrTWrds9o_Qr82Y_QJR4nvZOw1494CWA%26cry%3D1%26dbm_d%3DAKAmf-BViONy-B0t72xJ0x4lR0OA4W6Nyu3e4J7kb2nVtdjGPKPsZuB_ZihLZ4lUEr3un1EZu0K28mE0ScArI4VbnrmqTJHkbi8_LlWq9Sd_O4s0wvkPTUnqvnBWFBG8CmW8HDknswEJs4qjf7PLVCWibUnyhpSUxNensb-kKAb-fUPC-ORusTK29fU1BS3glish_75Fom16KTqGeIRqcSnC5sBbYzB4rBO_-zhuSilmEgGtpSr-h8siMLkgY56LRQvnCqmcV8a-H0s0By46o4dm444Y3p8ThA4yiq0s9ZiQcTz5nl-D2eaqmc735sEvera143AqUrnQilS_1Y3OSWDZeZps8n-pgnkNlTa_9kMPpD6G92AYNrzwU6v7s97dDxc6xe5IeU08pOoGXQVGXuUg1GfXZPSN6cxWudNwG0WcbGx8KJEyK6td80fwFw3pC8ZuCXejrczllU-RZZLxKQYi8W7DxFdamUrpqiWgthziUoFLvRFynGcZlLbpGAN9SFS6uXAXkvJf3wGfIUofl04maRbKmZrEwQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.publinews.gt%2F&ancestorOrigins=https%3A%2F%2Fwww.publinews.gt&random=3683725534557&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 31 Aug 2022 16:06:04 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Wed, 31 Aug 2022 06:06:04 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Wed, 31 Aug 2022 16:06:04 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=46587700109294100757589012068003&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: B2A2D18A:E652_91EFC182:01BB_630F86EC_68D5F15:2A46C

GET
H/1.1 200
OK request_content.php Show response
hal90003.redintelligence.net/ Frame B336 4 KB
2 KB 95ms
13ms Document
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request_content.php?s=46587700109294100757589012068003&a=ba798642
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=ab0c77a892&subid=&uid=a896bfc1d8fb756c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCCnf76YYPY46rMNL63wPa8ILICd2t6Khgu4_f1IgK8C4QASDm3vh9YJXCpoKwB8gBCakCojANkwrIsD6oAwGqBJ4CT9CBAlfD3qQE1lkZvLoDMoa5uK17yg4qBw8AtDG00xqYbiLZY4cMJRzoDMUlCdWNKaX3HLsURQVeRELBWQa3bVw390iYv5hcqFiLx8c_6442cuFGpTyVrH54RBN-VcuNoBfb7DlpwllwkRSzJDyoCjQrALYPvf3TNr8eCAduWbULSr_RIgveVzg15Nr_Q0TF7mD47R4K4XzGd6sYH3a45ccyqOQGw_CYTJ0_ylRYrJOoCySzSIb3_7MKT28VxlsosHT0iBqyoiOj4TDLV18rPo3klhnTd6CVoK9dNPhp2biQzYWpy5mugEGIGTv8cFoFjbQklOBUvgGJlmhFvOSgf6TIIAPKNp1_upYncDXP8HZe3ujVBWNMvEdNwEvKYsAEzo67sZYC4AQDkAYBoAZNgAfr5-heqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHTICqgI6AoBAgAoDmAsByAsBgAwBsBOazegN0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSLgCsnQUxQykVlEe9bolkZfsPcNI58CtMlCfZCTkxIHCP0tBgoQ1jBvpq8qP-Fbc%26sig%3DAOD64_1k-VImJ0_q-MUZmAu7wUtPm87Yow%26client%3Dca-pub-4922954394584665%26dbm_c%3DAKAmf-CU26BcM9WF_Y7IxDAyh5xE3YSGQqjDybGopUwTqTkyLO9ch3ltzQFlVBea8_0mtcHgSQztSFD2IdqE8LW-Lpz0ilppi-m8X4vDq-xSjXd3vSsb9eszR1ei9u91MRbrTWrds9o_Qr82Y_QJR4nvZOw1494CWA%26cry%3D1%26dbm_d%3DAKAmf-BViONy-B0t72xJ0x4lR0OA4W6Nyu3e4J7kb2nVtdjGPKPsZuB_ZihLZ4lUEr3un1EZu0K28mE0ScArI4VbnrmqTJHkbi8_LlWq9Sd_O4s0wvkPTUnqvnBWFBG8CmW8HDknswEJs4qjf7PLVCWibUnyhpSUxNensb-kKAb-fUPC-ORusTK29fU1BS3glish_75Fom16KTqGeIRqcSnC5sBbYzB4rBO_-zhuSilmEgGtpSr-h8siMLkgY56LRQvnCqmcV8a-H0s0By46o4dm444Y3p8ThA4yiq0s9ZiQcTz5nl-D2eaqmc735sEvera143AqUrnQilS_1Y3OSWDZeZps8n-pgnkNlTa_9kMPpD6G92AYNrzwU6v7s97dDxc6xe5IeU08pOoGXQVGXuUg1GfXZPSN6cxWudNwG0WcbGx8KJEyK6td80fwFw3pC8ZuCXejrczllU-RZZLxKQYi8W7DxFdamUrpqiWgthziUoFLvRFynGcZlLbpGAN9SFS6uXAXkvJf3wGfIUofl04maRbKmZrEwQ%26adurl%3D&documentReferer=https%3A%2F%2Fwww.publinews.gt%2F&ancestorOrigins=https%3A%2F%2Fwww.publinews.gt&random=3683725534557&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 2b1c7baaf547a90696763861b47ea44d80b6635b3e8dc432c3063eb9f5f7bd39

Request headers

Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1529
Content-Type: text/html; charset=utf-8
Date: Wed, 31 Aug 2022 16:06:04 GMT
Expires: Wed, 31 Aug 2022 17:06:04 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 6151 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf3cb4aa7ec5dfb1a79fb94a01f919b8cbe981459f9877e36c0f9022925038c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js Show response
pagead2.googlesyndication.com/bg/ Frame FF70 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a69cecfa8fe80d32f2b04184919ae8201e75220c7300d0148148cafd8f155fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 11:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15877
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Aug 2023 11:57:15 GMT

GET
H/1.1 200
OK 2.691622e4391d1973cb65.js Show response
platform.twitter.com/_next/static/chunks/ Frame 504F 23 KB
8 KB 8ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-d2ba011899a8bc832546.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: 2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:04 GMT
Content-Encoding: gzip
Age: 65375
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 7674
x-tw-cdn: VZ
Last-Modified: Wed, 17 Aug 2022 17:37:20 GMT
Server: ECS (frb/669E)
Etag: "942b5b928a24465d1906b4716131d896+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 14.8d9ed21e253369e85f0a.js Show response
platform.twitter.com/_next/static/chunks/ Frame 504F 40 KB
13 KB 9ms
9ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/14.8d9ed21e253369e85f0a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-d2ba011899a8bc832546.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: a9abb833a0d3df0d1c33e6cee9bd8e40655483413e1e202c47d9cecb24418584

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:04 GMT
Content-Encoding: gzip
Age: 65371
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 12745
x-tw-cdn: VZ
Last-Modified: Wed, 17 Aug 2022 17:37:20 GMT
Server: ECS (frb/67F3)
Etag: "6a6ada61cc54ce359670b337884e3973+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1

200
OK

pb_b2b_300x250.gif
www.ad-server.eu/wm/pb/giro/business/ Frame B336
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873bba48e32d9e4587b?subid=46587700109294100757589012068003
https://pv.medialead.de/trck/eview/e99aace94e6e5873bba48e32d9e4587b?subid=46587700109294100757589012068003
https://www.ad-server.eu/wm/pb/giro/business/pb_b2b_300x250.gif

42 KB
42 KB

234ms
64ms

Image
image/gif

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ad-server.eu/wm/pb/giro/business/pb_b2b_300x250.gif
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=46587700109294100757589012068003&a=ba798642
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 520044959df03f25bf46d68e9ea4b89d6a160081bbabd0a0cf08f76c43c18956

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:10:15 GMT
Last-Modified: Mon, 25 Oct 2021 07:36:35 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "61765e83-a636"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42550

Redirect headers

Date: Wed, 31 Aug 2022 16:06:04 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: B2A2D18A:E652_91EFC182:01BB_630F86EC_68D5F31:2A46C
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://www.ad-server.eu/wm/pb/giro/business/pb_b2b_300x250.gif
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BE7 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUZH16oYPY8WhIo2X3gPoipOQCQAAAAA4AeAEAg&bg=!q6ilqOzNAAaXrHhMt6w7ACkAdvg8WpuAfNdzvqmLof1dkFf-hbD9sELAIz2uaHabDwraazKrSCo-zQIAAAFXUgAAAANoAQeZAvc2PHriuTmd9h5iypOFc9pcIJ5Os7Bzw9a4hLRgq-fEXbNZqEZT6nTaEyJGNOw1S45k2f6DkXcze8QtfT7b-CvdLaGHdewN29sU2lxatnhwLOaKQTHpQB123qXArcQxdDm15oujHOxD8q9Ywp4Bl6Wb1GXkfQ4ulaz7-al3iAT80ZHCb5uXODrvi4iSeXg2acgGjU1OELew5W-6fCDSx-3_wdKZZHmHrwJsgOI9u7v9YK80-4lT2CzkXw9G-H2SrFBfju0ssI-ynzaIcWNilm-OWx4SaLu0jMMO-_p-SkJbDr1nI0kOQmQ01GOKh28hlSmRRgdPtNuZIDB8GEedkslcAarpCibF8PCeAuUjPNK1Unpc196RldV3pZD6oBN1-J1KctmQ2RIHz4g04vTbqALRiUwSX87gNcJuC61uIe0BZaxcl_YK171x_CTMLxBWXkD9551fp5vxC-d6bmwHShN7opMs5vkAmogLjk-0IwUO1eLKMwfnk5PCmScZTuxWOWWvTNumZ9jhtzus6VxxgHQ1VbTkFPw-YOkpMBuv_xSjYnaOKy4ITrfO8gqNr7C_HdDFnK1URRmslNac-kOrwwjtRkfOKQr8Ts2KjB7LWGvB4O3c-pCpSDbWt2qkqGPHUEIijClj58K8aB0BIW0wbMMk7YhOz-XFzO0Nz80N34i1un8YjG6EbKl8f5Hul4YfEF_uBFYWPogy2bKQ-CS-XO2vvYfUl9DSdlRNYh517IilvFb6MNTxEWoEvVVqph5foQiSimjFv9_h95LCrssdP8gbXDNBSVYvehuhFdTFSpx9FMEW7w1vrN77yLU3_xEnaAIZtE1lRCPschJhjaegUx0Kaph1JF-7_thnx5g_ZgfPmsEdmwIceyL4Mw5Ib027nQUCgq3nt6_udrgykoVNx35sO-26OcKQ0qnjcE8ilRTD0QCvvMfswllWQ3AqvLijZfrGyPsb7zfHUrp_idqOlL42mwjAVX-PzOIkxwreRNdQ4kMiSWuOwEM

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90003.redintelligence.net/ Frame B336 0
150 B 38ms
13ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/viewability?s=46587700109294100757589012068003&a=9b92099b&vb=m
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=46587700109294100757589012068003&a=ba798642
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/request_content.php?s=46587700109294100757589012068003&a=ba798642
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:04 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame B336 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 logo_w_300x600.png
s0.2mdn.net/sadbundle/12067022830250736275/ Frame AF8F 2 KB
2 KB 28ms
28ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12067022830250736275/logo_w_300x600.png

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c625353285d7d98b8ef8539024d908be74987505dc331a3ccf10711d88e3045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12067022830250736275/index.html?e=69&leftOffset=0&topOffset=0&c=n8ZU5Zkzit&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:54:13 GMT
x-content-type-options: nosniff
age: 443511
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2170
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 13:05:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Aug 2023 12:54:13 GMT

GET
H3 200 logo_b_300x600.png
s0.2mdn.net/sadbundle/12067022830250736275/ Frame AF8F 2 KB
2 KB 34ms
33ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12067022830250736275/logo_b_300x600.png

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd335627b30cb609116c9ed19b9e56c8fb0861c6b9d94e25b3e4317e8a3e38dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12067022830250736275/index.html?e=69&leftOffset=0&topOffset=0&c=n8ZU5Zkzit&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 08:45:45 GMT
x-content-type-options: nosniff
age: 26419
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2166
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 13:05:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 08:45:45 GMT

GET
H3 200 60026183_20220510011848595_L663_22MY_011_GLHD_300x600.jpg
s0.2mdn.net/ads/richmedia/studio/60026183/ Frame AF8F 50 KB
50 KB 30ms
30ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60026183/60026183_20220510011848595_L663_22MY_011_GLHD_300x600.jpg

Requested by

Host: www.publinews.gt
URL: https://www.publinews.gt/gt/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5dfd5b4a336a0e622d804b0efb86a654561835e9083b3941b6f8ff5ba5256e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12067022830250736275/index.html?e=69&leftOffset=0&topOffset=0&c=n8ZU5Zkzit&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 16:36:34 GMT
x-content-type-options: nosniff
age: 84570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50847
x-xss-protection: 0
last-modified: Tue, 10 May 2022 08:18:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 Aug 2022 16:36:34 GMT

GET
H/1.1 200
OK 0.8f205dbb7b06b224e307.js Show response
platform.twitter.com/_next/static/chunks/ Frame 504F 595 KB
183 KB 14ms
11ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-d2ba011899a8bc832546.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6763) /
Resource Hash: dfde5485c4fc9e9acca625d86fbeb240c9bd3ab78a395721aae49aa97b091c93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:04 GMT
Content-Encoding: gzip
Age: 65375
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
Content-Length: 186671
x-tw-cdn: VZ
Last-Modified: Wed, 17 Aug 2022 17:37:22 GMT
Server: ECS (frb/6763)
Etag: "11f6449263029b9f59f18afa52cc99ed+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 1.5e254e44cdee3fa37dc8.js Show response
platform.twitter.com/_next/static/chunks/ Frame 504F 1 MB
289 KB 11ms
9ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/1.5e254e44cdee3fa37dc8.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-d2ba011899a8bc832546.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6731) /
Resource Hash: 61723fe95f866398ae8490661ffb77e0fcd3d5eb598eeebb1ed5e593049487e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:04 GMT
Content-Encoding: gzip
Age: 65375
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 295182
x-tw-cdn: VZ
Last-Modified: Wed, 17 Aug 2022 17:37:20 GMT
Server: ECS (frb/6731)
Etag: "8ed3dcb9e2dee09ff8ca7e94a8527825+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK 4.5238eaaf6e1b92b24f7e.js Show response
platform.twitter.com/_next/static/chunks/ Frame 504F 2 KB
2 KB 13ms
10ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/4.5238eaaf6e1b92b24f7e.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-d2ba011899a8bc832546.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: 7f9ae5335d4db51a427fcbd9d291958b98ac28713fa8b6dc8de328d9298a8735

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:04 GMT
Content-Encoding: gzip
Age: 65375
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length: 1220
x-tw-cdn: VZ
Last-Modified: Wed, 17 Aug 2022 17:37:20 GMT
Server: ECS (frb/67D3)
Etag: "5686b744ee1b68496ce70aace8e12820+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK ondemand.Dropdown.439f5863d42d2c4e587d.js Show response
platform.twitter.com/_next/static/chunks/ Frame 504F 6 KB
3 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/ondemand.Dropdown.439f5863d42d2c4e587d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-d2ba011899a8bc832546.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669F) /
Resource Hash: edb75c328dc364054a6afb3d5fecddde3c6298d89b15c96f9b77858a93d5df4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:04 GMT
Content-Encoding: gzip
Age: 65375
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 2595
x-tw-cdn: VZ
Last-Modified: Wed, 17 Aug 2022 17:37:20 GMT
Server: ECS (frb/669F)
Etag: "ecb940ef53fa7c0bf625b22f9af2b345+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js Show response
platform.twitter.com/_next/static/chunks/ Frame 504F 148 KB
42 KB 8ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/runtime-d2ba011899a8bc832546.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BC) /
Resource Hash: 222fa391f26a0b6f4b5d8459ada308e078e6d2e69707766e247692a6f45676c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:04 GMT
Content-Encoding: gzip
Age: 65375
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 41941
x-tw-cdn: VZ
Last-Modified: Wed, 17 Aug 2022 17:37:21 GMT
Server: ECS (frb/67BC)
Etag: "72929dff5e574c1b877555fd36c7683a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 like.3.json Show response
abs.twimg.com/sticky/animations/ Frame 504F 19 KB
2 KB 64ms
9ms Fetch
application/json 2606:2800:233:8173:898f:63b3:95c3:79d2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://abs.twimg.com/sticky/animations/like.3.json

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/1.5e254e44cdee3fa37dc8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2B0) /

Resource Hash

7d2cdcfb9a06ae6226f06b3cb14c4a53fa0f94ec5048dfb469d6834f6fb4e124

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2778213
x-ton-expected-size: 19835
x-cache: HIT
vary: Accept-Encoding
content-length: 1627
x-response-time: 9
surrogate-key: twitter-assets
last-modified: Tue, 15 Feb 2022 21:43:54 GMT
server: ECAcc (frd/E2B0)
etag: "b9munHAdxNyPtNl2GaO2bw=="
strict-transport-security: max-age=631138519
content-type: application/json
access-control-allow-origin: *
x-connection-hash: b2416fb8c94532ef46b2069f2a8d4ab6aa32507f9132cb6f6efe61940801c5b3
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 31 Aug 2023 16:06:04 GMT

GET
H2 200 LuRpxXV2_RAMSqDL.jpg
pbs.twimg.com/ext_tw_video_thumb/1565007271578505217/pu/img/ Frame 504F 77 KB
78 KB 288ms
147ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1565007271578505217/pu/img/LuRpxXV2_RAMSqDL.jpg

Requested by

Host: syndication.twitter.com
URL: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=a523be257c00bf7735885393b7cb849c15275a5b&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_p /

Resource Hash

8bf7a7b8f6a4308ab1f43290220289403832769fd02ee219a4f5e7a74346f40e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10865360,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__SCHIPHOL,o=20940],[c=w,n=US_IL_CHICAGO,o=20940],[c=w,n=US_IL_CHICAGO,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 79234
x-response-time: 95
last-modified: Wed, 31 Aug 2022 16:01:04 GMT
server: tsa_p
date: Wed, 31 Aug 2022 16:06:05 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f1e1725eb4228a4122bb1b3110434010d82969cb494a16c827a87b6da048da03
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FbgESz0XwAMSgxP.jpg
pbs.twimg.com/tweet_video_thumb/ Frame 504F 17 KB
17 KB 284ms
146ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/FbgESz0XwAMSgxP.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_p /

Resource Hash

3f2974438a69463a4f473185623d3eccb715ceb3f02b8882daed5bb9758cf741

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10865365,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__HAARLEM,o=20940],[c=w,n=US_GA_ATLANTA,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 17246
x-response-time: 14
last-modified: Wed, 31 Aug 2022 15:54:24 GMT
server: tsa_p
date: Wed, 31 Aug 2022 16:06:05 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b2d860bc379b7d6aad7ecfa47448eb30d1b075bd17b36d1dcd6492069770c4ee
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FbgBJAZXoAAjz4P.jpg
pbs.twimg.com/tweet_video_thumb/ Frame 504F 17 KB
17 KB 282ms
147ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/FbgBJAZXoAAjz4P.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_p /

Resource Hash

3f2974438a69463a4f473185623d3eccb715ceb3f02b8882daed5bb9758cf741

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10865364,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__HAARLEM,o=20940],[c=w,n=US_VA_ASHBURN,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 17246
x-response-time: 15
last-modified: Wed, 31 Aug 2022 15:40:37 GMT
server: tsa_p
date: Wed, 31 Aug 2022 16:06:05 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 54266ae82f474d3faf286df8017757e9897b346e79fc968432e2e3daf7178442
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Gt48SG2ugN5yv3lH.jpg
pbs.twimg.com/ext_tw_video_thumb/1564961391861268481/pu/img/ Frame 504F 47 KB
48 KB 249ms
123ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1564961391861268481/pu/img/Gt48SG2ugN5yv3lH.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

eea8447246e0f33d1b456ed8ae029bd7343a5324d13723b9a3c7e4dd76f69461

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10865361,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__HAARLEM,o=20940],[c=w,n=US_NY_NEWYORK,o=20940],[c=w,n=US_NY_NEWYORK,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 48322
x-response-time: 79
last-modified: Wed, 31 Aug 2022 12:58:46 GMT
server: tsa_a
date: Wed, 31 Aug 2022 16:06:05 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5d0d0d429ddac01bf440ebd546e459e925136a4fec76fc5134e45ae274d6255f
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 l82JNEUdlmwoIYpZ.jpg
pbs.twimg.com/ext_tw_video_thumb/1564941267867508736/pu/img/ Frame 504F 36 KB
36 KB 148ms
23ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1564941267867508736/pu/img/l82JNEUdlmwoIYpZ.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

a4bf35c2ea505cdaeb95377219a33c6ee69493c9030ca96d202cca3b13c6f529

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10865368,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__HAARLEM,o=20940],[c=p,n=NL__HAARLEM,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 36601
x-response-time: 84
last-modified: Wed, 31 Aug 2022 11:38:48 GMT
server: tsa_b
date: Wed, 31 Aug 2022 16:06:05 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f394d95d41f2fb318bd2209a042da3812132d62087c2d57408d854114a5b0cac
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 cmwDe8LwANHtl6M-.jpg
pbs.twimg.com/ext_tw_video_thumb/1564939087437611013/pu/img/ Frame 504F 127 KB
128 KB 272ms
148ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1564939087437611013/pu/img/cmwDe8LwANHtl6M-.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

3895724e8115dff6d73b840b472f80fa1d0529c915354c20063be88cdcb329dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10865366,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__SCHIPHOL,o=20940],[c=w,n=US_FL_MIAMI,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 130296
x-response-time: 93
last-modified: Wed, 31 Aug 2022 11:30:08 GMT
server: tsa_b
date: Wed, 31 Aug 2022 16:06:05 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: cbc74fa09e316df5091ebbc44ef71a8559466f28405edb3cdd7b1c5f944a1712
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 1f3a5.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 504F 771 B
559 B 58ms
24ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f3a5.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a6841d2c4a12ed948dd6c51720e62a032135ccd7f50cc17b7d8d37b20f43c2cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 420
etag: "czoNuUs5Cy/V2odAgoWgeQ=="
x-served-by: cache-fty21333-FTY, cache-fra19160-FRA
last-modified: Mon, 17 Sep 2018 19:14:56 GMT
date: Wed, 31 Aug 2022 16:06:04 GMT
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 28 Oct 2022 07:47:34 GMT

GET
H2 200 1f91d-1f3fb.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 504F 3 KB
1 KB 56ms
23ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f91d-1f3fb.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

048dc69d73f3ad0096a139da264b1aef01ec8b90b877d6e6515d08b14054bd53

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1154
etag: "c0Xe440wLKf4cdOClHmJTQ=="
x-served-by: cache-fty13721-FTY, cache-fra19160-FRA
last-modified: Tue, 08 Mar 2022 20:11:22 GMT
date: Wed, 31 Aug 2022 16:06:04 GMT
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 19 Jul 2023 06:46:30 GMT

GET
H2 200 1f535.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 504F 113 B
265 B 57ms
24ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f535.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b44a2fe208e998b56df46211e07ab012140f047e0b0621ab6b4f17ba434bfca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 125
etag: "NfzlnF0XpW1pw949iGTtIg=="
x-served-by: cache-fty21334-FTY, cache-fra19160-FRA
last-modified: Wed, 21 Feb 2018 22:31:06 GMT
date: Wed, 31 Aug 2022 16:06:04 GMT
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 18 Nov 2022 06:32:58 GMT

GET
H2 200 1f6b4-1f3fb-200d-2640-fe0f.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 504F 3 KB
1 KB 57ms
24ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f6b4-1f3fb-200d-2640-fe0f.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

21b3ea6a2f91609c3767f12b0d1f70f7c8c9939f346e777733edaa8b0891a072

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1394
etag: "uqkwe0F1cdsROBuMZIaS+A=="
x-served-by: cache-fty21370-FTY, cache-fra19160-FRA
last-modified: Wed, 19 Jun 2019 23:22:04 GMT
date: Wed, 31 Aug 2022 16:06:04 GMT
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 09 Aug 2023 06:55:17 GMT

GET
H2 200 1f6b4-1f3fb-200d-2642-fe0f.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 504F 2 KB
1 KB 15ms
15ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f6b4-1f3fb-200d-2642-fe0f.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b2831cb9703dae3b9d18ab76276a67a65de573cc498aeddaf085942f0d96c18c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1208
etag: "sIb2rTy6Hpty5P3amZledA=="
x-served-by: cache-fty21381-FTY, cache-fra19160-FRA
last-modified: Wed, 21 Feb 2018 22:31:12 GMT
date: Wed, 31 Aug 2022 16:06:05 GMT
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 05 Jul 2023 07:07:23 GMT

GET
H2 200 1f6b4-1f3fb.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 504F 3 KB
1 KB 11ms
10ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f6b4-1f3fb.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

300fc9cbe06e256f2244ebfdbde4beee7736091b392f6ba791e39a1026a13e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1329
etag: "eBCr2yPLO8ei/7U6E9yPgw=="
x-served-by: cache-fty21345-FTY, cache-fra19160-FRA
last-modified: Thu, 31 Oct 2019 20:41:51 GMT
date: Wed, 31 Aug 2022 16:06:05 GMT
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 17 Aug 2023 08:13:20 GMT

GET
H2 200 1f451.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 504F 1 KB
644 B 11ms
10ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f451.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3916390d4395ed16641c0e23d5e5a1bef9de6ce71b02c3941c0ee6f2d899c806

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 504
etag: "mP6c3sK/je14Knvx4wK2ZA=="
x-served-by: cache-fty21353-FTY, cache-fra19160-FRA
last-modified: Wed, 21 Feb 2018 22:30:55 GMT
date: Wed, 31 Aug 2022 16:06:05 GMT
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 15 Jun 2022 07:09:18 GMT

GET
H2 200 1f425.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 504F 1 KB
969 B 11ms
10ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f425.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

eb142780323f9846917143611381012150523a573d467c44fa5c5015979f73b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 669
etag: "P78J8p/ifcK4p9Bsg0Zc6A=="
x-served-by: cache-fty21343-FTY, cache-fra19160-FRA
last-modified: Wed, 21 Feb 2018 22:30:54 GMT
date: Wed, 31 Aug 2022 16:06:05 GMT
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 24 May 2023 07:23:21 GMT

GET
H2 200 1f479.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 504F 4 KB
2 KB 11ms
11ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f479.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

42df68ae2524528bf5b22f71b726909c67c1f10a5396ab19b3479b47a207196e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1903
etag: "97KGV/I6lC7YLUXtIwlNYw=="
x-served-by: cache-fty21369-FTY, cache-fra19160-FRA
last-modified: Wed, 21 Feb 2018 22:31:02 GMT
date: Wed, 31 Aug 2022 16:06:05 GMT
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 18 Nov 2022 07:59:41 GMT

GET
H2 200 1f437.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 504F 1 KB
734 B 10ms
9ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f437.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ea4dc77fdf5e91c1cac823dc7dc7108bf7cf08c4fa44ccf9492ebd332be0af01

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 601
etag: "3XfPAApympvw/AO5fh5KXQ=="
x-served-by: cache-fty21333-FTY, cache-fra19160-FRA
last-modified: Wed, 21 Feb 2018 22:30:54 GMT
date: Wed, 31 Aug 2022 16:06:05 GMT
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 17 Mar 2023 07:28:51 GMT

GET
H2 200 jot
syndication.twitter.com/i/ Frame 504F 43 B
126 B 133ms
132ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1661961964889%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2231f0cdc1eaa0f%3A1660602114609%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.publinews.gt%2Fgt%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22PublinewsGT%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%2231005a7%3A1660755999885%22%2C%22widget_data_source%22%3A%22screen-name%3APublinewsGT%22%7D&session_id=a523be257c00bf7735885393b7cb849c15275a5b

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/srv/timeline-profile/screen-name/PublinewsGT?dnt=false&embedId=twitter-widget-0&frame=false&lang=es&maxHeight=600&origin=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=a523be257c00bf7735885393b7cb849c15275a5b&showHeader=true&showReplies=false&siteScreenName=PublinewsGT&widgetsVersion=31f0cdc1eaa0f%3A1660602114609
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-response-time: 122
date: Wed, 31 Aug 2022 16:06:04 GMT
last-modified: Wed, 31 Aug 2022 16:06:05 GMT
server: tsa_o
vary: Origin
content-type: image/gif
cache-control: must-revalidate, max-age=600
x-connection-hash: 15d4a6c7665bd1436da72827753f3fe707f7a07eae5f161ff0b808a5ff05f3a1
strict-transport-security: max-age=631138519
content-length: 43

GET
H2 200 fQ0Oq5VP_normal.jpg
pbs.twimg.com/profile_images/1364237200343392258/ Frame 504F 2 KB
3 KB 21ms
20ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1364237200343392258/fQ0Oq5VP_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

9d9ca589b914280e196d256a2ddc2ca3af11118b3fc9002f6323a568d3cfc0de

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10865409,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__HAARLEM,o=20940],[c=p,n=NL__HAARLEM,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 2263
x-response-time: 20
last-modified: Tue, 23 Feb 2021 15:32:29 GMT
server: tsa_a
date: Wed, 31 Aug 2022 16:06:05 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bcec819bb398b76fe8010b6e92515028811e850da51b4e3584f72eb16708b0bf
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 JDgMG8OX_normal.jpg
pbs.twimg.com/profile_images/1524019508922486789/ Frame 504F 2 KB
2 KB 28ms
27ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1524019508922486789/JDgMG8OX_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

1baadc9204bcfe5d648f9a2181c2ea2f1795be70a9d8e863852ea8ce880084ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10865410,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__SCHIPHOL,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 2035
x-response-time: 18
last-modified: Tue, 10 May 2022 13:30:20 GMT
server: tsa_a
date: Wed, 31 Aug 2022 16:06:05 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bbf9b4f84b4ed43c1db7234689e6234701a6fbe6e8a05a8a91200c4ded45c878
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 EMjplUO0
pbs.twimg.com/card_img/1565006518059028481/ Frame 504F 4 KB
5 KB 227ms
226ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1565006518059028481/EMjplUO0?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

1a6e4d2e32c765f09b7df419485600a75821cf5b703c6d66107cd27021fe6fba

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10865411,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__SCHIPHOL,o=20940],[c=w,n=US_GA_ATLANTA,o=20940],[c=w,n=US_CA_SANJOSE,o=20940],[a=104.244.42.73,c=o]
x-client-network: EIP
x-cache: MISS
server-timing: x-cache;MISS, x-tw-cdn;AK
content-length: 4354
x-response-time: 51
last-modified: Wed, 31 Aug 2022 15:58:04 GMT
server: tsa_a
date: Wed, 31 Aug 2022 16:06:05 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ba08c226616ea4a4aa57c273425ff4807c26d0e3396934cc347dba0d6b062ebb
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 TjpU7hzI
pbs.twimg.com/card_img/1564693165260554247/ Frame 504F 5 KB
5 KB 132ms
131ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1564693165260554247/TjpU7hzI?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

698daf2a3566453c7b7229e3ddd0ba9c3ae6b381a8e1e3399e8ae79ea69412f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10865412,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__SCHIPHOL,o=20940],[c=w,n=US_IL_CHICAGO,o=20940],[c=w,n=US_IL_CHICAGO,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 4776
x-response-time: 47
last-modified: Tue, 30 Aug 2022 19:12:55 GMT
server: tsa_a
date: Wed, 31 Aug 2022 16:06:05 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 23fe23c619dbf8db6b932438689bb99d6bf8dad49a63226c907a0c8e34c7e6f7
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 KUslRBBk
pbs.twimg.com/card_img/1564998955275939840/ Frame 504F 4 KB
5 KB 129ms
128ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1564998955275939840/KUslRBBk?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_p /

Resource Hash

03187f74e9a4ce55f6a7474ff78d6487d56293723726faca10245a3c9f30de06

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10865413,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__SCHIPHOL,o=20940],[c=w,n=US_GA_ATLANTA,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 4098
x-response-time: 35
last-modified: Wed, 31 Aug 2022 15:28:01 GMT
server: tsa_p
date: Wed, 31 Aug 2022 16:06:05 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 12094282e213b7506f59f83202842b6651fb514e64e379e5d1a969e5bf1ab022
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 5WO8rYzz_normal.jpg
pbs.twimg.com/profile_images/1468801485173624832/ Frame 504F 2 KB
3 KB 28ms
27ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1468801485173624832/5WO8rYzz_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

8c63d262b420ac15948cdd4ec6763573dd783686323b8e965927aebc410b089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10865415,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=DE_NW_DUSSELDORF,o=20940],[c=p,n=DE_NW_DUSSELDORF,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 2415
x-response-time: 27
last-modified: Thu, 09 Dec 2021 04:33:37 GMT
server: tsa_b
date: Wed, 31 Aug 2022 16:06:05 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 210ae073809301f71f997d3e150b8756a23a3393f6f0dd65d7e4e8162620baf4
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FbfzqTwXoAIYOuf
pbs.twimg.com/media/ Frame 504F 4 KB
4 KB 128ms
127ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FbfzqTwXoAIYOuf?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

cd44180ac100ad42b75db164501fcf9a6b8d66efa44c6aa654f9628b0bde0567

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10865418,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__SCHIPHOL,o=20940],[c=w,n=US_IL_CHICAGO,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 3819
x-response-time: 39
last-modified: Wed, 31 Aug 2022 14:41:43 GMT
server: tsa_b
date: Wed, 31 Aug 2022 16:06:05 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9092a00060badd6340c07989f1e86fc22d14ec908982ad7ac0374d259f7edf74
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FbfzqTuXEAAcDBc
pbs.twimg.com/media/ Frame 504F 3 KB
3 KB 343ms
342ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FbfzqTuXEAAcDBc?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_p /

Resource Hash

2a40e48add0bdfafa972042f5dc16b2a3c01963696b4e28ee004a3f848685654

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10865420,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__SCHIPHOL,o=20940],[c=w,n=US_IL_CHICAGO,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 2706
x-response-time: 58
last-modified: Wed, 31 Aug 2022 14:41:43 GMT
server: tsa_p
date: Wed, 31 Aug 2022 16:06:05 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f07d4bcf4db42f25577e61300add88c2f97d08d38a433f42c8d64012d9f1c0eb
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Fbfu-mbXwAMh0Nb
pbs.twimg.com/media/ Frame 504F 5 KB
6 KB 414ms
414ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Fbfu-mbXwAMh0Nb?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_p /

Resource Hash

da1b3e1c7ec456b6db1160ea606a50e228743d1b2c740d32cf772c5387ef7e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10865371,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__SCHIPHOL,o=20940],[c=w,n=US_IL_CHICAGO,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 5190
x-response-time: 252
last-modified: Wed, 31 Aug 2022 14:21:16 GMT
server: tsa_p
date: Wed, 31 Aug 2022 16:06:05 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: eef34e424906df91efc24f2989c8d87fdc33992dd4799e1b56c62e9bd1442d47
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 3cA2e-Mp
pbs.twimg.com/card_img/1564972239728119808/ Frame 504F 3 KB
3 KB 99ms
99ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1564972239728119808/3cA2e-Mp?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

c1dfd4798acc0ff18360293f0622138167322700d64c5b1bbc6dbcf21fc28204

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10865376,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__SCHIPHOL,o=20940],[c=w,n=US_PA_PHILADELPHIA,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 2997
x-response-time: 40
last-modified: Wed, 31 Aug 2022 13:41:52 GMT
server: tsa_b
date: Wed, 31 Aug 2022 16:06:05 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 99c5cca4b8332e7104ef0c05985ab2743d227c403ee9f966fb5012c19a93ef13
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FbfpME_WQAASRf1
pbs.twimg.com/media/ Frame 504F 4 KB
5 KB 137ms
136ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FbfpME_WQAASRf1?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

91974b47f306b283eaa6ca1ce2fad0aca0f8d0d7e712dbea00baf46d4294c138

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10865388,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__HAARLEM,o=20940],[c=w,n=US_VA_ASHBURN,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 4506
x-response-time: 44
last-modified: Wed, 31 Aug 2022 13:55:58 GMT
server: tsa_a
date: Wed, 31 Aug 2022 16:06:05 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7514e4ed3b17b9663dbe56365536f81b84fc74a4864fc2c522c8cfddda96ddaa
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Fbfn3c6WAAICMaA
pbs.twimg.com/media/ Frame 504F 4 KB
5 KB 135ms
134ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Fbfn3c6WAAICMaA?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

0decddc06b93f573dc4d1d51522ac0c4634d599a848946a7a8793a98f3f4ef56

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10865389,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__HAARLEM,o=20940],[c=w,n=US_GA_MARIETTA,o=20940],[c=w,n=US_GA_MARIETTA,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 4184
x-response-time: 56
last-modified: Wed, 31 Aug 2022 13:50:12 GMT
server: tsa_a
date: Wed, 31 Aug 2022 16:06:05 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e4286d0cf764bd858a8f52935ab5171242a469fecb50c5ea4a66172bc669caad
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Fbfno1uXEAAiGxx
pbs.twimg.com/media/ Frame 504F 3 KB
4 KB 132ms
132ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Fbfno1uXEAAiGxx?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

a6a29f11745ce1c159fe4ccb3584b6b24eedef4f1e688919a893a5ba501afbf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10865397,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__SCHIPHOL,o=20940],[c=w,n=US_VA_ASHBURN,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 3204
x-response-time: 46
last-modified: Wed, 31 Aug 2022 13:49:12 GMT
server: tsa_b
date: Wed, 31 Aug 2022 16:06:05 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 811673f68d46affe4907933dc06855fda6853bc93c8943ec3aac689eaf6c0547
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 zT6PWYSp
pbs.twimg.com/card_img/1564766045507928064/ Frame 504F 4 KB
4 KB 375ms
375ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1564766045507928064/zT6PWYSp?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

fa9805d642c30f5324b073d965bb3871ba41911e6ca4272a6008cb80fada01c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10865421,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__SCHIPHOL,o=20940],[c=w,n=US_FL_MIAMI,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 3597
x-response-time: 51
last-modified: Wed, 31 Aug 2022 00:02:31 GMT
server: tsa_a
date: Wed, 31 Aug 2022 16:06:05 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 93d2bcc438d741fca9d06c876b5fe3eba82ddf48d45922a8a4ed8b70b0e13116
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 IbKcD4zj
pbs.twimg.com/card_img/1564633514720518146/ Frame 504F 4 KB
5 KB 132ms
132ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1564633514720518146/IbKcD4zj?format=jpg&name=120x120

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_p /

Resource Hash

1ca560867c39648af7922590ac8349d2ade397b6b0fd8880f065901d05ffdb51

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10865430,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__HAARLEM,o=20940],[c=w,n=US_IL_CHICAGO,o=20940],[c=w,n=US_IL_CHICAGO,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 4304
x-response-time: 42
last-modified: Tue, 30 Aug 2022 15:15:54 GMT
server: tsa_p
date: Wed, 31 Aug 2022 16:06:05 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 77bdd7505c0ca767dc1db1e65553f6ad571764d3b0fbf777c140a62451d0f03d
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK 1.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame DBB5 66 KB
66 KB 13ms
12ms Image
image/jpeg 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/1.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash: 6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:05 GMT
Last-Modified: Wed, 27 Jul 2022 15:08:12 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag: "106d2-5e4cac9205881"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 67282

GET
H/1.1 200
OK 2.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame DBB5 66 KB
66 KB 15ms
13ms Image
image/jpeg 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/2.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash: 6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:05 GMT
Last-Modified: Wed, 27 Jul 2022 15:08:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag: "106d2-5e4cac916bf77"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 67282

GET
H/1.1 200
OK 3.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame DBB5 66 KB
66 KB 15ms
13ms Image
image/jpeg 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/3.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash: 6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:05 GMT
Last-Modified: Wed, 27 Jul 2022 15:08:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag: "106d2-5e4cac9176b58"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 67282

GET
H/1.1 200
OK 4.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame DBB5 66 KB
66 KB 43ms
16ms Image
image/jpeg 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/4.jpg
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash: 6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:05 GMT
Last-Modified: Wed, 27 Jul 2022 15:08:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag: "106d2-5e4cac90d266e"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 67282

GET
H/1.1 200
OK 1.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame 6228 66 KB
66 KB 44ms
17ms Image
image/jpeg 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/1.jpg
Requested by: Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash: 6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:05 GMT
Last-Modified: Wed, 27 Jul 2022 15:08:12 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag: "106d2-5e4cac9205881"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 67282

GET
H/1.1 200
OK 2.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame 6228 66 KB
66 KB 45ms
17ms Image
image/jpeg 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/2.jpg
Requested by: Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash: 6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:05 GMT
Last-Modified: Wed, 27 Jul 2022 15:08:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag: "106d2-5e4cac916bf77"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 67282

GET
H/1.1 200
OK 3.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame 6228 66 KB
66 KB 58ms
16ms Image
image/jpeg 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/3.jpg
Requested by: Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash: 6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:05 GMT
Last-Modified: Wed, 27 Jul 2022 15:08:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag: "106d2-5e4cac9176b58"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 67282

GET
H/1.1 200
OK 4.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame 6228 66 KB
66 KB 79ms
33ms Image
image/jpeg 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/4.jpg
Requested by: Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash: 6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:05 GMT
Last-Modified: Wed, 27 Jul 2022 15:08:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag: "106d2-5e4cac90d266e"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 67282

GET
H/1.1 200
OK 1.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame ECA2 66 KB
66 KB 62ms
16ms Image
image/jpeg 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/1.jpg
Requested by: Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash: 6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:05 GMT
Last-Modified: Wed, 27 Jul 2022 15:08:12 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag: "106d2-5e4cac9205881"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 67282

GET
H/1.1 200
OK 2.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame ECA2 66 KB
66 KB 112ms
21ms Image
image/jpeg 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/2.jpg
Requested by: Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash: 6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:05 GMT
Last-Modified: Wed, 27 Jul 2022 15:08:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag: "106d2-5e4cac916bf77"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 67282

GET
H/1.1 200
OK 3.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame ECA2 66 KB
66 KB 116ms
16ms Image
image/jpeg 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/3.jpg
Requested by: Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash: 6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:05 GMT
Last-Modified: Wed, 27 Jul 2022 15:08:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag: "106d2-5e4cac9176b58"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 67282

GET
H/1.1 200
OK 4.jpg
ads.emisorasunidas.com/2022/08/upa/layerdk/ Frame ECA2 66 KB
66 KB 116ms
16ms Image
image/jpeg 144.76.115.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/4.jpg
Requested by: Host: ads.emisorasunidas.com
URL: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.115.197 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.197.115.76.144.clients.your-server.de
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33 /
Resource Hash: 6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.emisorasunidas.com/2022/08/upa/layerdk/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:05 GMT
Last-Modified: Wed, 27 Jul 2022 15:08:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.3.33
ETag: "106d2-5e4cac90d266e"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 67282

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6151 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1bB6naFPbk-h3IMKSzldrUIuI3XNaM3Cuw3kSbv34CG_NHkhAtLN2wgViR93uUqrOUNn-JcGPPOsOz0Pbd4vQjjy3LHnr4jHd44iKeT6zFaVulViAdhamCF2W&sai=AMfl-YTVxwBV73qoSQuSCFqftB7KDDctkfwseRTGmGi23LIl1lIlhP54OFQakfFVsFpWIc2_gpX-CjC6pKA8dGO8_kk-5HmOU5XgCgHt3WqWEQ&sig=Cg0ArKJSzBUgj5M-ysQ2EAE&cid=CAQSLgCsnQUxQykVlEe9bolkZfsPcNI58CtMlCfZCTkxIHCP0tBgoQ1jBvpq8qP-Fbc&id=lidar2&mcvt=1378&p=8,650,258,950&mtos=1378,1378,1378,1378,1378&tos=1378,0,0,0,0&v=20220829&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3455657583&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661961962071&rpt=2058&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90003.redintelligence.net/ Frame B336 0
150 B 35ms
12ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/viewability?s=46587700109294100757589012068003&a=9b92099b&vb=v
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=46587700109294100757589012068003&a=ba798642
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/request_content.php?s=46587700109294100757589012068003&a=ba798642
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:05 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 / Show response
c.mgid.com/pv/ 0
66 B 127ms
118ms Script
text/plain 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=166196196554192907454&uniqId=065fd&lct=1661299200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&lu=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=630f86ee-0b85e&pageView=1&pvid=182f4a70fe598464a3a&site=708914&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 743702ecbd349177-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content 9b8d9544-6eea-4752-955a-953520434028
https://www.publinews.gt/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.publinews.gt/9b8d9544-6eea-4752-955a-953520434028
Requested by: Host: www.publinews.gt
URL: https://www.publinews.gt/gt/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 1f3a5.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 504F 771 B
582 B 119ms
119ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f3a5.svg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a6841d2c4a12ed948dd6c51720e62a032135ccd7f50cc17b7d8d37b20f43c2cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 420
etag: "czoNuUs5Cy/V2odAgoWgeQ=="
x-served-by: cache-fty21333-FTY, cache-fra19160-FRA
last-modified: Mon, 17 Sep 2018 19:14:56 GMT
date: Wed, 31 Aug 2022 16:06:05 GMT
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 28 Oct 2022 07:47:34 GMT

GET
H2 200 1f91d-1f3fb.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 504F 3 KB
1 KB 92ms
92ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f91d-1f3fb.svg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

048dc69d73f3ad0096a139da264b1aef01ec8b90b877d6e6515d08b14054bd53

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1154
etag: "c0Xe440wLKf4cdOClHmJTQ=="
x-served-by: cache-fty13721-FTY, cache-fra19160-FRA
last-modified: Tue, 08 Mar 2022 20:11:22 GMT
date: Wed, 31 Aug 2022 16:06:05 GMT
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 19 Jul 2023 06:46:30 GMT

GET
H2 200 1f535.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 504F 113 B
449 B 92ms
92ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f535.svg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b44a2fe208e998b56df46211e07ab012140f047e0b0621ab6b4f17ba434bfca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 125
etag: "NfzlnF0XpW1pw949iGTtIg=="
x-served-by: cache-fty21334-FTY, cache-fra19160-FRA
last-modified: Wed, 21 Feb 2018 22:31:06 GMT
date: Wed, 31 Aug 2022 16:06:05 GMT
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 18 Nov 2022 06:32:58 GMT

GET
H2 200 1f6b4-1f3fb-200d-2640-fe0f.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 504F 3 KB
1 KB 84ms
84ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f6b4-1f3fb-200d-2640-fe0f.svg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

21b3ea6a2f91609c3767f12b0d1f70f7c8c9939f346e777733edaa8b0891a072

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1394
etag: "uqkwe0F1cdsROBuMZIaS+A=="
x-served-by: cache-fty21370-FTY, cache-fra19160-FRA
last-modified: Wed, 19 Jun 2019 23:22:04 GMT
date: Wed, 31 Aug 2022 16:06:05 GMT
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 09 Aug 2023 06:55:17 GMT

GET
H2 200 1f6b4-1f3fb-200d-2642-fe0f.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 504F 2 KB
1 KB 84ms
84ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f6b4-1f3fb-200d-2642-fe0f.svg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b2831cb9703dae3b9d18ab76276a67a65de573cc498aeddaf085942f0d96c18c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1208
etag: "sIb2rTy6Hpty5P3amZledA=="
x-served-by: cache-fty21381-FTY, cache-fra19160-FRA
last-modified: Wed, 21 Feb 2018 22:31:12 GMT
date: Wed, 31 Aug 2022 16:06:05 GMT
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 05 Jul 2023 07:07:23 GMT

GET
H2 200 1f6b4-1f3fb.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 504F 3 KB
1 KB 84ms
84ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f6b4-1f3fb.svg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

300fc9cbe06e256f2244ebfdbde4beee7736091b392f6ba791e39a1026a13e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1329
etag: "eBCr2yPLO8ei/7U6E9yPgw=="
x-served-by: cache-fty21345-FTY, cache-fra19160-FRA
last-modified: Thu, 31 Oct 2019 20:41:51 GMT
date: Wed, 31 Aug 2022 16:06:05 GMT
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 17 Aug 2023 08:13:20 GMT

GET
H2 200 1f451.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 504F 1 KB
644 B 11ms
10ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f451.svg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3916390d4395ed16641c0e23d5e5a1bef9de6ce71b02c3941c0ee6f2d899c806

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 504
etag: "mP6c3sK/je14Knvx4wK2ZA=="
x-served-by: cache-fty21353-FTY, cache-fra19160-FRA
last-modified: Wed, 21 Feb 2018 22:30:55 GMT
date: Wed, 31 Aug 2022 16:06:05 GMT
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 15 Jun 2022 07:09:18 GMT

GET
H2 200 1f425.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 504F 1 KB
831 B 11ms
11ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f425.svg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

eb142780323f9846917143611381012150523a573d467c44fa5c5015979f73b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 669
etag: "P78J8p/ifcK4p9Bsg0Zc6A=="
x-served-by: cache-fty21343-FTY, cache-fra19160-FRA
last-modified: Wed, 21 Feb 2018 22:30:54 GMT
date: Wed, 31 Aug 2022 16:06:05 GMT
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Wed, 24 May 2023 07:23:21 GMT

GET
H2 200 1f479.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 504F 4 KB
2 KB 11ms
11ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f479.svg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

42df68ae2524528bf5b22f71b726909c67c1f10a5396ab19b3479b47a207196e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1903
etag: "97KGV/I6lC7YLUXtIwlNYw=="
x-served-by: cache-fty21369-FTY, cache-fra19160-FRA
last-modified: Wed, 21 Feb 2018 22:31:02 GMT
date: Wed, 31 Aug 2022 16:06:05 GMT
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 18 Nov 2022 07:59:41 GMT

GET
H2 200 1f437.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 504F 1 KB
902 B 11ms
11ms Image
image/svg+xml 104.244.43.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs-0.twimg.com/emoji/v2/svg/1f437.svg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.43.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ea4dc77fdf5e91c1cac823dc7dc7108bf7cf08c4fa44ccf9492ebd332be0af01

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 601
etag: "3XfPAApympvw/AO5fh5KXQ=="
x-served-by: cache-fty21333-FTY, cache-fra19160-FRA
last-modified: Wed, 21 Feb 2018 22:30:54 GMT
date: Wed, 31 Aug 2022 16:06:05 GMT
vary: Accept-Encoding
x-tw-cdn: FT
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Fri, 17 Mar 2023 07:28:51 GMT

GET
H2 200 LuRpxXV2_RAMSqDL.jpg
pbs.twimg.com/ext_tw_video_thumb/1565007271578505217/pu/img/ Frame 504F 77 KB
78 KB 16ms
15ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1565007271578505217/pu/img/LuRpxXV2_RAMSqDL.jpg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_p /

Resource Hash

8bf7a7b8f6a4308ab1f43290220289403832769fd02ee219a4f5e7a74346f40e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10866381,c=g,n=NL__AMSTERDAM,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 79234
x-response-time: 95
last-modified: Wed, 31 Aug 2022 16:01:04 GMT
server: tsa_p
date: Wed, 31 Aug 2022 16:06:06 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f1e1725eb4228a4122bb1b3110434010d82969cb494a16c827a87b6da048da03
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FbgESz0XwAMSgxP.jpg
pbs.twimg.com/tweet_video_thumb/ Frame 504F 17 KB
17 KB 15ms
14ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/FbgESz0XwAMSgxP.jpg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_p /

Resource Hash

3f2974438a69463a4f473185623d3eccb715ceb3f02b8882daed5bb9758cf741

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10866383,c=g,n=NL__AMSTERDAM,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 17246
x-response-time: 14
last-modified: Wed, 31 Aug 2022 15:54:24 GMT
server: tsa_p
date: Wed, 31 Aug 2022 16:06:06 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b2d860bc379b7d6aad7ecfa47448eb30d1b075bd17b36d1dcd6492069770c4ee
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FbgBJAZXoAAjz4P.jpg
pbs.twimg.com/tweet_video_thumb/ Frame 504F 17 KB
17 KB 18ms
18ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/FbgBJAZXoAAjz4P.jpg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_p /

Resource Hash

3f2974438a69463a4f473185623d3eccb715ceb3f02b8882daed5bb9758cf741

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10866384,c=g,n=NL__AMSTERDAM,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 17246
x-response-time: 15
last-modified: Wed, 31 Aug 2022 15:40:37 GMT
server: tsa_p
date: Wed, 31 Aug 2022 16:06:06 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 54266ae82f474d3faf286df8017757e9897b346e79fc968432e2e3daf7178442
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FbfzqTwXoAIYOuf
pbs.twimg.com/media/ Frame 504F 4 KB
4 KB 19ms
19ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FbfzqTwXoAIYOuf?format=jpg&name=120x120

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

cd44180ac100ad42b75db164501fcf9a6b8d66efa44c6aa654f9628b0bde0567

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10866386,c=g,n=NL__AMSTERDAM,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 3819
x-response-time: 39
last-modified: Wed, 31 Aug 2022 14:41:43 GMT
server: tsa_b
date: Wed, 31 Aug 2022 16:06:06 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9092a00060badd6340c07989f1e86fc22d14ec908982ad7ac0374d259f7edf74
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FbfzqTuXEAAcDBc
pbs.twimg.com/media/ Frame 504F 3 KB
3 KB 19ms
19ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FbfzqTuXEAAcDBc?format=jpg&name=120x120

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_p /

Resource Hash

2a40e48add0bdfafa972042f5dc16b2a3c01963696b4e28ee004a3f848685654

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10866388,c=g,n=NL__AMSTERDAM,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 2706
x-response-time: 58
last-modified: Wed, 31 Aug 2022 14:41:43 GMT
server: tsa_p
date: Wed, 31 Aug 2022 16:06:06 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f07d4bcf4db42f25577e61300add88c2f97d08d38a433f42c8d64012d9f1c0eb
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Fbfu-mbXwAMh0Nb
pbs.twimg.com/media/ Frame 504F 5 KB
6 KB 20ms
19ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Fbfu-mbXwAMh0Nb?format=jpg&name=120x120

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_p /

Resource Hash

da1b3e1c7ec456b6db1160ea606a50e228743d1b2c740d32cf772c5387ef7e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10866389,c=g,n=NL__AMSTERDAM,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 5190
x-response-time: 252
last-modified: Wed, 31 Aug 2022 14:21:16 GMT
server: tsa_p
date: Wed, 31 Aug 2022 16:06:06 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: eef34e424906df91efc24f2989c8d87fdc33992dd4799e1b56c62e9bd1442d47
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FbfpME_WQAASRf1
pbs.twimg.com/media/ Frame 504F 4 KB
5 KB 20ms
19ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FbfpME_WQAASRf1?format=jpg&name=120x120

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

91974b47f306b283eaa6ca1ce2fad0aca0f8d0d7e712dbea00baf46d4294c138

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10866390,c=g,n=NL__AMSTERDAM,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 4506
x-response-time: 44
last-modified: Wed, 31 Aug 2022 13:55:58 GMT
server: tsa_a
date: Wed, 31 Aug 2022 16:06:06 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7514e4ed3b17b9663dbe56365536f81b84fc74a4864fc2c522c8cfddda96ddaa
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Fbfn3c6WAAICMaA
pbs.twimg.com/media/ Frame 504F 4 KB
5 KB 20ms
20ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Fbfn3c6WAAICMaA?format=jpg&name=120x120

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

0decddc06b93f573dc4d1d51522ac0c4634d599a848946a7a8793a98f3f4ef56

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10866393,c=g,n=NL__AMSTERDAM,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 4184
x-response-time: 56
last-modified: Wed, 31 Aug 2022 13:50:12 GMT
server: tsa_a
date: Wed, 31 Aug 2022 16:06:06 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e4286d0cf764bd858a8f52935ab5171242a469fecb50c5ea4a66172bc669caad
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Fbfno1uXEAAiGxx
pbs.twimg.com/media/ Frame 504F 3 KB
4 KB 20ms
20ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Fbfno1uXEAAiGxx?format=jpg&name=120x120

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

a6a29f11745ce1c159fe4ccb3584b6b24eedef4f1e688919a893a5ba501afbf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10866398,c=g,n=NL__AMSTERDAM,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 3204
x-response-time: 46
last-modified: Wed, 31 Aug 2022 13:49:12 GMT
server: tsa_b
date: Wed, 31 Aug 2022 16:06:06 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 811673f68d46affe4907933dc06855fda6853bc93c8943ec3aac689eaf6c0547
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 Gt48SG2ugN5yv3lH.jpg
pbs.twimg.com/ext_tw_video_thumb/1564961391861268481/pu/img/ Frame 504F 47 KB
48 KB 20ms
20ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1564961391861268481/pu/img/Gt48SG2ugN5yv3lH.jpg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_a /

Resource Hash

eea8447246e0f33d1b456ed8ae029bd7343a5324d13723b9a3c7e4dd76f69461

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10866399,c=g,n=NL__AMSTERDAM,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 48322
x-response-time: 79
last-modified: Wed, 31 Aug 2022 12:58:46 GMT
server: tsa_a
date: Wed, 31 Aug 2022 16:06:06 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5d0d0d429ddac01bf440ebd546e459e925136a4fec76fc5134e45ae274d6255f
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 l82JNEUdlmwoIYpZ.jpg
pbs.twimg.com/ext_tw_video_thumb/1564941267867508736/pu/img/ Frame 504F 36 KB
36 KB 26ms
26ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1564941267867508736/pu/img/l82JNEUdlmwoIYpZ.jpg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

a4bf35c2ea505cdaeb95377219a33c6ee69493c9030ca96d202cca3b13c6f529

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10866408,c=g,n=NL__AMSTERDAM,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 36601
x-response-time: 84
last-modified: Wed, 31 Aug 2022 11:38:48 GMT
server: tsa_b
date: Wed, 31 Aug 2022 16:06:06 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f394d95d41f2fb318bd2209a042da3812132d62087c2d57408d854114a5b0cac
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 cmwDe8LwANHtl6M-.jpg
pbs.twimg.com/ext_tw_video_thumb/1564939087437611013/pu/img/ Frame 504F 127 KB
128 KB 29ms
29ms Image
image/jpeg 2600:1480:4000:e5::
AKAMAI-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/1564939087437611013/pu/img/cmwDe8LwANHtl6M-.jpg

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/_next/static/chunks/0.8f205dbb7b06b224e307.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1480:4000:e5:: , United States, ASN33905 (AKAMAI-AMS, NL),

Reverse DNS

Software

tsa_b /

Resource Hash

3895724e8115dff6d73b840b472f80fa1d0529c915354c20063be88cdcb329dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=631138519
x-content-type-options: nosniff
akamai-request-bc: [a=23.72.252.140,b=10866409,c=g,n=NL__AMSTERDAM,o=20940]
x-client-network: EIP
x-cache: HIT
server-timing: x-cache;HIT, x-tw-cdn;AK
content-length: 130296
x-response-time: 93
last-modified: Wed, 31 Aug 2022 11:30:08 GMT
server: tsa_b
date: Wed, 31 Aug 2022 16:06:06 GMT
x-tw-cdn: AK
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: cbc74fa09e316df5091ebbc44ef71a8559466f28405edb3cdd7b1c5f944a1712
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 63ms
63ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fa1eb7a1246566567e8b5441a15c0a800290a29f834e5fd04f8e685d91f189b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 31 Aug 2022 16:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11207
x-xss-protection: 0

GET
H/1.1 200
OK asyncspc.php Show response
adserver.latinon.com/revive/www/delivery/ 640 B
1 KB 98ms
98ms XHR
application/json 64.227.27.145
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://adserver.latinon.com/revive/www/delivery/asyncspc.php?zones=137&prefix=revive-0-&loc=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F

Requested by

Host: adserver.latinon.com
URL: https://adserver.latinon.com/revive/www/delivery/asyncjs.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.227.27.145 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c3121d3e327dc933fef1ab5d314019e98ae933f3245f83f1ade0cf7790e0fc2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Aug 2022 16:06:06 GMT
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: https://www.publinews.gt
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=20
X-Xss-Protection: 1; mode=block
Expires: 0

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 37ms
22ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 2470
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 67ZG7SP8DNFCVTQJ
x-amz-id-2: gBBZPLDQhKmBhK7vlxlqP6K64w2SI1HbhmOh1XyJ5zYwBFOmN7k53HNoa9ktypS8UDIE4nfJgXw=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 743702f06bd89177-FRA
expires: Thu, 01 Sep 2022 16:06:06 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
909 B 36ms
22ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 1370
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BQQP2P0ZGAY0CMXJ
x-amz-id-2: Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 743702f06bd59177-FRA
expires: Thu, 01 Sep 2022 16:06:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 16:06:06 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1129387/ 4 KB
2 KB 62ms
49ms Script
application/x-javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1129387/1?pv=5&cbuster=166196196617495250698&uniqId=065fd&lct=1661299200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=1360&h=318&maxw_3=326&maxh_3=258&ident_p=true&cols=4&ref=&cxurl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&lu=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&sessionId=630f86ee-0b85e&pageView=1&pvid=182f4a70fe598464a3a&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 616e09d9f8500ea986c7cf76a43a8cb0581f1645c13d795335dcff54b8ea7415

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 743702f0bc809177-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 155dcdf3ddeff9bb6e907995757ca0fa.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/ Frame 249C 20 KB
20 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/155dcdf3ddeff9bb6e907995757ca0fa.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81f5a77969e0be31aca8599391449b284d3faf2322bed3e186fcdfdd80c4a781

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 49306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20858
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 31 Aug 2022 02:24:20 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 02:24:20 GMT

GET
H3 200 1651e19e4156ba9c441b0295aa33da49.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/ Frame 249C 38 KB
38 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/1651e19e4156ba9c441b0295aa33da49.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4a35db5faffafaa894fb7f1e6b9c130d9688d0c7e9736958956f1d97ea6b42

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 49303
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38874
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 31 Aug 2022 02:24:23 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 02:24:23 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FF30 13 KB
5 KB 13ms
13ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 862
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 15:51:44 GMT
expires: Thu, 31 Aug 2023 15:51:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5EAF 783 B
534 B 25ms
25ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5cf6f15795782d7a4b4daca9375620e43236057578e80210b293c9a98119ffa1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8SjFqHDsbwsnVfbYjKlrkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-8SjFqHDsbwsnVfbYjKlrkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 16:06:06 GMT
expires: Wed, 31 Aug 2022 16:06:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK spt Show response
tg1.aniview.com/api/adserver/ 16 KB
5 KB 181ms
108ms Script
text/javascript 2a02:26f0:3500:58c::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=62a37b4eabc9f014c02c6f24&AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Requested by: Host: adserver.latinon.com
URL: https://adserver.latinon.com/revive/www/delivery/asyncjs.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8238b95c4c4415a5368700623bdfd7c36f8930a55b00eada96a9e46d3ed550bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 4778
Expires: Wed, 31 Aug 2022 16:11:06 GMT

GET
H/1.1 200
OK lg.php
adserver.latinon.com/revive/www/delivery/ 43 B
580 B 100ms
100ms Image
image/gif 64.227.27.145
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adserver.latinon.com/revive/www/delivery/lg.php?bannerid=4054&campaignid=125&zoneid=137&loc=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&cb=7696b39c67

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

64.227.27.145 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 31 Aug 2022 16:06:06 GMT
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=20
X-Xss-Protection: 1; mode=block
Expires: 0

GET
H3 200 ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js Show response
pagead2.googlesyndication.com/bg/ Frame FF30 36 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ppzs-o_oDTLysEGEkZroIB51IgxzANAUgUjK_Y8VX9I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a69cecfa8fe80d32f2b04184919ae8201e75220c7300d0148148cafd8f155fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 11:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15877
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 11:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Aug 2023 11:57:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5EAF 0
0 47ms
47ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082501&jk=3672797894874316&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 20ms
19ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 2470
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 67ZG7SP8DNFCVTQJ
x-amz-id-2: gBBZPLDQhKmBhK7vlxlqP6K64w2SI1HbhmOh1XyJ5zYwBFOmN7k53HNoa9ktypS8UDIE4nfJgXw=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 743702f12fca9174-FRA
expires: Thu, 01 Sep 2022 16:06:06 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1009 B 29ms
29ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 1370
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: BQQP2P0ZGAY0CMXJ
x-amz-id-2: Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 743702f12fcb9174-FRA
expires: Thu, 01 Sep 2022 16:06:06 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8xMjUzMDgvMzU5M...
s-img.mgid.com/g/13801735/492x277/-/ 18 KB
18 KB 51ms
19ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/13801735/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8xMjUzMDgvMzU5MGFjODU2YzQzNzQ5NWU3MmVkZmFiMjRhNmIwNGQucG5n.webp?v=1661961966--19QQQ4h3Lleiqfzff5RWqJfcU5jHz1MQRCvPSlL2KI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ab2e236a9d9c8ab68da49e83a457d58223c9485146143695b11a71e27936035

Request headers

Referer: https://www.publinews.gt/
Origin: https://www.publinews.gt
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:06 GMT
cf-cache-status: HIT
last-modified: Tue, 16 Aug 2022 10:03:43 GMT
x-mg-request-uuid: a0a3dc69-08b5-4a00-b457-557183302c78
age: 1317710
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 743702f15af690fa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17982
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC82MTc4MDQvYTE0Y...
s-img.mgid.com/g/13789370/492x277/-/ 34 KB
34 KB 50ms
18ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/13789370/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC82MTc4MDQvYTE0YWMxYjRiYjg4MzkxN2U0YTQ3YzI5NWJiMWI2NWEuanBn.webp?v=1661961966-8p9ov9bntuR15MObWO8rL1HxJa-g9T13dPNKy1pC6zE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67c76dc49e784d88116f5822e4cc1f368adbad41575c6d7f9c5970e97917a40a

Request headers

Referer: https://www.publinews.gt/
Origin: https://www.publinews.gt
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:06 GMT
cf-cache-status: HIT
last-modified: Mon, 29 Aug 2022 05:07:48 GMT
x-mg-request-uuid: 6f981994-4fa9-4b23-9c64-ebacb04c4481
age: 212298
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 743702f15af890fa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34880
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMy81NjkyOTkvOGRjMmE3NDNkZjAyNzZhM...
s-img.mgid.com/g/12569707/492x277/-/ 6 KB
6 KB 48ms
16ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12569707/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMy81NjkyOTkvOGRjMmE3NDNkZjAyNzZhMTdiNWY5NWM0OTJiYWU5MDIuanBlZw.webp?v=1661961966-3_ACRGRzz6XUdXM3nUZcUxndWpFUnPPURBQGScbyJC8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb8bb874ced68a143fee84a02bd867070bdada50718cddbf7cab321a4434e37b

Request headers

Referer: https://www.publinews.gt/
Origin: https://www.publinews.gt
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:06 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Jun 2022 13:13:55 GMT
x-mg-request-uuid: bd16fbc0-d492-4657-a33e-73641696503a
age: 7872731
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 743702f15af990fa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5854
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS82NjM2NjEvMjc2YThjODQyZjg5YTc5Z...
s-img.mgid.com/g/10570875/492x277/-/ 6 KB
6 KB 49ms
17ms Image
image/webp 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/10570875/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wOS82NjM2NjEvMjc2YThjODQyZjg5YTc5ZGQwYWI0OGVlMGQ1NmExYzMuanBn.webp?v=1661961966-3fPhlArzOgDu5QnQfYkyO6K4Fe3AkPogIIIb5NnrvKA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f232db997af9297ea139790efc0c17995c43210405c7fd383787c2bb9cea50e

Request headers

Referer: https://www.publinews.gt/
Origin: https://www.publinews.gt
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:06 GMT
cf-cache-status: HIT
last-modified: Fri, 19 Aug 2022 07:17:07 GMT
x-mg-request-uuid: 5980b76e-0aa0-439d-9809-80688e89a049
age: 540714
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 743702f15afa90fa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6228
server: cloudflare

GET
H2 200 i.js Show response
cm.mgid.com/ 0
101 B 116ms
107ms Script
application/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1661961966313246328770
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 743702f18dfa9177-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 0121 0
37 B 115ms
115ms Script
application/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1661961966333155956121
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 743702f19e189177-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 209 KB
67 KB 41ms
8ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e44c56414d6d7edd75f68e972b2c7161626f82d4d3df26d8b76c237a223c090a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:06 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 10:48:20 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=67383
accept-ranges: bytes
content-type: application/javascript
content-length: 68097
expires: Thu, 01 Sep 2022 10:49:09 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 48 KB
14 KB 46ms
16ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/u/publinews.gt.1129387.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 31 Aug 2022 16:06:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 11:00:45 GMT
server: cloudflare
age: 564
etag: W/"b17c28d6fd88a6b12feea5c52e9a7485"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 743702f1eae19b80-FRA
x-amz-request-id: HRQ38KM5DBZV2DC4
x-amz-id-2: dsDVI8faOYy6oyRJY6wu7jliwz0n3Tky/FX2PmD63Xnhwsx8KiWUrLZAMhNgmC4cXpqv1Kh3ac0=

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FF30 0
12 B 14ms
13ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?u3eK4w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 1651e19e4156ba9c441b0295aa33da49.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/ Frame B3D5 38 KB
38 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/1651e19e4156ba9c441b0295aa33da49.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/e6f40d138158e41bbc4290d1d8f9ae48.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4a35db5faffafaa894fb7f1e6b9c130d9688d0c7e9736958956f1d97ea6b42

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 49303
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38874
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 31 Aug 2022 02:24:23 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 02:24:23 GMT

GET
H3 200 155dcdf3ddeff9bb6e907995757ca0fa.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/ Frame B3D5 20 KB
20 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/155dcdf3ddeff9bb6e907995757ca0fa.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81f5a77969e0be31aca8599391449b284d3faf2322bed3e186fcdfdd80c4a781

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 49306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20858
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 31 Aug 2022 02:24:20 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 02:24:20 GMT

GET
H2 200 player.js Show response
player.aniview.com/script/6.1/ 28 KB
10 KB 94ms
10ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/player.js
Requested by: Host: tg1.aniview.com
URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=62a37b4eabc9f014c02c6f24&AV_PUBLISHERID=5d31fb2628a06116ff22aef3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: ca54edd0ecccc0631469de08f41f95ffc860a900aadb27b909da20ed6a89dca8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:06 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvigikvgURSN7H_mlK-kyhN7kvr68s8rntkewoTRmQtDmGwJuzAW4sg5P6uyxiBiv4ujjtEKKzIAlcJhhOXeorjFT60lAEX
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9907
last-modified: Tue, 30 Aug 2022 07:41:05 GMT
server: UploadServer
etag: "161bfe1228cd12a62fa6cb550058be44"
vary: Accept-Encoding
x-goog-hash: crc32c=d1CDfQ==, md5=Fhv+EijNEqYvpstVAFi+RA==
x-goog-generation: 1661845265644477
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 9907
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 31 Aug 2022 16:11:06 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 338ms
105ms Image
text/plain 107.22.163.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=5d31fb2628a06116ff22aef3&cid=5f4452d76e685a1c474b9879&cb=1661961966426&r=www.publinews.gt&stagid=62a37b4eabc9f014c02c6f24&stplid=62a21cd2219bc9403f4ec8d5&d35=&d65=&e=playerLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.22.163.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-163-220.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:06 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 47ms
18ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.publinews.gt%2F&domain=www.publinews.gt&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.publinews.gt
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 31 Aug 2022 16:06:05 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 249379
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.publinews.gt%2F&domain=www.publinews.gt&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=wBjFAnxhdkU5TG5yMU1vS3dYVzhkanBZREZCQXg5OGpJbzV3Nk9CZ3RybDNtQ0wyMGRSR0xEZjdSY2orbHRSSjhaeE5pellwWmZERWNJRnBNUEZqRVRFcUtaM0Jmc2ZkVGdlSFdibnhBTXh6RW44citCNS9QQkErMWp5UG...

358 B
645 B

50ms
18ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=wBjFAnxhdkU5TG5yMU1vS3dYVzhkanBZREZCQXg5OGpJbzV3Nk9CZ3RybDNtQ0wyMGRSR0xEZjdSY2orbHRSSjhaeE5pellwWmZERWNJRnBNUEZqRVRFcUtaM0Jmc2ZkVGdlSFdibnhBTXh6RW44citCNS9QQkErMWp5UGZtbnR1Wk5WcU1TL3l1c3R5SVdVNXZtV3BRd20xMTlCL3NGeWxlNmRISTFRS2Qwb0crVkRoNGFNZzRERytob3FFK0FxeEhadEN0dyt6enNleDI4eHVoZUdtVEI1bWt4QU1jNStpTGNrQmMvaGw1aVNkSXRUOVIrdTliL3p0czVpQUduTXg3T292fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

227a314f3031c4db177e143d7ad8db84ef7c26afd225ba46acb69916eb5e86b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:06 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1370553
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:05 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=wBjFAnxhdkU5TG5yMU1vS3dYVzhkanBZREZCQXg5OGpJbzV3Nk9CZ3RybDNtQ0wyMGRSR0xEZjdSY2orbHRSSjhaeE5pellwWmZERWNJRnBNUEZqRVRFcUtaM0Jmc2ZkVGdlSFdibnhBTXh6RW44citCNS9QQkErMWp5UGZtbnR1Wk5WcU1TL3l1c3R5SVdVNXZtV3BRd20xMTlCL3NGeWxlNmRISTFRS2Qwb0crVkRoNGFNZzRERytob3FFK0FxeEhadEN0dyt6enNleDI4eHVoZUdtVEI1bWt4QU1jNStpTGNrQmMvaGw1aVNkSXRUOVIrdTliL3p0czVpQUduTXg3T292fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 597389
content-length: 0
expires: 0

GET
H2 200 idp.min.js Show response
content.zeotap.com/sdk/ 55 KB
19 KB 56ms
30ms Script
application/javascript 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.zeotap.com/sdk/idp.min.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feb4fc467795a580abc9ca8be5f38bbec4cb85b1a5cd9c40743052acf912cf47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:06 GMT
content-encoding: br
cf-cache-status: HIT
age: 996
x-guploader-uploadid: ADPycdtoepWXZP7adLLZIi59BGIbOw7qbNv87Rc8Zu9XB5qsDReP--k3W6mVFZ_aSu5OTEnyQkVSm9F_7KrQpnoFQVUYpBgvS65c
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 08:59:03 GMT
server: cloudflare
etag: W/"ab1a346bb1160bca58c151a07ab8582b"
vary: Origin, Accept-Encoding
x-goog-hash: crc32c=ezzPYw==, md5=qxo0a7EWC8pYwVGgerhYKw==
x-goog-generation: 1645001943546675
cache-control: public,max-age=3600
x-goog-stored-content-length: 56329
cf-ray: 743702f28ac6913a-FRA

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
330 B 68ms
14ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31533571.ip-162-19-138.eu
Software: /
Resource Hash: cf6a8ff6049b54592b6f8edcf20367840487dcef9752866b18f4b5666b1cd97a

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.publinews.gt
date: Wed, 31 Aug 2022 16:06:05 GMT
transfer-encoding: chunked
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 549B 388 KB
110 KB 7ms
7ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 5968deed67db36c17098f115d0fd4318e4ef3616b6c3541da921599e64689040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:06 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdv9k9cVq92mzNjQVAEk3nvYbWP81vYa42IhLQcO_UqBEfQrr1FitHi7LAqfkL5AI4NrQPmuuFWEDYlCVibPbBi9eG6ZuaDm
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 111996
last-modified: Tue, 30 Aug 2022 07:41:05 GMT
server: UploadServer
etag: "39abf610a1c41bfb1963220128a9136d"
vary: Accept-Encoding
x-goog-hash: crc32c=ixGcvg==, md5=Oav2EKHEG/sZYyIBKKkTbQ==
x-goog-generation: 1661845265455307
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=300
x-goog-stored-content-length: 111996
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 31 Aug 2022 16:11:06 GMT

POST 231.json
id5-sync.com/g/v2/ 0
0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 69ms
22ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 31 Aug 2022 16:06:06 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 574802
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 track
track1.aniview.com/ 0
71 B 162ms
95ms Image
text/plain 107.22.163.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.publinews.gt&sn=&ic=0&tgt=0&app=&wi=300&he=169&test=&d36=6.2.52&apppkg=&fv=1&proto=https&clsid=d2cc4265-1c2c-4968-aba8-9bb63876c64c&rando=32&pid=5d31fb2628a06116ff22aef3&cid=5f4452d76e685a1c474b9879&stagid=62a37b4eabc9f014c02c6f24&stplid=62a21cd2219bc9403f4ec8d5&e=inventory&vi=100&cb=1661961966595
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.22.163.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-163-220.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:06 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 740 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 384 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 782 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 395 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 449 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 577 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 26 KB
4 KB 396ms
149ms XHR
application/json 54.157.211.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_TAGID=62a37b4eabc9f014c02c6f24&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&AV_CHANNELID=5f4452d76e685a1c474b9879&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.publinews.gt&AV_DADPOS=1&AV_PLACEMENT=5&AV_TAG=62a37b4eabc9f014c02c6f24&AV_TEMPLATE=62a21cd2219bc9403f4ec8d5&d36=6.2.52&responsive=1&sver=2&avtoken=966594&omv=1.0.1&clsid=d2cc4265-1c2c-4968-aba8-9bb63876c64c&rando=32&AV_WIDTH=300&AV_HEIGHT=169&AV_DNT=0&cb=1661961966619&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.157.211.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-211-237.compute-1.amazonaws.com
Software: /
Resource Hash: 25087cf907e314aab410aa9fb6cd62e06e1d473d6abdface89674adc3209eca8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:06 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache
access-control-allow-credentials: true
expires: Sat, 20 Aug 2022 02:19:26 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 19ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1JWRY3SKE9&gtm=2oe8t0&_p=305441450&cid=463825994.1661961962&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1661961961&sct=1&seg=0&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&en=scroll&epn.percent_scrolled=90&_et=58
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1JWRY3SKE9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
52ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082501&jk=3672797894874316&bg=!REelRwPNAAaXrHhMt6w7ACkAdvg8WroA4IxzwIG2y8sV4CthR9cSa6de2cQFXdikIckypccmhwEp5wIAAACUUgAAAAJoAQeZApYWCFBqga0c8qWjfxIKwGUVUg_8Qd4TeoAaZVLSY-_4FlcKQAD3x7PPZcPWoYIOeKBUEnx80UeWgDcWx9I7fBgI9WIJX23L3QtMYXrVtgOuiGu5Wmb4AciFe_SG_8H8Bzh2uCN0fZ_27O4-sAJpeHoOmlRtIflyT13ihwUqNTly-USxvXuvZlgO1wkx_m25E4DkoG4UDVbk3A6kmCl9jA8Mlh0dKk1e7o7qk_o7zshrc_-cq3N0LCIXEkYIj4YwmQLzNgCewZdIhVSMMqWvTnCyzndw80siC573o9zb6llEdDuocAjAn78A8DfH7lb8evAmpa33_H5a72p3ozFQCEwa5sucr70O8EoOMgyiYw9q7y3ok0Tm16XM9dqT3rTXkVVC1d0qT96uJgBDyGAD0M4IFJj2rT3qP3LGyauqpUu9Na32R5MmRid9fxgg2i15qALUkhnQFI8zRrOapfzzpEBBtzETy4_QpPko90ZylEBaFmSW0wAowmUaRtMr9gDVbB-JRWc1OSCn_HEe6bdldA7aDDD1DYjtXJZB0o7GUB5qp0J8hj24lIyvfwrEpTzvjD2rtr_LxmXtKhOc3otXUKOYWrvpUgOW4Z9VGS0GPd5LOqtfrPZfD-3_GHkYVhMeWGTUZWNy9Mf71RlJoSUtMmL0R0Z5bUoIuOtiI4opsRxw5OQoK_4EqBkIchNxrvpHbVzKMVBZJmHnpIRBHmDD306Ig9GNjzrx62HgyE_TfjPAv8UgK1uxcxXg044rXQwRzxy1DrhTllSt80DLLgsO0UlRXwKDxklnkhqKjsTH2PmOWpSQeO8ckl33DFwKW88iDcl_d4iVmYKXojxh2IY1Q7uxs22F-FC3jhjdHQE4H-LLDwgYU7ISKg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 26ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5QX73SF3RL&gtm=2oe8t0&_p=305441450&cid=463825994.1661961962&ul=en-us&sr=1600x1200&_eu=AI&_z=ccd.v9B&sid=1661961961&sct=1&seg=0&dl=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&dt=Noticias%2C%20Deportes%20y%20Espect%C3%A1culos%20de%20Guatemala%20y%20el%20Mundo%20%7C%20Publinews&_s=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5QX73SF3RL
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161774/6973/ Frame 549B 208 KB
64 KB 16ms
16ms Script
text/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161774/6973/pwt.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 568efc96387466861d25131636346187542ea3924ee342be4bf3e40dfcb11a73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:07 GMT
content-encoding: gzip
last-modified: Wed, 01 Jun 2022 17:42:40 GMT
server: Apache
etag: "198200e-33efe-5e0666a75f342"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=50218
accept-ranges: bytes
content-type: text/javascript
content-length: 64989
expires: Thu, 01 Sep 2022 06:03:05 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 5DE2 0
0 86ms
19ms Document
text/plain 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661961966918-927637325916-007641-011-001696%26biddername%3D18%26key%3D%24UID
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-origin: *
date: Wed, 31 Aug 2022 16:06:07 GMT
pod: X-Sovrn-Pod: ad_ap6ams1

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame CF09
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661961966918-927637325916-007641-011-001696%26bid...
https://sync.aniview.com/cookiesyncendpoint?auid=1661961966918-927637325916-007641-011-001696&biddername=200&key=OPTOUT

0
200 B

305ms
94ms

Document
text/plain

52.70.17.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1661961966918-927637325916-007641-011-001696&biddername=200&key=OPTOUT
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.17.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-17-67.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Wed, 31 Aug 2022 16:06:07 GMT

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Wed, 31 Aug 2022 16:06:07 GMT
etag: OPTOUT
expires: 0
location: https://sync.aniview.com/cookiesyncendpoint?auid=1661961966918-927637325916-007641-011-001696&biddername=200&key=OPTOUT
pragma: no-cache

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame BCD2
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661961966918-927637325916-007641-011-001696%26biddername%3D22%26key%3D%7BPUB_USE...
https://sync.aniview.com/cookiesyncendpoint?auid=1661961966918-927637325916-007641-011-001696&biddername=22&key=fb031ce9-699c-4d2d-bf51-d73ad8a25319

0
37 B

265ms
96ms

Document
text/plain

52.70.17.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1661961966918-927637325916-007641-011-001696&biddername=22&key=fb031ce9-699c-4d2d-bf51-d73ad8a25319
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.17.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-17-67.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Wed, 31 Aug 2022 16:06:07 GMT

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Wed, 31 Aug 2022 16:06:07 GMT
location: https://sync.aniview.com/cookiesyncendpoint?auid=1661961966918-927637325916-007641-011-001696&biddername=22&key=fb031ce9-699c-4d2d-bf51-d73ad8a25319
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 1AF6
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661961966918-927637325916-007641-011-001696%26biddername%3D56%26pid%3D59c9148628a0612da3689288%26key%...
https://sync.aniview.com/cookiesyncendpoint?auid=1661961966918-927637325916-007641-011-001696&biddername=56&pid=59c9148628a0612da3689288&key=f2ac55d9-9aa7-406a-a4cb-1495aba6b731

0
37 B

292ms
95ms

Document
text/plain

52.70.17.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1661961966918-927637325916-007641-011-001696&biddername=56&pid=59c9148628a0612da3689288&key=f2ac55d9-9aa7-406a-a4cb-1495aba6b731
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.17.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-17-67.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Wed, 31 Aug 2022 16:06:07 GMT

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 743702f63cc9906c-FRA
content-length: 0
date: Wed, 31 Aug 2022 16:06:07 GMT
location: https://sync.aniview.com/cookiesyncendpoint?auid=1661961966918-927637325916-007641-011-001696&biddername=56&pid=59c9148628a0612da3689288&key=f2ac55d9-9aa7-406a-a4cb-1495aba6b731
server: cloudflare

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 432C
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661961966918-927637325916-007641-011-001696%26bidderna...
https://sync.aniview.com/cookiesyncendpoint?auid=1661961966918-927637325916-007641-011-001696&biddername=10&pid=59c9148628a0612da3689288&key=Eiz7sAAQ4tha&ev=1&us_privacy=${us_privacy}&pid=562704

0
37 B

94ms
94ms

Document
text/plain

52.70.17.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1661961966918-927637325916-007641-011-001696&biddername=10&pid=59c9148628a0612da3689288&key=Eiz7sAAQ4tha&ev=1&us_privacy=${us_privacy}&pid=562704
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.17.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-17-67.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Wed, 31 Aug 2022 16:06:07 GMT

Redirect headers

cache-control: private, max-age=0, no-cache, no-store
content-language: de-DE
cw-server: bh-deployment-dd6bdcf45-lhxcf
expires: -1
location: https://sync.aniview.com/cookiesyncendpoint?auid=1661961966918-927637325916-007641-011-001696&biddername=10&pid=59c9148628a0612da3689288&key=Eiz7sAAQ4tha&ev=1&us_privacy=${us_privacy}&pid=562704
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET
H2 200 cm Show response
u.openx.net/w/1.0/ Frame 2BBE 43 B
128 B 39ms
26ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1661961966918-927637325916-007641-011-001696%26biddername%3D23%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-length: 56
content-type: text/html
date: Wed, 31 Aug 2022 16:06:07 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 avpb6.27.0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 549B 178 KB
54 KB 19ms
15ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:07 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvKvmWiVVXqMOFMSLysgndQnGEPDx0nqD6Zcajt4xV4bEb04CJXMqNHUIs2942eutasnP2Bj9JZdFOkzhuVmtgALSFXnhsL
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 54791
last-modified: Tue, 30 Aug 2022 07:41:06 GMT
server: UploadServer
etag: "f119bcda7895dcafdf1afb9e057db96a"
vary: Accept-Encoding
x-goog-hash: crc32c=g/uFjQ==, md5=8Rm82niV3K/fGvueBX25ag==
x-goog-generation: 1661845265993220
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 54791
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 31 Aug 2022 16:11:07 GMT

GET
H2 200 avpb6.27.0a0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 549B 73 KB
25 KB 31ms
28ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 57a18b6c18cc1cb382fc80abd6302ee9c092d472b15d257fd911d942e6def986

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:07 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtYvuvgdH0dvr3lYthE4-z56WhdGsx3Lhx58OIb-kR1-FhmFa_o7Tky_VENmRGteyhQR7-NSeDeZM9e-G9kxC9J3h43ums2
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 24663
last-modified: Tue, 30 Aug 2022 07:41:06 GMT
server: UploadServer
etag: "d58c8aa0ae95a47cd8d2b96d1378a627"
vary: Accept-Encoding
x-goog-hash: crc32c=zBdP+A==, md5=1YyKoK6VpHzY0rltE3imJw==
x-goog-generation: 1661845266160999
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 24663
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 31 Aug 2022 16:11:07 GMT

GET
H2 200 avpb6.27.0a1.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 549B 71 KB
22 KB 41ms
38ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a1.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:07 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdurohrl6uDs0_vddVf0UC67b2ByCU3sLBDWKIQzXDaZzT3JRf128I5yVA0gf9FSYAxo08WoIKuacg_hqwq_mL5Mjg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 22126
last-modified: Tue, 30 Aug 2022 07:41:06 GMT
server: UploadServer
etag: "5c353f7870f0b95d052916a0d375be59"
vary: Accept-Encoding
x-goog-hash: crc32c=xmKZqQ==, md5=XDU/eHDwuV0FKRag03W+WQ==
x-goog-generation: 1661845266168810
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 22126
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 31 Aug 2022 16:11:07 GMT

GET
H2 200 avpb6.27.0a3.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame 549B 66 KB
20 KB 42ms
39ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 737ecccfd5058eeb7a46e5ea9616822be78a60668342b22f2fcfae3130f7d8c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:07 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdv3uiVaM4yh7eB2c3bRObq1_Y7lUF0NYkfM1QG0ESzbxhYqneFkcZuWyPt9wG6JIW0x2G2uLoI0TwKLe7duHYDT8w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 20155
last-modified: Tue, 30 Aug 2022 07:41:06 GMT
server: UploadServer
etag: "395e7c9c54f101472de0d326d39eee5e"
vary: Accept-Encoding
x-goog-hash: crc32c=MDfEzg==, md5=OV58nFTxAUct4NMm057uXg==
x-goog-generation: 1661845266183553
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 20155
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 31 Aug 2022 16:11:07 GMT

GET
H2

200

vast.xml Show response
optimized-by.rubiconproject.com/a/api/
Redirect Chain

https://video-ads.rubiconproject.com/video/12948/312596/1590248/201/vast.xml?tg_c.language=es&rp_schain=1.0,1!latinon.com,2087,1,,,
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=312596&zone_id=1590248&size_id=201&tg_c.language=es&rp_schain=1.0%2C1%21latinon.com%2C2087%2C1%2C%2C%2C&p_aso.video.a...

28 B
671 B

408ms
105ms

Fetch
application/xml

3.122.208.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=312596&zone_id=1590248&size_id=201&tg_c.language=es&rp_schain=1.0%2C1%21latinon.com%2C2087%2C1%2C%2C%2C&p_aso.video.api=2&p_aso.video.mimes=application%2Fjavascript%2Cvideo%2Fmp4&tk_vpaid=1&cb=28529542.232179
Protocol: H2
Server: 3.122.208.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-208-137.eu-central-1.compute.amazonaws.com
Software: nginx/1.21.4 /
Resource Hash: a8fb181a797b4e48bb5d239ab5030f33ed65ebf339e38a5131ce966331226cef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:08 GMT
server: nginx/1.21.4
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-type: application/xml
content-length: 28
expires: Wed, 17 Sep 1975 21:32:10 GMT

Redirect headers

Date: Wed, 31 Aug 2022 16:06:07 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Location: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=312596&zone_id=1590248&size_id=201&tg_c.language=es&rp_schain=1.0%2C1%21latinon.com%2C2087%2C1%2C%2C%2C&p_aso.video.api=2&p_aso.video.mimes=application%2Fjavascript%2Cvideo%2Fmp4&tk_vpaid=1&cb=28529542.232179
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.publinews.gt
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 0

GET
H2 200 / Show response
onetag-sys.com/vast/57e618150c70d90/ 479 B
692 B 66ms
16ms Fetch
application/xml 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/vast/57e618150c70d90/?placement_id=190507835&placement_type=1&encoded_location_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&player_width=300&player_height=169&muted=1&autoplay=1&vpaid_supported=1&gdpr_consent_string=1&cbb=1961967035

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

d1395737dc86c70163a025aea31c989ccbc8c99dabb6a1d347b27c03d86e9846

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.publinews.gt
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/xml;charset=UTF-8
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 356

GET
H2 200 advast Show response
ice.360yield.com/ 27 B
242 B 41ms
39ms Fetch
application/xml 52.212.100.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/advast?p=22556513&w=16&h=9&player_width=300&player_height=169&referrer=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&schain=1.0,1!latinon.com,2087,1,,,!aniview.com,5d31fb2628a06116ff22aef3,1,,,&us_privacy=1---&GDPR=&cbb=1961967036
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.100.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-100-153.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: https://www.publinews.gt
date: Wed, 31 Aug 2022 16:06:07 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 track
track1.aniview.com/ 0
70 B 112ms
111ms Image
text/plain 107.22.163.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=22389&t=1661961966&cip=178.162.209.138&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1661961966918-927637325916-007641-011-001696&cha=0.7&stagid=62a37b4eabc9f014c02c6f24&stplid=62a21cd2219bc9403f4ec8d5&d35=&d36=6.2.52&cb=71246388677&d39=&d65=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=169&nid=5d31fb2628a06116ff22aef3&ncid=5f4452d76e685a1c474b9879&e=request&cb=1661961967037&asid=6250f5858cda5d14c60a666b%2C5e583b0828a06105212c3308%2C5e4aca1528a06178f4750a16%2C62d065d4402db17fd24fd864%2C62a105fbd99aaa52977a3ad6%2C621e56649c72bb64646a6007%2C614b5d12cc8c9824961a92b1%2C61929720db3611235a75f084%2C62696a383bb9733bf220f5f4%2C61dcbe8785e4c27ffc7abdc4&ofpr=0.1%2C0.3%2C%2C0.1%2C0.1%2C0.1%2C0.1%2C0.1%2C0.1%2C0.1&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.22.163.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-163-220.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:07 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 101ms
100ms Image
text/plain 107.22.163.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=22389&t=1661961966&cip=178.162.209.138&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1661961966918-927637325916-007641-011-001696&cha=0.7&stagid=62a37b4eabc9f014c02c6f24&stplid=62a21cd2219bc9403f4ec8d5&d35=&d36=6.2.52&cb=71246388677&d39=&d65=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=169&&copid=5d31fb2628a06116ff22aef3&nid=59c9148628a0612da3689288&cocid=5f4452d76e685a1c474b9879&ncid=5db803de28a061465a6e2f41&coasid=5db8052928a061555326a05e&e=request&cb=1661961967037&asid=5f4ba7502216727dc61b2e90%2C6144aa230cebf5605a7f98ce%2C6132225956a60e6ea97d89b8%2C5f4ba70bf46e4d6c61511abc&ofpr=0.5%2C%2C%2C0.65&fpo=%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.22.163.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-163-220.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:07 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 202ms
10ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.publinews.gt
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.publinews.gt
access-control-max-age: 600
age: 0
content-length: 0
date: Wed, 31 Aug 2022 16:06:07 GMT
server: ATS/9.1.10.25

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 104ms
31ms XHR
text/plain 198.47.127.22
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.publinews.gt
date: Wed, 31 Aug 2022 16:06:07 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 20ms
20ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.publinews.gt
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
581 B 209ms
139ms XHR
application/xml 2.23.97.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=31810354&componentId=prebid&componentSubId=mustang&timestamp=1661961967130&pKey=-486190129&schain=1.0%2C1!latinon.com%2C2087%2C1%2C%2C%2C&loc=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&playerSize=300x169
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.19 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 31 Aug 2022 16:06:07 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.publinews.gt
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1661961967220000-535
Expires: Wed, 31 Aug 2022 16:06:07 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 217ms
66ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:06 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
579 B 226ms
157ms XHR
application/xml 2.23.97.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=13706367&componentId=prebid&componentSubId=mustang&timestamp=1661961967131&pKey=-364196656&schain=1.0%2C1!latinon.com%2C2087%2C1%2C%2C%2C&loc=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&playerSize=300x169
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.19 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 31 Aug 2022 16:06:07 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.publinews.gt
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1661961967147067-537
Expires: Wed, 31 Aug 2022 16:06:07 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 18ms
18ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.publinews.gt
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 mvo Show response
tag.1rx.io/rmp/237356/0/ 0
164 B 69ms
16ms XHR
text/plain 213.19.147.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/237356/0/mvo?z=1r&hbv=6.27,2.1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.publinews.gt
pragma: no-cache
date: Wed, 31 Aug 2022 16:06:07 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ 0
196 B 105ms
87ms XHR
text/plain 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.publinews.gt/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.publinews.gt
date: Wed, 31 Aug 2022 16:06:07 GMT
access-control-allow-credentials: true
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
410 B 94ms
11ms XHR
application/json 3.65.16.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.16.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-16-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 3864d89738bb725b06cbb3ea5d54b4cfde14dc2d65c0ca610289ff933a3a97fe

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:07 GMT
content-encoding: gzip
x-prebid: pbs-java/1.97.0
content-type: application/json
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 19ms
19ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.publinews.gt
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 892 B
696 B 93ms
23ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUK67P42
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 28ddfd4aaec48d0ff26b5432ddec1292d813aa1dfcab5975e7b807b8392df7f6

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:07 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET ads
googleads.g.doubleclick.net/pagead/ 0
0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 91D2 15 KB
6 KB 10ms
9ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161774
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=31016
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 31 Aug 2022 16:06:07 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 01 Sep 2022 00:43:03 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame D923 22 KB
8 KB 83ms
27ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUK67P42&prvid=99%2C77%2C56%2C2034%2C2031%2C2030%2C175%2C157%2C2028%2C2027%2C4%2C159%2C10000%2C80%2C9%2C109%2C82%2C97&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

602e7dc7da2f0a68503b52747ebeec1d664f050b3ede24bb6f9f21629ebebca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8118
content-type: text/html; charset=UTF-8
date: Wed, 31 Aug 2022 16:06:08 GMT
expires: Fri, 02 Sep 2022 16:06:08 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 204 /
onetag-sys.com/usync/ Frame 6209 0
0 16ms
16ms Document
text/plain 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1661961967165

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2D42 281 B
573 B 90ms
21ms Document
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.publinews.gt/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 31 Aug 2022 16:06:08 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=8bf4aa7488dec68eb40dfff52f6b99&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l2310_7138072299756007080&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
265 B

117ms
34ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Wed, 31 Aug 2022 16:06:08 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1661961968195054-562
Expires: Wed, 31 Aug 2022 16:06:08 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 91D2 0
39 B 19ms
19ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=14751901&p=161774&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161774
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:07 GMT
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2D42 31 KB
10 KB 19ms
19ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bbe8560826479959291cf70d3080f513bd35cc48126cf13dd43f6ffcec28907d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 16:06:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=31788
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Thu, 01 Sep 2022 00:55:56 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 2D42 284 B
536 B 47ms
10ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/jpg

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 15ms
13ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.publinews.gt%2F&domain=www.publinews.gt&bundle=PGZF-l9lamk4Z1VDdHRBMnl5UnFUZyUyRjltUmg1ZEU4JTJCZFZicVRlRTROalp4dkVVRDNjJTJGdndmNFBYT1dwMngzZzN6bVlmOVpMYkRUQmVZaHY4MFRzNzVaejAlMkJrbHFFWlQ1S0JPdXBTdUJVVndETDRnQjIlMkIyeGN3cVRTekIlMkZaTkh6MmczdQ&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.publinews.gt
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 31 Aug 2022 16:06:08 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 624422
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.publinews.gt%2F&domain=www.publinews.gt&bundle=PGZF-l9lamk4Z1VDdHRBMnl5UnFUZyUyRjltUmg1ZEU4JTJCZFZicVRlRTROalp4dkVVRDNjJTJGdnd...
https://mug.criteo.com/sid?cpp=OkIjnHx3YTJScmZZc3RaUnp3UVJDek9sS3dTVVcvVUVpRkUvcWUySFN6dll4SnpQRUR2b1d3enh4MzRTa3graWk2cW8vTU5xSWRYKzljSVAybTgxT1lkOVFpNzZNazNqR2ZjVEpvWFdQcjd6R1p3dTErcUtrb0hHdGhrTn...

348 B
641 B

70ms
70ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=OkIjnHx3YTJScmZZc3RaUnp3UVJDek9sS3dTVVcvVUVpRkUvcWUySFN6dll4SnpQRUR2b1d3enh4MzRTa3graWk2cW8vTU5xSWRYKzljSVAybTgxT1lkOVFpNzZNazNqR2ZjVEpvWFdQcjd6R1p3dTErcUtrb0hHdGhrTnNKU3RSOVVIc0RHSEIvclhhTU1PRU9IamhWMGVBWml3dm9iL1FRZjdFQXplald6OFZMbHdpb1ZLYXFTNzFZNkozLzkvTmdtVlhkRWtvR2VTL0hJQVhONk9qcDJjakY3a2FaN1NzSG5SdG9laXRaS0JPeFRSQTBuMkpiS3AvT0FBQkNidDNpS3pYfA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

500ddb4a3820f56ca0b2accfc6d9976c6139c03cd4de8a4b02858793c1149e86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:08 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1373046
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:08 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=OkIjnHx3YTJScmZZc3RaUnp3UVJDek9sS3dTVVcvVUVpRkUvcWUySFN6dll4SnpQRUR2b1d3enh4MzRTa3graWk2cW8vTU5xSWRYKzljSVAybTgxT1lkOVFpNzZNazNqR2ZjVEpvWFdQcjd6R1p3dTErcUtrb0hHdGhrTnNKU3RSOVVIc0RHSEIvclhhTU1PRU9IamhWMGVBWml3dm9iL1FRZjdFQXplald6OFZMbHdpb1ZLYXFTNzFZNkozLzkvTmdtVlhkRWtvR2VTL0hJQVhONk9qcDJjakY3a2FaN1NzSG5SdG9laXRaS0JPeFRSQTBuMkpiS3AvT0FBQkNidDNpS3pYfA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 286789
content-length: 0
expires: 0

POST 1119.json
id5-sync.com/g/v2/ 0
0

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
338 B 140ms
64ms XHR
application/json 52.30.246.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161774/6973/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.246.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-246-43.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 002c486841f883136e8604368fe546ff0db5d23e13d9e32c4538144635bd38af

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:09 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache
x-server: 10.45.18.12
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
390 B 33ms
33ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161774/6973/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 4a7b1ad015c77adc2e4709459a2f95439b748cc5cdae5289ea43574c9d8c02f0

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 31 Aug 2022 16:06:09 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.publinews.gt
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Fri, 30 Sep 2022 16:06:09 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 20ms
20ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 31 Aug 2022 16:06:08 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 384505
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 1651e19e4156ba9c441b0295aa33da49.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/ Frame 249C 38 KB
38 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/1651e19e4156ba9c441b0295aa33da49.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4a35db5faffafaa894fb7f1e6b9c130d9688d0c7e9736958956f1d97ea6b42

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 49306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38874
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 31 Aug 2022 02:24:23 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 02:24:23 GMT

GET
H3 200 1651e19e4156ba9c441b0295aa33da49.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/ Frame B3D5 38 KB
38 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/1651e19e4156ba9c441b0295aa33da49.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4a35db5faffafaa894fb7f1e6b9c130d9688d0c7e9736958956f1d97ea6b42

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 49307
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38874
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 31 Aug 2022 02:24:23 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 31 Aug 2023 02:24:23 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 286ms
95ms XHR
text/plain 107.22.163.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=22389&t=1661961966&cip=178.162.209.138&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1661961966918-927637325916-007641-011-001696&cha=0.7&stagid=62a37b4eabc9f014c02c6f24&stplid=62a21cd2219bc9403f4ec8d5&d35=&d36=6.2.52&cb=71246388677&d39=&d65=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=169
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d31fb2628a06116ff22aef3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.22.163.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-163-220.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 31 Aug 2022 16:06:11 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 11ms
11ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.publinews.gt
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.publinews.gt
access-control-max-age: 600
age: 0
content-length: 0
date: Wed, 31 Aug 2022 16:06:13 GMT
server: ATS/9.1.10.25

GET
H2

200

vast.xml Show response
optimized-by.rubiconproject.com/a/api/
Redirect Chain

https://video-ads.rubiconproject.com/video/12948/312596/1590248/201/vast.xml?tg_c.language=es&rp_schain=1.0,1!latinon.com,2087,1,,,
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=312596&zone_id=1590248&size_id=201&tg_c.language=es&rp_schain=1.0%2C1%21latinon.com%2C2087%2C1%2C%2C%2C&p_aso.video.a...

28 B
377 B

113ms
113ms

Fetch
application/xml

3.122.208.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=312596&zone_id=1590248&size_id=201&tg_c.language=es&rp_schain=1.0%2C1%21latinon.com%2C2087%2C1%2C%2C%2C&p_aso.video.api=2&p_aso.video.mimes=application%2Fjavascript%2Cvideo%2Fmp4&tk_vpaid=1&cb=28529542.232179
Protocol: H2
Server: 3.122.208.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-208-137.eu-central-1.compute.amazonaws.com
Software: nginx/1.21.4 /
Resource Hash: a8fb181a797b4e48bb5d239ab5030f33ed65ebf339e38a5131ce966331226cef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:13 GMT
server: nginx/1.21.4
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: null
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-type: application/xml
content-length: 28
expires: Wed, 17 Sep 1975 21:32:10 GMT

Redirect headers

Date: Wed, 31 Aug 2022 16:06:13 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Location: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=12948&site_id=312596&zone_id=1590248&size_id=201&tg_c.language=es&rp_schain=1.0%2C1%21latinon.com%2C2087%2C1%2C%2C%2C&p_aso.video.api=2&p_aso.video.mimes=application%2Fjavascript%2Cvideo%2Fmp4&tk_vpaid=1&cb=28529542.232179
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.publinews.gt
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Accept-Charset,X-Accept,Content-Type
Content-Length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 96ms
96ms Image
text/plain 107.22.163.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=22389&t=1661961966&cip=178.162.209.138&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1661961966918-927637325916-007641-011-001696&cha=0.7&stagid=62a37b4eabc9f014c02c6f24&stplid=62a21cd2219bc9403f4ec8d5&d35=&d36=6.2.52&cb=71246388677&d39=&d65=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=169&nid=5d31fb2628a06116ff22aef3&ncid=5f4452d76e685a1c474b9879&e=request&cb=1661961973349&asid=6250f5858cda5d14c60a666b%2C5e4aca1528a06178f4750a16%2C5e583b0828a06105212c3308%2C62d065d4402db17fd24fd864%2C61929720db3611235a75f084%2C614b5d12cc8c9824961a92b1%2C61dcbe8785e4c27ffc7abdc4%2C621e56649c72bb64646a6007%2C62696a383bb9733bf220f5f4%2C62a105fbd99aaa52977a3ad6&ofpr=0.1%2C%2C0.3%2C0.1%2C0.1%2C0.1%2C0.1%2C0.1%2C0.1%2C0.1&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.22.163.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-163-220.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:13 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 99ms
98ms Image
text/plain 107.22.163.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.publinews.gt&rs=www.publinews.gt&sid=22389&t=1661961966&cip=178.162.209.138&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=300&he=169&app=&AV_PUBLISHERID=5d31fb2628a06116ff22aef3&test=&aafaid=&proto=https&uid=1661961966918-927637325916-007641-011-001696&cha=0.7&stagid=62a37b4eabc9f014c02c6f24&stplid=62a21cd2219bc9403f4ec8d5&d35=&d36=6.2.52&cb=71246388677&d39=&d65=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=300&AV_HEIGHT=169&&copid=5d31fb2628a06116ff22aef3&nid=59c9148628a0612da3689288&cocid=5f4452d76e685a1c474b9879&ncid=5db803de28a061465a6e2f41&coasid=5db8052928a061555326a05e&e=request&cb=1661961973349&asid=5f4ba7502216727dc61b2e90&ofpr=0.5&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.22.163.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-163-220.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.publinews.gt/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:06:13 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 30ms
30ms XHR
text/plain 198.47.127.22
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.22 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.publinews.gt
date: Wed, 31 Aug 2022 16:06:12 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 892 B
556 B 28ms
28ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUK67P42
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: c86d9865eeeb2c9aa44616bc958439a4ff37554c2219db4af7ab711dc4edbfc5

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:13 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
558 B 57ms
57ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:13 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 17ms
17ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.publinews.gt
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ 0
42 B 159ms
159ms XHR
text/plain 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.publinews.gt/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.publinews.gt
date: Wed, 31 Aug 2022 16:06:13 GMT
access-control-allow-credentials: true
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
1 KB 136ms
135ms XHR
application/xml 2.23.97.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=31810354&componentId=prebid&componentSubId=mustang&timestamp=1661961973360&pKey=-485383757&schain=1.0%2C1!latinon.com%2C2087%2C1%2C%2C%2C&loc=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&playerSize=300x169
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.19 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 31 Aug 2022 16:06:13 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.publinews.gt
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1661961973308066-574
Expires: Wed, 31 Aug 2022 16:06:13 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/237356/0/ 0
164 B 54ms
26ms XHR
text/plain 213.19.147.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/237356/0/mvo?z=1r&hbv=6.27,2.1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.publinews.gt
pragma: no-cache
date: Wed, 31 Aug 2022 16:06:13 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
409 B 12ms
12ms XHR
application/json 3.65.16.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.16.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-16-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8b68be538ba98fc3032d78c238f015510ea1f59bf144f105a80a26442413408f

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 31 Aug 2022 16:06:13 GMT
content-encoding: gzip
x-prebid: pbs-java/1.97.0
content-type: application/json
access-control-allow-origin: https://www.publinews.gt
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 16ms
16ms XHR
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.publinews.gt
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
1 KB 144ms
144ms XHR
application/xml 2.23.97.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=13706367&componentId=prebid&componentSubId=mustang&timestamp=1661961973363&pKey=-363390282&schain=1.0%2C1!latinon.com%2C2087%2C1%2C%2C%2C&loc=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&playerSize=300x169
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.97.19 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-97-19.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://www.publinews.gt/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 31 Aug 2022 16:06:13 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.publinews.gt
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1661961973310076-572
Expires: Wed, 31 Aug 2022 16:06:13 GMT

GET dc_oe=ChMIxb6i47rx-QIVjYt3Ch1oxQSSEAAYACCD_sxSQhMIxOmC47rx-QIVQqN3Ch3K5w3j;met=1;&timestamp=1661961973773;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 5E3E 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: id5-sync.com
URL: https://id5-sync.com/g/v2/231.json

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto

Domain: id5-sync.com
URL: https://id5-sync.com/g/v2/1119.json

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIxb6i47rx-QIVjYt3Ch1oxQSSEAAYACCD_sxSQhMIxOmC47rx-QIVQqN3Ch3K5w3j;met=1;&timestamp=1661961973773;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.publinews.gt/	1970-01-20 15:15:21	Name: _ga_1JWRY3SKE9 Value: GS1.1.1661961961.1.0.1661961961.60.0.0
.mgid.com/	1970-01-20 05:39:23	Name: __cf_bm Value: MDndC0RL8ySzr0s8gLmBSaDrsBPagHMT.xLBE8m53Xs-1661961961-0-AfAm6jCtvfVRvr3EfNj56c2H679bKxFA1GntnPczsHE0zgkqPR6cwMh2RlZp0DOHxCMG6on6iq//BRCsq/qKdmc=
.publinews.gt/	1970-01-20 15:15:21	Name: _ga Value: GA1.2.463825994.1661961962
.publinews.gt/	1970-01-20 05:40:48	Name: _gid Value: GA1.2.298483430.1661961962
.publinews.gt/	1970-01-20 05:39:22	Name: _gat_gtag_UA_53456215_1 Value: 1
.publinews.gt/	1970-01-20 05:39:22	Name: _gat_gtag_UA_90285_12 Value: 1
.publinews.gt/	1970-01-20 05:39:22	Name: _gat_gtag_UA_52170176_1 Value: 1
.publinews.gt/	1970-01-20 05:39:22	Name: _gat_UA-53456215-1 Value: 1
.publinews.gt/	1970-01-20 05:39:22	Name: _gat_UA-52170176-1 Value: 1
.publinews.gt/	1970-01-20 05:39:22	Name: _gat_UA-90285-12 Value: 1
cdn.firstimpression.io/	1970-01-20 14:24:57	Name: OAID Value: GDPR
.doubleclick.net/	1970-01-20 15:00:57	Name: IDE Value: AHWqTUkmMgHhiBpJuMtqXyfYcYp77x7hfgSdHAfilSKF1AhtUIl0eHb8fGtgr11_ZBU
adserver.latinon.com/	1969-12-31 23:59:59	Name: OAGEO Value: 2%7CDE%7CEU%7C1%7C%7C%7C51.2993%7C9.491%7C200%7CEurope%2FBerlin%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
.casalemedia.com/	1970-01-20 14:24:57	Name: CMID Value: Yw.G6kGj6AJO3OUoCkFB.wAA
.casalemedia.com/	1970-01-20 07:48:57	Name: CMPS Value: 5140
.casalemedia.com/	1970-01-20 07:48:57	Name: CMPRO Value: 5140
.adnxs.com/	1970-01-20 07:48:57	Name: uuid2 Value: 4611075432042694611
.adnxs.com/	1970-01-20 07:48:57	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>5u:HiZ!]tbPl1M>e)ZlrFUfJ+tGXxouOxA0JSd>AYLK!l$HO+GM>qvLjQ<94OM8FQ%bpRzqF1`b`(J+LwR
.publinews.gt/	1970-01-20 15:00:57	Name: __gads Value: ID=cd6cea47d8f1844f-22624d350ece00c3:T=1661961961:S=ALNI_MYhbPUZKpL9xsGhL41Fb8gMU0_Kuw
.publinews.gt/	1970-01-20 15:15:21	Name: _ga_5QX73SF3RL Value: GS1.1.1661961961.1.0.1661961963.58.0.0
.quantserve.com/	1970-01-20 07:48:57	Name: d Value: EEABCQH-JoEA
.quantserve.com/	1970-01-20 15:09:36	Name: mc Value: 630f86eb-5bbca-f57ae-511ff
.casalemedia.com/	1970-01-20 07:48:57	Name: CMTS Value: 5157
.yahoo.com/	1970-01-20 14:25:19	Name: A3 Value: d=AQABBOuGD2MCEBTq8K3zn8fWLxl3emEMzlQFEgEBAQHYEGMZYwAAAAAA_eMAAA&S=AQAAAjw0deztTEJwAMAUBTak_vk
.rfihub.com/	1970-01-20 15:00:57	Name: rud Value: H4sIAAAAAAAA_-MSNjM2NbMwMDAzNTEzMzAyMDG3NBHiM9T1ME60cI0qybIsT84AALqF92ElAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129dctKjJ0d60o1y3P8XMuqghICjV1dQQARTe5nR4AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjM2NbMwMDAzNTEzMzAyMDG3NBHiM9T1ME60cI0qybIsT84AALqF92ElAAAA
.rfihub.com/	1970-01-20 15:00:57	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129dctKjJ0d60o1y3P8XMuqghICjV1dQziNTQzM7QEIWMTM4NXjKh8AGxYGLc9AAAA
.doubleclick.net/	1970-01-20 05:39:25	Name: DSID Value: NO_DATA
.analytics.yahoo.com/	1970-01-20 14:24:57	Name: IDSYNC Value: 18yx~26wg
.360yield.com/	1970-01-20 07:48:57	Name: tuuid Value: fb031ce9-699c-4d2d-bf51-d73ad8a25319
.360yield.com/	1970-01-20 07:48:57	Name: tuuid_lu Value: 1661961963
.redintelligence.net/	1970-01-20 07:48:57	Name: 8lcfmzhxc8d6_uid Value: 3f6414c78d83f6a8
pb.media01.eu/	1970-01-20 15:15:21	Name: DTU Value: C8C313C31D9884818404E67C66FB28CF
adserver.latinon.com/	1970-01-20 14:24:57	Name: OAID Value: 01000111010001000101000001010010
www.publinews.gt/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1129387%22%3A%7B%22page%22%3A1%2C%22time%22%3A1661961966259%7D%7D
www.publinews.gt/	1970-01-20 06:22:33	Name: _pbjs_userid_consent_data Value: 3524755945110770
.publinews.gt/	1970-01-20 14:24:57	Name: zpstorage_MA%3D%3Dconsentpublinews.gt Value: eyJyZXNvbHZlZCI6dHJ1ZSwiY29uc2VudFN0cmluZyI6IiIsImdkcHJBcHBsaWVzIjpmYWxzZSwidHJhY2siOnRydWUsImlkZW50aWZ5Ijp0cnVlLCJjb29raWVTeW5jIjp0cnVlLCJ2ZW5kb3JDb25zZW50Ijp0cnVlfQ%3D%3D
www.publinews.gt/	1970-01-20 15:00:57	Name: cto_bidid Value: LnGeVV9uQ2FzcE50ZXlMTVRLQUloOFZMZTR0MjVvSEJpRTNCNk9oJTJCOFZRU0UyWkNubm00eGRxWWR3QyUyQmMwcSUyQjExVFhBYklvRWJqWGlIJTJGZ3hpS1ltUW92cjRRJTNEJTNE
www.publinews.gt/	1970-01-20 15:00:57	Name: cto_bundle Value: PGZF-l9lamk4Z1VDdHRBMnl5UnFUZyUyRjltUmg1ZEU4JTJCZFZicVRlRTROalp4dkVVRDNjJTJGdndmNFBYT1dwMngzZzN6bVlmOVpMYkRUQmVZaHY4MFRzNzVaejAlMkJrbHFFWlQ1S0JPdXBTdUJVVndETDRnQjIlMkIyeGN3cVRTekIlMkZaTkh6MmczdQ
.aniview.com/	1970-01-20 06:08:09	Name: aniC Value:
.publinews.gt/	1970-01-20 09:58:33	Name: _pubcid Value: fad035c1-5fc5-4cc6-9164-738cfdb8c1a6
.csync.loopme.me/	1970-01-20 07:50:24	Name: viewer_token Value: f2ac55d9-9aa7-406a-a4cb-1495aba6b731
ads.stickyadstv.com/	1970-01-20 06:22:33	Name: UID Value: 8bf4aa7488dec68eb40dfff52f6b99
.aniview.com/	1970-01-20 05:40:48	Name: 2_C_200 Value: OPTOUT
sync.aniview.com/	1970-01-20 05:40:48	Name: 2_C_200 Value: OPTOUT
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 0c643b0c012d0309
.ads.stickyadstv.com/	1969-12-31 23:59:59	Name: updated Value: 1
.ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: e5032f76e1de77724e75612c53cf9be
.ads.stickyadstv.com/	1970-01-20 06:22:33	Name: UID Value: 8bf4aa7488dec68eb40dfff52f6b99
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: e5032f76e1de77724e75612c53cf9be
.fwmrm.net/	1970-01-20 09:58:33	Name: _uid Value: "l2310_7138072299756007080"
.ads.stickyadstv.com/	1970-01-20 07:05:45	Name: uid-bp-36033 Value: l2310_7138072299756007080
.ads.stickyadstv.com/	1970-01-20 07:05:45	Name: MRM_UID Value: l2310_7138072299756007080
ads.stickyadstv.com/	1970-01-20 07:05:45	Name: uid-bp-36033 Value: l2310_7138072299756007080
ads.stickyadstv.com/	1970-01-20 07:05:45	Name: MRM_UID Value: l2310_7138072299756007080
.rubiconproject.com/	1970-01-20 14:24:57	Name: khaos Value: L7HT8TWY-C-6D1F
.rubiconproject.com/	1970-01-20 14:24:57	Name: audit Value: 1\|hLZGFuTafB058fUQee97hrWA+H3YXdcBZnc83WbiLoNclswXOz+c4j4qU5i/OZ85oHEYQm0jtgnMboWaW1ii7R8Ia7lI5uZ/
www.publinews.gt/	1970-01-20 05:39:25	Name: _lr_retry_request Value: true
www.publinews.gt/	1970-01-20 06:22:33	Name: _lr_env_src_ats Value: false
www.publinews.gt/	1970-01-20 07:05:45	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-08-31T16%3A06%3A09%22%7D
.publinews.gt/	1970-01-20 15:00:57	Name: cto_bundle Value: Z95Pvl9lamk4Z1VDdHRBMnl5UnFUZyUyRjltUnM0REpDeGZWdVdPJTJCdnQ3UjZJQng1dmNRaG1YTG1nWVRXdThDZ3N6cnptVDNPbHphVW4wQlFrZDdTeHRSSVB4c3glMkY2bG5pc0JVekJsSDZ3ekVZWFNlZXkwM0cxYnBYUFZqb2RycEl6enBJUA
.www.publinews.gt/	1970-01-20 15:00:57	Name: cto_bundle Value: Z95Pvl9lamk4Z1VDdHRBMnl5UnFUZyUyRjltUnM0REpDeGZWdVdPJTJCdnQ3UjZJQng1dmNRaG1YTG1nWVRXdThDZ3N6cnptVDNPbHphVW4wQlFrZDdTeHRSSVB4c3glMkY2bG5pc0JVekJsSDZ3ekVZWFNlZXkwM0cxYnBYUFZqb2RycEl6enBJUA
.publinews.gt/	1970-01-20 15:00:57	Name: cto_bidid Value: qxetY19uQ2FzcE50ZXlMTVRLQUloOFZMZTR0MjVvSEJpRTNCNk9oJTJCOFZRU0UyWkNubm00eGRxWWR3QyUyQmMwcSUyQjExVFhBbDdqdHFUZzJ5c0oyMGpSY2ZwTWZaQSUzRCUzRA
.www.publinews.gt/	1970-01-20 15:00:57	Name: cto_bidid Value: qxetY19uQ2FzcE50ZXlMTVRLQUloOFZMZTR0MjVvSEJpRTNCNk9oJTJCOFZRU0UyWkNubm00eGRxWWR3QyUyQmMwcSUyQjExVFhBbDdqdHFUZzJ5c0oyMGpSY2ZwTWZaQSUzRCUzRA
.publinews.gt/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1662048369183

34 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082501.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11) Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/3163706257327840831/index.html".
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/3163706257327840831/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/3163706257327840831/index.html".
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4Dfp2G8FXLMmEjWLwdPU4ePBjyztCfH19ZqiNY6Uy8TpMWGdS1jSb0S4Gt0etjWdjaSc4Ln4Px_PdqA8YVFMfK4-aRBIQ&google_gid=CAESEMr19Ad6vyaEEA5m2NrvbmI&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECloXzXmKhYK_th1-lGr_yA&google_cver=1&google_push=AehlK4AnBNtY6Hy9F0LePdlYMFIfvDQCiOl4067S1MZRA1TCD9xnB1mNTbBuTHUgqRgnxIYApogSdm2_Rys-ha25tBbQP9IGzFIN Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://id5-sync.com/g/v2/231.json Message: Failed to load resource: net::ERR_CONNECTION_RESET
javascript	error	URL: https://www.publinews.gt/gt/ Message: Access to fetch at 'https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto' from origin 'https://www.publinews.gt' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.publinews.gt/gt/ Message: Access to fetch at 'https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto' from origin 'https://www.publinews.gt' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-3769010358500643&slotname=57e618150c70d90_video_27_190507835&ad_type=video&description_url=https%3A%2F%2Fwww.publinews.gt%2Fgt%2F&max_ad_duration=30000&videoad_start_delay=0&vpmute=1&vpa=auto Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://id5-sync.com/g/v2/1119.json Message: Failed to load resource: net::ERR_CONNECTION_RESET
javascript	error	URL: https://www.publinews.gt/gt/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.publinews.gt' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
a.rfihub.com
a.teads.tv
abs-0.twimg.com
abs.twimg.com
ad.360yield.com
ad.doubleclick.net
ade.googlesyndication.com
ads.emisorasunidas.com
ads.pubmatic.com
ads.stickyadstv.com
adserver.latinon.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.rlcdn.com
at.teads.tv
bh.contextweb.com
c.amazon-adsystem.com
c.mgid.com
c2shb.pubgw.yahoo.com
cdn-images.mailchimp.com
cdn.firstimpression.io
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.mgid.com
cm.g.doubleclick.net
cm.mgid.com
cms.quantserve.com
content.zeotap.com
contextual.media.net
csync.loopme.me
dsum-sec.casalemedia.com
dt.adsafeprotected.com
ecdn.analysis.fi
ecdn.firstimpression.io
eus.rubiconproject.com
f2049c3be0407d1ea696664492bdfce7.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90003.redintelligence.net
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
jsc.mgid.com
lb.eu-1-id5-sync.com
match.360yield.com
match.adsrvr.org
medialead.de
mug.criteo.com
onetag-sys.com
optimized-by.rubiconproject.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pbs.twimg.com
pixel.everesttech.net
pixel.rubiconproject.com
platform.twitter.com
player.aniview.com
prebid-server.rubiconproject.com
prebid.media.net
prg.smartadserver.com
pv.medialead.de
region1.analytics.google.com
rtb.openx.net
s-img.mgid.com
s0.2mdn.net
securepubads.g.doubleclick.net
servicer.mgid.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.publinews.gt
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.aniview.com
sync.teads.tv
syndication.twitter.com
t.teads.tv
tag.1rx.io
tag.escalated.io
tg1.aniview.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
video-ads.rubiconproject.com
widgets.outbrain.com
www.ad-server.eu
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.publinews.gt
ade.googlesyndication.com
api.rlcdn.com
googleads.g.doubleclick.net
id5-sync.com
104.103.108.241
104.18.19.126
104.244.42.8
104.244.43.131
104.96.145.246
107.22.163.220
138.201.63.117
138.201.64.38
142.250.181.230
142.250.184.226
142.250.186.162
144.76.115.197
145.239.193.130
151.101.2.49
162.19.138.120
172.217.18.98
178.250.0.157
18.134.84.19
18.156.195.47
18.66.122.74
18.66.127.89
18.66.97.24
185.64.190.78
185.86.137.114
185.89.210.46
193.0.160.128
198.148.27.139
198.47.127.22
2.18.232.7
2.18.235.93
2.21.185.80
2.23.97.19
2001:4860:4802:34::36
213.19.147.42
213.19.147.45
216.52.2.30
23.35.229.56
23.35.236.201
23.47.209.72
2600:1480:4000:e5::
2600:1f13:800:7782:a37b:72d7:d9a0:3f1f
2600:9000:223f:f000:8:48e:53c0:93a1
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:1857
2606:4700:10::ac43:266a
2606:4700:1::6813:864e
2606:4700:1::6813:884e
2606:4700::6813:ad6c
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:803::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c06::9b
2a02:2638:1::13
2a02:26f0:3500:58c::2c79
2a02:26f0:3500:595::2c79
2a04:4e42:600::485
3.122.208.137
3.126.56.137
3.33.220.150
3.65.16.214
34.107.148.139
34.98.64.218
35.186.253.211
35.244.174.68
49.12.125.168
51.38.120.206
52.17.139.148
52.212.100.153
52.222.209.55
52.30.246.43
52.70.17.67
54.154.5.146
54.157.211.237
54.76.176.197
54.78.253.158
64.227.27.145
69.173.144.138
69.173.144.165
88.198.250.30
94.23.99.218
002c486841f883136e8604368fe546ff0db5d23e13d9e32c4538144635bd38af
01e4cf6fb67b99d8941a2b22c97fb7731c252a251464b0ef213186265926f48f
02007cb9ea5401983a0a4a34d08c1a57c75484d0852194291e124c94b848d474
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03187f74e9a4ce55f6a7474ff78d6487d56293723726faca10245a3c9f30de06
048dc69d73f3ad0096a139da264b1aef01ec8b90b877d6e6515d08b14054bd53
0527094a14ae07f5261f23217802d0d9175fb4451727954adea8c3a46b82d678
06e0998bb8c350d47471adeaf521b8d9e6c75a24c6bb5426dbdb24ad86ddfa81
07253e76af1894dfbbca9fddb53ed63c85e95d1b55ff082b7e469baef6a984d4
09d066e51f3699727a7533bdbe741b2aef7033a2d30f9a10f0ca730cd82fd4b1
0b1e3fa98eb243884f760147e9304bc32541d99e61a4382e3cdc66f2a9121abb
0b3dd0a1bdd753cdbea07156fe5299f690e783f08353a500b05b80210d74f9a6
0b646f6a0117000d7a12cb08668222c21cd3ae0194b31cb4a12a60547171e380
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd39d4aa299fec073c89d8410eba716cd0e30eadcc3fb790e97f0b32f52c014
0da563d8fc4e14fac20984e96e83406f2554ee1bef09f5de660a7662c1713ecc
0decddc06b93f573dc4d1d51522ac0c4634d599a848946a7a8793a98f3f4ef56
0e53fe7669a287b3f57bb942dcf1a1fc61c969891ddce211874c475996f8a029
0f5e3f3cdc5c53c1abc30a8519e086fed3793f2f580ecee4a9b34fc2c40d8892
0f8794ef6a720afcd13b0681fd4d770447a5095d7e60330c52762bc8083d7953
0ff7037954a24b7731d5a03a63186a85b4a7198516650a00fb3cd0620d7d06e2
11c06de8ef1ec20c136bdfdd382c33b766a571ab8054d1ac9986c3ad153e9514
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12eb11b49335fcd72288d5dc1aacfc8e3b75597ecda77971f873a05babe613de
142285bd07a14ae41f00f7a4abfb34d050e788f6d64e3935fda159cef378acab
153c9c0218fd6251059d6883c4918f3b7b9bf960b069880906f11be3c929f40f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a6e4d2e32c765f09b7df419485600a75821cf5b703c6d66107cd27021fe6fba
1adf337204d2f4cee5264b18e3212be7a93cd619c705e30bf89a3d27192b77f6
1b15e526bc6cb6b3e03ab22a6c585f1ca05e34bbee1be501676126492fb3c8a8
1baadc9204bcfe5d648f9a2181c2ea2f1795be70a9d8e863852ea8ce880084ac
1c9d1dceb9ee7f0e62f7eff491e08042799c74a1e864f809ef0445d893f8142b
1ca560867c39648af7922590ac8349d2ade397b6b0fd8880f065901d05ffdb51
1cf6bc39bed40dc5c00a863f08034028aa0289860a8491a5345f35f587e79d0c
1feccc5457246a341b82f181fa84317e9dd084c63ac370c1ac43104c3cbf3329
20105a9ea23b5e61401fa1f3fbf846c4ecdfc5544a8094b98e07fc0e610fe91f
20a22e2a0610fa88287f0f8a033e1f8c5fb3abb7f0a0d527115b6ce3dde328a1
20a7cab4c3d02182a4adf415218a7bf45485746273fba452bf48c4d3cf5df9d7
2165620fa9b4145a3e19a084e259da7f094390109f8742410ebd36d8899c3e26
21b3ea6a2f91609c3767f12b0d1f70f7c8c9939f346e777733edaa8b0891a072
222fa391f26a0b6f4b5d8459ada308e078e6d2e69707766e247692a6f45676c8
227a314f3031c4db177e143d7ad8db84ef7c26afd225ba46acb69916eb5e86b0
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2413c7ef853a7520c8eee7f11134415064ee009252d58fc8e84b0b75074c1fc1
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
25087cf907e314aab410aa9fb6cd62e06e1d473d6abdface89674adc3209eca8
25742a542a49a5e301deb22ccbbf81d19f779a63427ba59eff1a01ce68fd29ca
28ddfd4aaec48d0ff26b5432ddec1292d813aa1dfcab5975e7b807b8392df7f6
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
292a0bbac6cd7b60ded96d79abab5f70d4b352553492cfa46bdf3c1b35360bf8
2a40e48add0bdfafa972042f5dc16b2a3c01963696b4e28ee004a3f848685654
2adcd0a627dee2ac4ab782a00745d7678e374dc4625ddf673a88121977d77c67
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b1c7baaf547a90696763861b47ea44d80b6635b3e8dc432c3063eb9f5f7bd39
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2e5e3213e89839fadc122682148b6f08fc41eb2f2ff8d8a3be8314e936df6368
2f6eeb511e853211c742d1fa125b45ece32fe5711f407c5eb43613670082b3e5
300fc9cbe06e256f2244ebfdbde4beee7736091b392f6ba791e39a1026a13e0b
305fdde3249b89d0bddbadce2a090ea2877549b9f6ac836375f58f682cc84ce3
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32e5acf1b97e30e8721e8a3ee93bac752bc702eafd176b57074ea17f07063585
33558069624c6849e3bedf4ef9ead7bf4cef2afdd7ecb64758a660fa4ae5ed8d
364d1741b1499d9100a6b2324534a452e66a45f392481cec3f62e70e76da1419
37af9af0b46dbfcd7484c63a7436233e85730db5241bcab7aa6f84fdfd11b931
3864d89738bb725b06cbb3ea5d54b4cfde14dc2d65c0ca610289ff933a3a97fe
3895724e8115dff6d73b840b472f80fa1d0529c915354c20063be88cdcb329dd
390eedd6493a1a6fcbc79bbdf9dbaa97af9dc20ae608746e18f2d541378b5d91
3916390d4395ed16641c0e23d5e5a1bef9de6ce71b02c3941c0ee6f2d899c806
3a809aee4a0c67d1b9882d91414bbbe19410bfa7f6d2a28f3f2976015c776d8a
3b5ed54697e05d6b4df8b96cb22c5b8079b0f0c65610c9a76fc1f5fc981fbdc4
3be29565ed74ebe94b47d147f84748dc076566e4348c72db227ad8cf72a75f24
3be60f209c08e90c16558d5d32d6953439f287f5c88565c2e43cdcb40d6c3d58
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d
3cc008988546228de3fb9b305dc5334545fd611363a600fcd68916aa29213d49
3d94a91612f816c172c583d17bb06e140969a22fae663e7b8cae7d18d55eb2c6
3f232db997af9297ea139790efc0c17995c43210405c7fd383787c2bb9cea50e
3f2974438a69463a4f473185623d3eccb715ceb3f02b8882daed5bb9758cf741
3f43187776cc2fd671ed841523cc7bfd3d8d4dc3c0a32e0ae3b1b84e32f6d871
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4214005ceff241be58d7108c30e533c44f0a2089c1ea06d04d3e7549df7f4a6e
42df68ae2524528bf5b22f71b726909c67c1f10a5396ab19b3479b47a207196e
438ff3af395513310c69d935eb8c6e521312075673d2fdf0e82a7ad2d3037152
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47f0d2d106e5abe1a5aa5f092d8d1d09dff436c1dfc4b47f2a944b66b9792311
487c60b5e53c1d237b331698067d65073bf3bce979a6149ec0c12b622efc819f
488866fa28bf7969cb05e48b0842dd23c409c8fcb15351df0c5b3cac4219a617
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a7b1ad015c77adc2e4709459a2f95439b748cc5cdae5289ea43574c9d8c02f0
4b0e2c1c8e6d92b9083cd952cea6a065485827df78fae548752352da136c3540
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc4b508bb0ccc41052f6a18eb23441543da2d209c152f62577e954367b4d62d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f5d84442beb96eed73c1fe4d54cb86b3ad4ba90b041c1c44e4f314d7ad9e1bd
4f790ff3954d68b63058e55090a0342c4da8553f87b82bf1bb1863e0fb889543
4fe5b47e7a09066a05bddeccd186c45d843df3ca22377b8c8d6e49d9fcd53f7f
500ddb4a3820f56ca0b2accfc6d9976c6139c03cd4de8a4b02858793c1149e86
501e62c6e0c1d488fc66e31ced03aba2702df783387148fe1b8c4239bcc7d074
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50c64c30ceeb83775f2b933b917c3657f818dfd38cad2180b0f2d262b1157e63
520044959df03f25bf46d68e9ea4b89d6a160081bbabd0a0cf08f76c43c18956
5459851818636571b7286afd1a08ccd3991e479808e70ee8dc7b2ffca2201e63
5481dd7de36de039271fe67000794500e2b58e5c3928941c2d455c90da69f596
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5533874c2b0145642ca304f110240fcdb05253df388c2f7b97c053ad5eb69b65
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568de4a237f78930c495806b9302c91df36f7212ee5af1cc6d9f4abc3ff03b38
568efc96387466861d25131636346187542ea3924ee342be4bf3e40dfcb11a73
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57a18b6c18cc1cb382fc80abd6302ee9c092d472b15d257fd911d942e6def986
5968deed67db36c17098f115d0fd4318e4ef3616b6c3541da921599e64689040
59706d892b5158ca9fd1f3ea8b33035ea4894e449cbb06fe42e7ef2e93f4af6f
5b542fa63865c7855e651a48910a341dfdd0508ec6f293e1253537b2778e2742
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cf6f15795782d7a4b4daca9375620e43236057578e80210b293c9a98119ffa1
5d4738110b480f423e4f0c054dd3444f7eb0388186dd356a8c171f26db1faaef
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5dfd5b4a336a0e622d804b0efb86a654561835e9083b3941b6f8ff5ba5256e25
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5fa1eb7a1246566567e8b5441a15c0a800290a29f834e5fd04f8e685d91f189b
602e7dc7da2f0a68503b52747ebeec1d664f050b3ede24bb6f9f21629ebebca3
60cd5f5fd4564d87050ccdebef5e222235df46c8749240a0564eb34f1644648b
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
616e09d9f8500ea986c7cf76a43a8cb0581f1645c13d795335dcff54b8ea7415
61723fe95f866398ae8490661ffb77e0fcd3d5eb598eeebb1ed5e593049487e2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636afd2a6d36095b82bdedd230ffe3020243582d46a259749d5be8258d9b4a65
63b31da7c560861dc044a6b35c1b51b9664daf1008174e88053ca298a429c8ac
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
65c8f795775c551a46218aea6c5aeadbe7c367b8d4860c9471d48f53e7351641
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6796ccb15426d91d3311ea27d429c2d35605243125f7e30fb554271b393a9c27
67c76dc49e784d88116f5822e4cc1f368adbad41575c6d7f9c5970e97917a40a
698daf2a3566453c7b7229e3ddd0ba9c3ae6b381a8e1e3399e8ae79ea69412f9
6a2ed5ccc657769550051988637259f4d1df3e1df38d522c6811c1db2cb5681d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c25b976778ba4a030773a7897d64c44197eb5e393115ff8367c9d78aeffdc3c
6d124788e480924e0a0917ef210d06075bd5166a9f9cc75f2937a98a4a497199
6e24d3527c0d9bebc03ee87d68544d0543471a2da12361beaa3729b2ba16beee
6eb371fe2cdba0f5fae6d062346e86535f2c667b80e23c4c65cd3fd24be65cef
724e625136faa2b7de23fbae1529a06c26e0d97f69d81a3daac2a771e78dd500
737ecccfd5058eeb7a46e5ea9616822be78a60668342b22f2fcfae3130f7d8c1
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
75a3c4df376bbd4bc194cbc937fe521ffc4d712544c7ea330d1b4802a076958f
76932632c4ba6d864a00b6341a9d5460f9b44ff952e478c47e68ffe664624efb
7965777dcddb12ba6fcbfdb90bbbe664dfeec6ee3fb6a069c1fad9980bc25a10
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7b1d77153cd55fc5b3085fabd7b5b468ea6294bfdde84821afcabbc274ffd549
7d2cdcfb9a06ae6226f06b3cb14c4a53fa0f94ec5048dfb469d6834f6fb4e124
7d9969d56cafe0bcc63350313033ca15ab1acca206040bbfbbdf99e22a1ad2ec
7e7f4f5cdb2a02c8f4b6d8e6f4ca3b1f18d635d55e5d4b9b1106e79f0f583fde
7f9ae5335d4db51a427fcbd9d291958b98ac28713fa8b6dc8de328d9298a8735
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
80534a6e1ec41d37acec8be383f8d1112dbbeea31dd51ead47463095c13bff3a
8167cf5c527ce9551e0fc2e7bd7b315a9ef815d7f91f3338351bd498af468336
8195ec559939a3299a302f8e0c182ba87ddc46b9d26de044d2b8b69fd412a645
81f5a77969e0be31aca8599391449b284d3faf2322bed3e186fcdfdd80c4a781
8238b95c4c4415a5368700623bdfd7c36f8930a55b00eada96a9e46d3ed550bb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8546c5d40008a98da4af114586dd8aa895fa44a5b7d9eeb8b67bc822c29bb105
85d423c5c3713d5ad1fb1529618fb0f6530869a98b53374f292ab1bb5f5bb9ff
860d562b0a45cb007e7a669dc845cc85bec45a5229c67ddc3b11534ff54a9947
87d9701e2c844875413ecc75d38c0b204c8741069756b7f04629f9870dc878a2
880249a25ca053564710985b7a778579dc4839896e16b063816f9b068de5f1de
8a5dc38cec076d349128944270877cc436cf084bb9ea8130ad55a644c40b35f5
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ab2e236a9d9c8ab68da49e83a457d58223c9485146143695b11a71e27936035
8af166c1a7244eb90c42560c1f95c047871ca782c3a5707b2e069186b8ce7555
8b68be538ba98fc3032d78c238f015510ea1f59bf144f105a80a26442413408f
8bf7a7b8f6a4308ab1f43290220289403832769fd02ee219a4f5e7a74346f40e
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8c63d262b420ac15948cdd4ec6763573dd783686323b8e965927aebc410b089a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e503fe67eef6d53b7297abd5062e4db7a6b381eaa7d4ac4f8c53a9bb08e248c
8efd7ef0887f8d97df1f68248a4d6f603ab11021a0f683e61584227ee7a71909
8f5bd601553ad1344a1eac25b660bca1938c94e7907b979e91194e98b0ad90d0
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83
91974b47f306b283eaa6ca1ce2fad0aca0f8d0d7e712dbea00baf46d4294c138
9251eeb3c03ab159a47dffd5e5740756c82f088da7b82d17541395ff101f227d
947d33645c199a25fb14bedb5cf80a48a61f8558747bd0f4958fb8217f48547e
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99725e21800ccc55e79d462f475db2fec19f1c82057b6b5bc87bdfe5212927d4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af9b37392830c3d27d0370c7e36fe4a21ff49ef2a0465d3ea33ab9c8a537595
9c625353285d7d98b8ef8539024d908be74987505dc331a3ccf10711d88e3045
9d9ca589b914280e196d256a2ddc2ca3af11118b3fc9002f6323a568d3cfc0de
9df8804be7bc833a0f7bda128387f950072b9c844a13747e22ae6cfdcb515b00
9f9fdc49f32f71acb66c5ecce0ebc7724952ba9147196f3d2b46d2c783e0bade
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0aad236d91f8a4ccca9299f760e17fff3a18635872a6e38ae4900eead00cd38
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a17bf5a5e1a1e1c69faa10ec7a45118181b51ca287bb2374c32798eff7edbb09
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2a7e2576eec7fdeff7652fc79f5b57c7dda190d394424a66d7a6e421f40e77a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bf35c2ea505cdaeb95377219a33c6ee69493c9030ca96d202cca3b13c6f529
a61a648444a16a41ef29c2f3ce95053de667e244321323ea9a669c35768e0397
a6841d2c4a12ed948dd6c51720e62a032135ccd7f50cc17b7d8d37b20f43c2cb
a69cecfa8fe80d32f2b04184919ae8201e75220c7300d0148148cafd8f155fd2
a6a29f11745ce1c159fe4ccb3584b6b24eedef4f1e688919a893a5ba501afbf6
a6f0352702b7604323c13594f1c3b74e58b11c1c0847a537511261d06f80ba25
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a74074f055c3667b9955b17856ae4908888121a89d494732067ea924ca1a33d7
a753f298789dae8ad91548a345d839638170cd51ae74260c2f262492e8751072
a8fb181a797b4e48bb5d239ab5030f33ed65ebf339e38a5131ce966331226cef
a9abb833a0d3df0d1c33e6cee9bd8e40655483413e1e202c47d9cecb24418584
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece
aad48e612efa9d7364a3ad0e06aaa0d46320b7a57cc13697a8997ee9ef7c9101
ac4a35db5faffafaa894fb7f1e6b9c130d9688d0c7e9736958956f1d97ea6b42
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad0cb034a1ea6a2c67906a36f384b1960f3130f9a8605feb0d030878a508c8a1
adb44f29ca95e43406f4c3434262b8e3016a378ee2e51223fd11ef3c79a6f5b0
aee7d2f3931049f9fbdccac3d0e7e36eca23ce66c76c464ed28372d7d4559597
b07fe8d2c18f44d35ffaa187fd48bddc1ef81c69476cd0457279790e4c2e0725
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1699eb07e65fc769e068f6ba0d7c11a114ab9c8b8e2b3de7da70c7308cdb6a9
b1d37476f42be18cedf76df6ac4cde79a2b0821226a3346e76b6887c9eb873b8
b2831cb9703dae3b9d18ab76276a67a65de573cc498aeddaf085942f0d96c18c
b44a2fe208e998b56df46211e07ab012140f047e0b0621ab6b4f17ba434bfca5
b471033f1864708331e5945f9003e0eed1d563d673d2666aca296198b9cc6ca7
b4afdceff8c9e3c856821320d48b80b7b1ed2263ada5e437b618bbd8d2adfbc1
b6a65b953da6fbfe82f4edf5cd9656efc22d6b120f6d4ecc17add6ddeba79e2e
b7857a127e0c58222f8c5847f443a088038fafa976e59a657da9c8f25cadecb5
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
ba2509a2b7e125a486a751d0f50e1be8319240ba60a66e6612c6daf4c0525688
ba64d0b9ec6285834517ef3f3d3029ec5e07c50380f911de891f7a92216d7562
bbe8560826479959291cf70d3080f513bd35cc48126cf13dd43f6ffcec28907d
bd01031da1cd8b94a8a259f39670cd781c2d0c6209a31b2b6052abb23d6ecd74
bd335627b30cb609116c9ed19b9e56c8fb0861c6b9d94e25b3e4317e8a3e38dd
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bebd22e0d2e170ed848979c4a2d7b46b947aab1f85887421bc99bcf8cb18a535
bedab15fd177a9715568682a8b3a04edd59939cafffa07dfd2e6e64b010f757c
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
c01b1b907eb9f740683e1f64643fde07ef63a9c1ebbee1958834dd168ff6befd
c1dfd4798acc0ff18360293f0622138167322700d64c5b1bbc6dbcf21fc28204
c3121d3e327dc933fef1ab5d314019e98ae933f3245f83f1ade0cf7790e0fc2b
c50506f266440656215e0325d7080644885d774b09a937fe2feaa47d9f63c86c
c5f15c0f650cd556ffd2a583ca17bc0eea93896a368e498becb94cc70ed2d389
c6a61a7daa3ff71f2ac0651cbb2ebe867f0add7af8a3110401467f35b561efba
c86748710e797c6d7933b864f62834904876163ae177570a332a2c477ad6aca6
c86d9865eeeb2c9aa44616bc958439a4ff37554c2219db4af7ab711dc4edbfc5
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
c9c3306f6614477fc8941790c3a9335ea0da61d7ec5b383791edd33624ba0e77
c9d8d2e92dd150ea79a80180174ddd106e3c5d2b27fb1511771e9dfba9428fed
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
ca54edd0ecccc0631469de08f41f95ffc860a900aadb27b909da20ed6a89dca8
cd44180ac100ad42b75db164501fcf9a6b8d66efa44c6aa654f9628b0bde0567
cd82d566535d0b66758f1b99b889967cd6828985bc98bfa0a4c7551f41fcd032
cd94f91388f0899d82788bc142709c9ab54a4e56dd5f70382413d6e649c61a12
cdc46119f82b8cc0c4fa0ad51203da3154d0aee0e887aaf26a46988e5f359070
cf3cb4aa7ec5dfb1a79fb94a01f919b8cbe981459f9877e36c0f9022925038c4
cf6a8ff6049b54592b6f8edcf20367840487dcef9752866b18f4b5666b1cd97a
cf85242e9b3ceb7147907911c2f6a14da84b99d06aba24c4daad28cbbf93209b
d0a77e495359613dd0f75850a9b9a541f059b6f215c76acddb418bedb7a2cf6b
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1395737dc86c70163a025aea31c989ccbc8c99dabb6a1d347b27c03d86e9846
d161af91c84c677474dfadf8da688f434fdffb4f4540fdfbeea306e159fb35b2
d1ec9625d1c2d3ff00cb5891990c4541a89f096540ee2226e565713d1a189e18
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d3592fbffec7c4245f008ef25e57005968575ebb3a6db25cd0b14a261cd0b8ff
d37ad6dbde004df19f997c3535e3fe54635760b2e37da5060a9e7bf38bae4a77
d460b3cfa84a55fc0a8ebc41af9c9f5cdcb97b58351aaa6a45e54eb377e22c94
d5b071fda01315f271998e251812dcf8465dcf34bb9e436bb502235700c40eac
d65246f2a98e02b32e2a0d80916e65eab499aebe923d078037efd692b31cef58
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17
d77df218a292b8f67740205b6d1dc75666f15f1645b95519b7bef5f161a0f8f1
d78ccee2910b62b729634ed37d0000e39dd0092cf3f278247668af30c0108f2c
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d99430b6e3b3d0e55d9f3fa7aad1a919743bfbbe97e698a0357787ec967b03af
d9d5edd148587000bfe55d7aac8dbb8cca56983ea943193fc9a86fa75f9febc8
da1b3e1c7ec456b6db1160ea606a50e228743d1b2c740d32cf772c5387ef7e5b
dac404ab5c3fcdc83e30b66349bccf92526406c5fdd63b9c1394acf78348ac52
dcc6aaeccd530bcb0e91ef01e2046485f1ad113a865aafb17a740eee4da61e32
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def3fda286cea0ab75ea959813f6965f453356dc35b05fac9e48921cbf3d4668
dfaaebdec60dc0454116815d8287e7975ba3ce5b6b575cbf4a301d251b4947b5
dfaf8d73be470252fc6dd20cfccda6c98ed6d6503cf0ba944ec4b6482820b2b8
dfde5485c4fc9e9acca625d86fbeb240c9bd3ab78a395721aae49aa97b091c93
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e1c6cebe3b1cde84c55e2189d7a3f12cd52a708975c740de7e31b581bf8d9301
e2bc317a3f54afb1933d31d4f51a70dfa52a29e19a02bf8dadaebb3f4596b56f
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e35db8b1d2fa2c61290c6d2963bbb8c944825be440a59e40c2ca6a8e1bbdba3e
e38e2116e7fcecafc78b089ca5d6e23cb944090acae7e75dd87ccb1c776a1849
e3a13155ff6fa3d1e25fccc2a0bbce4302b01c21c8b08c5922d70c62ec1b4bac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44c56414d6d7edd75f68e972b2c7161626f82d4d3df26d8b76c237a223c090a
e4ec8c02ce1156b46862a31790e01b86c2c1c40299b2636c553803d22f566b47
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9
e91580f860a460f66df16f1383f3a285780216e698edf0407e07ff45ff1cd0c3
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
e9d57f8635bfcdc58a8a6c09b3d27f6a777637489a8cdb48225fa369051f2f13
ea21eb6b45495ad5ca748ab758e96aad706ebb22c069aab8b7d1d8ed1997e4db
ea35a80e208bae77db49a8e799568fdeb7009b029b0dba356cd5ea658b5d7085
ea4dc77fdf5e91c1cac823dc7dc7108bf7cf08c4fa44ccf9492ebd332be0af01
eaca3f440604c93c3caa05b03b5ac1dbefad75f2f393589c23d3dfd3a9174546
eb142780323f9846917143611381012150523a573d467c44fa5c5015979f73b2
eb5954af507e82a407de87c57a3a9f0dd2b05f2c47a0d166254ca2ae70f6d4f2
eb8bb874ced68a143fee84a02bd867070bdada50718cddbf7cab321a4434e37b
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
edb75c328dc364054a6afb3d5fecddde3c6298d89b15c96f9b77858a93d5df4c
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eea8447246e0f33d1b456ed8ae029bd7343a5324d13723b9a3c7e4dd76f69461
eec356b27f72f835e55d2b242a94ce15e32fb8c83872a47838936ced10968f09
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f1887d08d005e0cb9f16eaffa7914de0f834f4292835a69561adad05b36b2436
f19a739af1234409ececd164262417300b4091cc65900580dbe9e7e4cf367836
f28a421421e04b7000d12f4a4255b0d4b1c3455f993d343cbff460868cc960aa
f293486948d4cba26c6b835bdd574b4085e62da749b86019f5f6fab3535b0e39
f40b287808addc4f3d91a36b2e0b25ca9aa1f1cce7d8611fcd2d924295bf0c4f
f448ed9142035fd376ba0fe2bd66a804431bad6676b34725297b770d21d64f37
f471e1f60bf2b4b4ac0202beeb5a9c659326dd73680224994c0f878269ce12b9
f57845b064a26d7f08b24b1ab52fc7e0b6fc185cf3d3a6818f882faa7c9c46ef
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f63e08b18115b72e6d2cbe9db5f7527d2731545d38beae54317e10cfe0f58fc6
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f70a708909ea0e41d9ff70cc101e8ca4a5391ffb134ce3a98b0f5e42d7cb72b4
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8100ddd5433052f55abbd975cbaf4d300b5acaeef36e0e47e8a285941920bd7
f8216ef317fe2044ee78835b6f88b0b0a87c024b14da3daf4cff762f3065643b
f85d0f6cef01d5f18cfc5a169161c7d723039494ef0fc712878aafc2e690fbd9
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
fa9805d642c30f5324b073d965bb3871ba41911e6ca4272a6008cb80fada01c2
fa9aefda737b61a1b83c8ee9fcbd6ea14c2a61f48ee6d6bdaf1531fd96afa714
fb568542327d4264166e9839781916f91331fc0bae0bb29397ee3ebb4cc66ed8
fb98c93cbc8f3b8213bcf9b5e149a22210238854b41e7cd1b6c05b89765e86b3
fc80d7c8c7af5d54f59d93bbbbb74c35d7834a85f3d363240fc0bca8bc43a1fc
fe28f6a7cecf2b2c30b9bc5b5c5b6d02acb5c1ec00fdb65cf3ff02975ec9bf86
feb4fc467795a580abc9ca8be5f38bbec4cb85b1a5cd9c40743052acf912cf47
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

www.publinews.gt Open in urlscan Pro 49.12.125.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

564 Requests

82 %HTTPS

34 %IPv6

57 Domains

110 Subdomains

85 IPs

9 Countries

9383 kBTransfer

18733 kBSize

66 Cookies

11 Outgoing links

Page URL History

Redirected requests

564 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

www.publinews.gt Open in urlscan Pro
49.12.125.168 Public Scan

Screenshot
Live screenshot

Full Image

564
Requests

82 %
HTTPS

34 %
IPv6

57
Domains

110
Subdomains

85
IPs

9
Countries

9383 kB
Transfer

18733 kB
Size

66
Cookies

564 HTTP transactions
12 data transactions