urlscan.io logo urlscan.io
SecurityTrails logo

newsonground.com Open in urlscan Pro
2606:4700:10::ac43:9bd  Public Scan

Go To Rescan Add Verdict Report
URL: https://newsonground.com/?e=1163290
Submission Tags: 0xscam
Submission: On March 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 112 IPs in 12 countries across 84 domains to perform 307 HTTP transactions. The main IP is 2606:4700:10::ac43:9bd, located in United States and belongs to CLOUDFLARENET, US. The main domain is newsonground.com.
TLS certificate: Issued by GTS CA 1P5 on March 5th 2024. Valid for: 3 months.
This is the only time newsonground.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 32 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 108.138.6.136 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.186.70 15169 (GOOGLE)
1 18.173.154.101 16509 (AMAZON-02)
1 18.173.162.18 16509 (AMAZON-02)
2 2a02:6ea0:c70... 60068 (CDN77 _)
3 161.35.253.218 14061 (DIGITALOC...)
2 2a00:1450:400... 15169 (GOOGLE)
1 23.215.22.18 16625 (AKAMAI-AS)
4 108.138.36.46 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 45.133.44.3 39572 (ADVANCEDH...)
2 2001:4860:480... 15169 (GOOGLE)
4 142.132.249.188 24940 (HETZNER-AS)
1 3 34.252.235.9 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
5 23.32.184.192 16625 (AKAMAI-AS)
8 2a02:2638:3::3 44788 (ASN-CRITE...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
3 4 37.157.5.133 198622 (ADFORM)
5 81.17.55.113 60781 (LEASEWEB-...)
2 3.78.210.113 16509 (AMAZON-02)
3 2602:803:c003... 26667 (RUBICONPR...)
4 185.184.8.90 204995 (RTB-HOUSE...)
1 7 51.89.9.254 16276 (OVH)
3 145.40.97.66 54825 (PACKET)
1 3 193.3.178.4 399668 (E-PLANNING-)
1 5 2a02:2638:3::c 44788 (ASN-CRITE...)
8 178.250.1.8 44788 (ASN-CRITE...)
1 2 18.198.21.34 16509 (AMAZON-02)
1 1 2a01:4f8:262:... 24940 (HETZNER-AS)
1 130.211.115.4 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
3 162.19.138.82 16276 (OVH)
3 35.71.131.137 16509 (AMAZON-02)
6 11 37.252.171.52 29990 (ASN-APPNEX)
3 2a02:2638:3::6 44788 (ASN-CRITE...)
7 2a02:2638:3::10 44788 (ASN-CRITE...)
2 178.250.1.6 44788 (ASN-CRITE...)
5 137.184.242.150 14061 (DIGITALOC...)
1 34.120.63.153 396982 (GOOGLE-CL...)
2 52.17.147.221 16509 (AMAZON-02)
1 3 34.98.64.218 396982 (GOOGLE-CL...)
2 35.157.246.167 16509 (AMAZON-02)
1 52.28.108.3 16509 (AMAZON-02)
1 2607:4f00:932::2 55081 (24SHELLS)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2607:f350:3:2... 27630 (AS-XFERNET)
4 8 35.214.149.91 15169 (GOOGLE)
1 1 178.250.1.9 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
1 18.66.192.110 16509 (AMAZON-02)
1 18.66.112.32 16509 (AMAZON-02)
1 143.204.98.94 16509 (AMAZON-02)
2 13.224.189.70 16509 (AMAZON-02)
8 193.3.178.3 399668 (E-PLANNING-)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 8.2.110.26 46636 (NATCOWEB)
2 193.3.178.1 399668 (E-PLANNING-)
2 52.201.75.98 14618 (AMAZON-AES)
2 52.59.69.244 16509 (AMAZON-02)
2 2607:f350:3:2... 27630 (AS-XFERNET)
2 35.186.253.211 15169 (GOOGLE)
2 2 54.85.116.15 14618 (AMAZON-AES)
3 9 104.18.36.155 13335 (CLOUDFLAR...)
22 2606:4700:10:... 13335 (CLOUDFLAR...)
3 185.64.190.78 62713 (AS-PUBMATIC)
4 142.250.186.130 15169 (GOOGLE)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
1 37.157.2.228 198622 (ADFORM)
1 2a04:4e42::300 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 52.215.99.44 16509 (AMAZON-02)
1 54.78.254.47 16509 (AMAZON-02)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 34.111.131.239 396982 (GOOGLE-CL...)
1 185.15.245.81 24961 (MYLOC-AS ...)
2 2 3.71.149.231 16509 (AMAZON-02)
1 34.160.236.64 396982 (GOOGLE-CL...)
1 52.17.14.43 16509 (AMAZON-02)
1 162.55.233.29 24940 (HETZNER-AS)
2 2 151.101.66.49 54113 (FASTLY)
1 34.225.101.25 14618 (AMAZON-AES)
1 2 52.95.125.22 16509 (AMAZON-02)
1 95.100.81.28 16625 (AKAMAI-AS)
3 3 34.250.129.70 16509 (AMAZON-02)
1 2 69.173.144.139 26667 (RUBICONPR...)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 54.235.155.213 14618 (AMAZON-AES)
1 3 52.46.155.104 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 2607:ae80:192... 26558 (FREEWHEEL)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 45.137.176.88 60350 (VP)
1 67.202.105.23 32748 (STEADFAST)
2 2a01:4f8:262:... 24940 (HETZNER-AS)
1 2 23.211.10.95 16625 (AKAMAI-AS)
3 23.227.146.18 55081 (24SHELLS)
1 104.103.64.214 1299 (TWELVE99 ...)
4 2.17.141.195 16625 (AKAMAI-AS)
2 2a01:4f8:242:... 24940 (HETZNER-AS)
1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 3.64.171.73 16509 (AMAZON-02)
1 69.173.144.138 26667 (RUBICONPR...)
1 185.59.208.177 43541 (VSHOSTING)
1 2600:9000:272... ()
1 2 81.17.55.117 ()
1 52.57.189.237 ()
1 52.51.146.36 ()
1 1 35.244.159.8 ()
1 8.2.110.33 ()
1 2600:9000:211... ()
307 112
32    2606:4700:10::ac43:9bd (United States)

ASN13335 (CLOUDFLARENET, US)
newsonground.com
3    2606:4700:3030::ac43:8d29 (United States)

ASN13335 (CLOUDFLARENET, US)
www.headerbidding.ai
1    2606:4700:10::6816:4ad8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    2606:4700:3030::ac43:8a0d (United States)

ASN13335 (CLOUDFLARENET, US)
adxbid.info
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
player.adtcdn.com
3    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googletagmanager.com
1    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
ad.doubleclick.net
1    18.173.154.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-101.muc50.r.cloudfront.net
config.aps.amazon-adsystem.com
1    18.173.162.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-162-18.muc50.r.cloudfront.net
aax.amazon-adsystem.com
2    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
delivery.r2b2.io
3    161.35.253.218 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
served-by.pixfuture.com
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    23.215.22.18 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-18.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
4    108.138.36.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-46.muc50.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
3    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    142.132.249.188 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.188.249.132.142.clients.your-server.de
sghb.adtelligent.com
3    34.252.235.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-235-9.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
3    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
a.ad.gt
5    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
8    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
6    2606:4700:20::681a:644 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pixfuture.com
2    2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
4    37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
cm.adform.net
5    81.17.55.113 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
2    3.78.210.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-78-210-113.eu-central-1.compute.amazonaws.com
hb.adscale.de
3    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
7    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
3    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    193.3.178.4 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
5    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
8    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    18.198.21.34 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-21-34.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    2a01:4f8:262:3e01::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)
ads102.adtelligent.com
1    130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
7    2606:4700:10::6816:1ed1 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
3    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
lb.eu-1-id5-sync.com
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
11    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
ib.adnxs.com
3    2a02:2638:3::6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ssp-sync.criteo.com
7    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
2    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
5    137.184.242.150 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
prebidserver.pixfuture.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
2    52.17.147.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-147-221.eu-west-1.compute.amazonaws.com
ap.lijit.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
pixfuture2-d.openx.net
u.openx.net
2    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
1    52.28.108.3 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-108-3.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    2607:4f00:932::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
1    2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
1    2607:f350:3:2569:0:10:0:200a (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
8    35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com
x.bidswitch.net
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    18.66.192.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-110.muc50.r.cloudfront.net
get.s-onetag.com
1    18.66.112.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-32.fra56.r.cloudfront.net
onetag-geo.s-onetag.com
1    143.204.98.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-94.fra50.r.cloudfront.net
signal-beacon.s-onetag.com
2    13.224.189.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-70.fra2.r.cloudfront.net
signal-segments.s-onetag.com
8    193.3.178.3 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
u-ams03.e-planning.net
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
4    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    8.2.110.26 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
2    193.3.178.1 (United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
2    52.201.75.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-75-98.compute-1.amazonaws.com
ssp.disqus.com
2    52.59.69.244 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-69-244.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    2607:f350:3:2569:0:10:0:200d (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    54.85.116.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-116-15.compute-1.amazonaws.com
cookies.nextmillmedia.com
9    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
dsum-sec.casalemedia.com
22    2606:4700:10::ac43:28ad (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    37.157.2.228 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f602:8bd3:480b:a39:d536 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    52.215.99.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-99-44.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    185.15.245.81 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
1    34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
1    52.17.14.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-14-43.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de
sync.richaudience.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    34.225.101.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-101-25.compute-1.amazonaws.com
usermatch.krxd.net
2    52.95.125.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    95.100.81.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-81-28.deploy.static.akamaitechnologies.com
tags.bluekai.com
3    34.250.129.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-129-70.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    54.235.155.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-155-213.compute-1.amazonaws.com
i.liadm.com
3    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    2607:ae80:192:1::173 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
2    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
1    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    2a01:4f8:262:3e00::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)
s.adtelligent.com
2    23.211.10.95 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-10-95.deploy.static.akamaitechnologies.com
hbx.media.net
contextual.media.net
3    23.227.146.18 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
1    104.103.64.214 (Helsinki, Finland)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: a104-103-64-214.deploy.static.akamaitechnologies.com
acdn.adnxs.com
4    2.17.141.195 (Rome, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-141-195.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    2a01:4f8:242:57ce::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)
s.console.adtarget.com.tr
1    2a05:d018:d29:3601:7bcf:ba48:68f0:f6ab (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    3.64.171.73 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-171-73.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    185.59.208.177 (Czech Republic)

ASN43541 (VSHOSTING, CZ)
PTR: webgarden-track-lb-ha.vshosting.cz
log.r2b2.io
1    2600:9000:2724:8400:f:4f64:8940:93a1 (None, )

ASN- ()
js.adscale.de
2    81.17.55.117 (None, )

ASN- ()
sync.smartadserver.com
1    52.57.189.237 (None, )

ASN- ()
ih.adscale.de
1    52.51.146.36 (None, )

ASN- ()
ice.360yield.com
1    35.244.159.8 (None, )

ASN- ()
u.openx.net
1    8.2.110.33 (None, )

ASN- ()
us.shb-sync.com
1    2600:9000:211e:3800:1b:5138:8a40:93a1 (None, )

ASN- ()
s.ad.smaato.net
Apex Domain
Subdomains		 Transfer
32 newsonground.com
newsonground.com
588 KB
22 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3408
mwzeom.zeotap.com — Cisco Umbrella Rank: 3321
8 KB
19 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 472
bidder.criteo.com — Cisco Umbrella Rank: 701
mug.criteo.com — Cisco Umbrella Rank: 3087
ssp-sync.criteo.com — Cisco Umbrella Rank: 1386
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10712
dis.criteo.com — Cisco Umbrella Rank: 647
20 KB
15 criteo.net
static.criteo.net — Cisco Umbrella Rank: 694
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10714
281 KB
14 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 7277
sghb.adtelligent.com — Cisco Umbrella Rank: 12736
ads102.adtelligent.com — Cisco Umbrella Rank: 115716
ghb.adtelligent.com — Cisco Umbrella Rank: 6497
s.adtelligent.com — Cisco Umbrella Rank: 6652
sync.adtelligent.com — Cisco Umbrella Rank: 5076
196 KB
14 pixfuture.com
served-by.pixfuture.com — Cisco Umbrella Rank: 61129
cdn.pixfuture.com — Cisco Umbrella Rank: 70600
prebidserver.pixfuture.com — Cisco Umbrella Rank: 65075
704 KB
13 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 7297
ads.us.e-planning.net — Cisco Umbrella Rank: 2536
s.e-planning.net — Cisco Umbrella Rank: 5477
u-ams03.e-planning.net — Cisco Umbrella Rank: 30724
5 KB
12 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 496
ib.adnxs.com — Cisco Umbrella Rank: 269
acdn.adnxs.com — Cisco Umbrella Rank: 604
27 KB
10 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 506
pixel.rubiconproject.com — Cisco Umbrella Rank: 384
eus.rubiconproject.com — Cisco Umbrella Rank: 607
token.rubiconproject.com — Cisco Umbrella Rank: 487
26 KB
10 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 317
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 639
aax.amazon-adsystem.com — Cisco Umbrella Rank: 432
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 824
s.amazon-adsystem.com — Cisco Umbrella Rank: 336
84 KB
9 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1345
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 626
7 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 380
4 KB
8 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 565
image6.pubmatic.com — Cisco Umbrella Rank: 828
113 KB
8 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 224
ad.doubleclick.net — Cisco Umbrella Rank: 164
cm.g.doubleclick.net — Cisco Umbrella Rank: 271
195 KB
7 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5169
csync.smilewanted.com
static.smilewanted.com
16 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 705
1005 B
7 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1709
sync.smartadserver.com
3 KB
7 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1164
bcp.crwdcntrl.net — Cisco Umbrella Rank: 961
50 KB
6 openx.net
pixfuture2-d.openx.net — Cisco Umbrella Rank: 79720
rtb.openx.net — Cisco Umbrella Rank: 641
u.openx.net — Cisco Umbrella Rank: 737
1 KB
5 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 5574
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 7360
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 7755
signal-segments.s-onetag.com — Cisco Umbrella Rank: 19407
18 KB
5 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1865
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1474
ups.analytics.yahoo.com — Cisco Umbrella Rank: 439
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 546
1 KB
5 adform.net
adx.adform.net — Cisco Umbrella Rank: 4924
dmp.adform.net — Cisco Umbrella Rank: 3241
cm.adform.net — Cisco Umbrella Rank: 1159
3 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 522
2 KB
4 gstatic.com
fonts.gstatic.com
233 KB
4 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7020
713 B
4 adscale.de
hb.adscale.de — Cisco Umbrella Rank: 16375
js.adscale.de
ih.adscale.de
2 KB
3 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 5774
735 B
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 653
130 KB
3 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2393
sync.go.sonobi.com — Cisco Umbrella Rank: 1028
2 KB
3 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 974
match.sharethrough.com — Cisco Umbrella Rank: 523
216 B
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1188
hbx.media.net — Cisco Umbrella Rank: 1363
contextual.media.net — Cisco Umbrella Rank: 733
10 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 368
719 B
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 745
564 B
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1659
a.ad.gt — Cisco Umbrella Rank: 1849
5 KB
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 916
id5-sync.com — Cisco Umbrella Rank: 480
27 KB
3 r2b2.io
delivery.r2b2.io — Cisco Umbrella Rank: 36958
log.r2b2.io — Cisco Umbrella Rank: 40958
177 KB
3 googletagmanager.com
googletagmanager.com — Cisco Umbrella Rank: 42
www.googletagmanager.com — Cisco Umbrella Rank: 43
270 KB
3 headerbidding.ai
www.headerbidding.ai — Cisco Umbrella Rank: 381335
9 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 905
1 KB
2 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 5298
2 KB
2 ad4m.at
ad4m.at — Cisco Umbrella Rank: 12829
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 555
360 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 735
911 B
2 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 1196
usermatch.krxd.net — Cisco Umbrella Rank: 1927
126 B
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 25004
907 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 245
1 KB
2 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 2534
407 B
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1444
151 B
2 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 2802
120 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 729
278 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 571
fid.agkn.com Failed
986 B
2 4dex.io
mp.4dex.io — Cisco Umbrella Rank: 2951
604 B
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1985
309 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 944
1 KB
2 adtcdn.com
player.adtcdn.com — Cisco Umbrella Rank: 60364
3 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 911
api.btloader.com — Cisco Umbrella Rank: 1011
19 KB
1 smaato.net
s.ad.smaato.net
1 shb-sync.com
us.shb-sync.com
1 360yield.com
ice.360yield.com
199 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 923
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1399
281 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 599
655 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 900
425 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 789
691 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 741
145 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1944
65 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1367
204 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 22676
84 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1508
596 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 9754
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 15789
460 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 688
194 B
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 53
14 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
6 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 925
276 B
1 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 4144
216 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 840
7 KB
1 ad-score.com
data.ad-score.com — Cisco Umbrella Rank: 2923
633 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1809
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1212
17 KB
1 adxbid.info
adxbid.info — Cisco Umbrella Rank: 18182
176 KB
0 bemail.it Failed
bn01.er.bemail.it Failed
0 tidaltv.com Failed
sync.tidaltv.com Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
307 84
Domain Requested by
32 newsonground.com 2 redirects newsonground.com
16 mwzeom.zeotap.com spl.zeotap.com
8 x.bidswitch.net 4 redirects ads.us.e-planning.net
spl.zeotap.com
8 bidder.criteo.com newsonground.com
8 static.criteo.net delivery.r2b2.io
newsonground.com
7 imageproxy.eu.criteo.net delivery.r2b2.io
7 onetag-sys.com 1 redirects delivery.r2b2.io
ads.us.e-planning.net
cdn.pixfuture.com
6 dsum-sec.casalemedia.com 2 redirects ssum.casalemedia.com
6 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
delivery.r2b2.io
6 u-ams03.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
6 secure.adnxs.com 4 redirects
6 cdn.pixfuture.com served-by.pixfuture.com
cdn.pixfuture.com
static.cloudflareinsights.com
newsonground.com
5 csync.smilewanted.com delivery.r2b2.io
csync.smilewanted.com
5 ib.adnxs.com 2 redirects cdn.pixfuture.com
spl.zeotap.com
acdn.adnxs.com
5 prebidserver.pixfuture.com cdn.pixfuture.com
ads.us.e-planning.net
5 prg.smartadserver.com delivery.r2b2.io
cdn.pixfuture.com
5 ads.pubmatic.com delivery.r2b2.io
ads.us.e-planning.net
cdn.pixfuture.com
csync.smilewanted.com
4 eus.rubiconproject.com cdn.pixfuture.com
eus.rubiconproject.com
delivery.r2b2.io
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 cm.g.doubleclick.net spl.zeotap.com
ssum.casalemedia.com
4 fonts.gstatic.com fonts.googleapis.com
4 gum.criteo.com 1 redirects newsonground.com
cdn.pixfuture.com
4 prebid-eu.creativecdn.com delivery.r2b2.io
4 sghb.adtelligent.com player.adtelligent.com
4 tags.crwdcntrl.net newsonground.com
s.e-planning.net
tags.crwdcntrl.net
3 cm.adform.net 3 redirects
3 u.openx.net 2 redirects cdn.pixfuture.com
3 sync.adtelligent.com cdn.pixfuture.com
ads.us.e-planning.net
3 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
3 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
3 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
3 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
3 ssp-sync.criteo.com newsonground.com
3 match.adsrvr.org cdn.pixfuture.com
spl.zeotap.com
ssum.casalemedia.com
3 pbjs.e-planning.net 1 redirects delivery.r2b2.io
3 prebid.a-mo.net delivery.r2b2.io
3 fastlane.rubiconproject.com delivery.r2b2.io
cdn.pixfuture.com
3 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
3 player.adtelligent.com player.adtcdn.com
player.adtelligent.com
3 served-by.pixfuture.com newsonground.com
cdn.pixfuture.com
3 c.amazon-adsystem.com www.headerbidding.ai
c.amazon-adsystem.com
3 securepubads.g.doubleclick.net www.headerbidding.ai
securepubads.g.doubleclick.net
cdn.pixfuture.com
3 www.headerbidding.ai newsonground.com
www.headerbidding.ai
2 sync.smartadserver.com 1 redirects csync.smilewanted.com
2 pm.w55c.net 2 redirects
2 s.console.adtarget.com.tr cdn.pixfuture.com
s.console.adtarget.com.tr
2 s.adtelligent.com cdn.pixfuture.com
s.adtelligent.com
2 ad4m.at ssum.casalemedia.com
2 i.liadm.com ssum.casalemedia.com
2 pixel.rubiconproject.com 1 redirects csync.smilewanted.com
2 aax-eu.amazon-adsystem.com 1 redirects spl.zeotap.com
2 sync-tm.everesttech.net 2 redirects
2 idsync.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 cookies.nextmillmedia.com 2 redirects
2 rtb.openx.net ads.us.e-planning.net
2 sync.go.sonobi.com ads.us.e-planning.net
2 match.sharethrough.com ads.us.e-planning.net
2 ssp.disqus.com ads.us.e-planning.net
2 s.e-planning.net ads.us.e-planning.net
2 sync.admanmedia.com ads.us.e-planning.net
2 ads.us.e-planning.net cdn.pixfuture.com
2 signal-segments.s-onetag.com get.s-onetag.com
2 c2shb.pubgw.yahoo.com cdn.pixfuture.com
2 ap.lijit.com cdn.pixfuture.com
csync.smilewanted.com
2 cat.nl3.eu.criteo.com
2 id5-sync.com cdn.pixfuture.com
2 aa.agkn.com 1 redirects cdn.pixfuture.com
2 hb.adscale.de delivery.r2b2.io
2 mp.4dex.io delivery.r2b2.io
2 id.hadron.ad.gt cdn.hadronid.net
2 region1.google-analytics.com googletagmanager.com
www.googletagmanager.com
2 www.googletagmanager.com newsonground.com
googletagmanager.com
2 delivery.r2b2.io newsonground.com
delivery.r2b2.io
2 ad-delivery.net newsonground.com
2 player.adtcdn.com www.headerbidding.ai
1 s.ad.smaato.net csync.smilewanted.com
1 us.shb-sync.com csync.smilewanted.com
1 ice.360yield.com csync.smilewanted.com
1 ih.adscale.de js.adscale.de
1 static.smilewanted.com csync.smilewanted.com
1 js.adscale.de delivery.r2b2.io
1 log.r2b2.io delivery.r2b2.io
1 token.rubiconproject.com eus.rubiconproject.com
1 pr-bh.ybp.yahoo.com ssum.casalemedia.com
1 contextual.media.net cdn.pixfuture.com
1 acdn.adnxs.com cdn.pixfuture.com
1 hbx.media.net 1 redirects
1 ssc-cms.33across.com cdn.pixfuture.com
1 sync.adotmob.com 1 redirects
1 ads.stickyadstv.com ssum.casalemedia.com
1 ad.turn.com 1 redirects
1 cms.quantserve.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net spl.zeotap.com
1 sync.richaudience.com spl.zeotap.com
1 beacon.krxd.net spl.zeotap.com
1 odr.mookie1.com spl.zeotap.com
1 ups.analytics.yahoo.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 lh3.googleusercontent.com
1 fonts.googleapis.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 get.s-onetag.com cdn.pixfuture.com
1 dis.criteo.com 1 redirects
1 lb.eu-1-id5-sync.com cdn.pixfuture.com
1 apex.go.sonobi.com cdn.pixfuture.com
1 web.hb.ad.cpe.dotomi.com cdn.pixfuture.com
1 ghb.adtelligent.com cdn.pixfuture.com
1 btlr.sharethrough.com cdn.pixfuture.com
1 pixfuture2-d.openx.net cdn.pixfuture.com
1 prebid.media.net cdn.pixfuture.com
1 prebid.smilewanted.com delivery.r2b2.io
1 static.cloudflareinsights.com cdn.pixfuture.com
1 data.ad-score.com
1 ads102.adtelligent.com 1 redirects
1 mug.criteo.com
1 a.ad.gt cdn.hadronid.net
1 adx.adform.net delivery.r2b2.io
1 cdn.id5-sync.com newsonground.com
1 cdn.hadronid.net newsonground.com
1 secure.cdn.fastclick.net newsonground.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 ad.doubleclick.net newsonground.com
1 api.btloader.com btloader.com
1 googletagmanager.com www.headerbidding.ai
1 adxbid.info www.headerbidding.ai
1 btloader.com www.headerbidding.ai
0 bn01.er.bemail.it Failed spl.zeotap.com
0 sync.tidaltv.com Failed spl.zeotap.com
0 api.rlcdn.com Failed cdn.pixfuture.com
0 fid.agkn.com Failed cdn.pixfuture.com
307 141

This site contains links to these domains. Also see Links.

Domain
www.pixfuture.com
privacy.eu.criteo.com
cat.nl3.eu.criteo.com
Subject Issuer Validity Valid
newsonground.com
GTS CA 1P5		 2024-03-05 -
2024-06-03		 3 months crt.sh
headerbidding.ai
GTS CA 1P5		 2024-01-24 -
2024-04-23		 3 months crt.sh
btloader.com
GTS CA 1P5		 2024-02-15 -
2024-05-15		 3 months crt.sh
adxbid.info
E1		 2024-02-02 -
2024-05-02		 3 months crt.sh
adtcdn.com
GTS CA 1P5		 2024-03-07 -
2024-06-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2024-02-06 -
2024-05-06		 3 months crt.sh
ad-delivery.net
GTS CA 1P5		 2024-01-20 -
2024-04-19		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-19 -
2024-12-29		 a year crt.sh
1838731126.rsc.cdn77.org
R3		 2024-02-23 -
2024-05-23		 3 months crt.sh
*.pixfuture.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-28 -
2024-12-03		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
hadronid.net
GTS CA 1P5		 2024-01-31 -
2024-04-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
player.adtelligent.com
R3		 2024-03-14 -
2024-06-12		 3 months crt.sh
sghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2024-01-22 -
2024-04-21		 3 months crt.sh
id.hadron.ad.gt
E1		 2024-01-27 -
2024-04-26		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-17 -
2024-05-17		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-17 -
2025-01-16		 a year crt.sh
*.adscale.de
Amazon RSA 2048 M02		 2023-07-18 -
2024-08-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-23 -
2025-01-29		 a year crt.sh
*.a-mo.net
R3		 2024-03-06 -
2024-06-04		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-08 -
2024-05-07		 3 months crt.sh
a.ad.gt
E1		 2024-02-12 -
2024-05-12		 3 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
*.e-planning.net
R3		 2024-02-06 -
2024-05-06		 3 months crt.sh
*.id5-sync.com
R3		 2024-03-01 -
2024-05-30		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-28 -
2024-05-31		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-06 -
2024-05-03		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2024-02-19 -
2024-05-19		 3 months crt.sh
*.lijit.com
Amazon RSA 2048 M02		 2023-11-21 -
2024-12-19		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-10-17 -
2024-04-10		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2024-01-27 -
2024-04-26		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2023-12-07 -
2025-01-07		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2024-03-01 -
2024-05-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
ads.us.e-planning.net
R3		 2024-02-06 -
2024-05-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
ssp.disqus.com
Amazon RSA 2048 M03		 2023-10-21 -
2024-11-17		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.v.fwmrm.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-13 -
2024-12-13		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
dmp.theadex.com
R3		 2024-02-18 -
2024-05-18		 3 months crt.sh
ar-gmtdmp.mookie1.com
GTS CA 1D4		 2024-03-12 -
2024-06-10		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-31 -
2025-01-29		 a year crt.sh
*.richaudience.com
RapidSSL TLS RSA CA G1		 2024-02-14 -
2025-02-25		 a year crt.sh
usermatch.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-30 -
2025-01-28		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-11 -
2024-12-11		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2024-01-22 -
2024-04-21		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2024-01-19 -
2024-04-18		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-21 -
2024-12-21		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2024-01-18 -
2024-04-17		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-02-12 -
2024-08-07		 6 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
*.r2b2.io
AlpiroSSL ECC DV CA		 2023-12-11 -
2025-01-09		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.shb-sync.com
Go Daddy Secure Certificate Authority - G2		 2024-03-12 -
2025-03-12		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh

This page contains 48 frames:

Primary Page: https://newsonground.com/?e=1163290
Frame ID: C0EDF8DC63593D3C32809BC5C6B3A591
Requests: 171 HTTP requests in this frame

Frame: https://newsonground.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
Frame ID: 65610D279D2248E44C5AC2D154EE7B71
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=newsonground.com
Frame ID: ED6D39E5FBB9C748058E6CB413A80541
Requests: 2 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/pixf_sync.html
Frame ID: DB64DE446B3C51E52569F9BB2B5045C0
Requests: 3 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/banners/728x90.gif
Frame ID: FE1DD2F6D1CDC1C06D1865659AFE52D0
Requests: 1 HTTP requests in this frame

Frame: https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Frame ID: 0CE5B0CE853FD48A154E5DBE6C1B2ACA
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Frame ID: 1978871CE069020B3AE4C231E857DB1E
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D1ec78ea3dbda48e1%26uid%3D
Frame ID: ABC8BE1B4D0A957D56C9AB5B45EE1227
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1ec78ea3dbda48e1%26uid%3D&s=190243&C=1
Frame ID: 1C4129199B644FA9B5B0278607FBD279
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 758FD5B8EE97CF1D7A3C2225492E6383
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 329DFB07150CBBB531D7ABCF2025675B
Requests: 33 HTTP requests in this frame

Frame: https://prebidserver.pixfuture.com/setuid?bidder=eplanning&gdpr=&gdpr_consent=&f=b&uid=AH1pAQbEzggPqiNg
Frame ID: 7FE1D12B76F524330A0FDADDB3B5EB9C
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Frame ID: 8184A6C4FB726446016E82AA339F9804
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: D1C89B0852E861FC68D917B90BFC7763
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=g&ep=142&extuid=0000EEA&traffic_source=snippet&session=13BC5D916EECF64F&sp=500592&pb=305453&c=750708&a=754412&domain=https://newsonground.com/?e=1163290&gdpr=0&gdpr_source=&gdpr_consent=
Frame ID: 80396F7EBFF15287812EA2473AA262C8
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: B88FF78972023EB5EEFB91CA7DC0AD9B
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Frame ID: 287DAA8B55AF665E270E9ED1DD378701
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 2422BE48E2EC91DE57969DAAC36BD150
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 733F3C003A7796DCE08C55F6C0272151
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2055%2C2075%2C2030%2C3020%2C251%2C233%2C2027%2C2026%2C236%2C2069%2C237%2C238%2C359%2C338%2C459%2C70%2C97%2C55%2C77%2C2022%2C3012%2C2043%2C262%2C461%2C244%2C201%2C2039%2C4%2C126%2C203%2C10000%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 0890870E4504E0F3A95F43C0B47796C7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D76%26extuid%3D%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D631382%26a%3D558003%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Frame ID: 19E93E4F65E01F8FB6984EC60AD06882
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CDB296E6C4D7EABD18277C2BD5CDEA17
Requests: 3 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=2965030788491927551&traffic_source=snippet&session=13BC5D916EECF64F&sp=500592&pb=305453&c=709112&a=743293&domain=https://newsonground.com/?e=1163290&gdpr=0&gdpr_source=&gdpr_consent=
Frame ID: A40E2190234D9E5DC06BBF9DE730E2B9
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 84876612B5FC77A1555FBC0A1922DEC3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2e06db8fee740314%26uid%3D
Frame ID: 1E4AA62E3DA85AABAE8B766DBC452F23
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2e06db8fee740314%26uid%3D
Frame ID: 168A91F120324541163F2D8A8FE2DA1D
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 9292A40057B020172DE7007F14B9614C
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 56B326A411C94A5DCC97D3AFC8EDACA7
Requests: 4 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=g&ep=90&extuid=AH1pAQbEzggPqiNg&traffic_source=snippet&session=13BC5D916EECF64F&sp=500592&pb=305453&c=484122&a=307971&domain=https://newsonground.com/?e=1163290&gdpr=0&gdpr_source=&gdpr_consent=
Frame ID: D6466AC9DF9688494B3889B440051A5B
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync/?aid=755289&gdpr_source=cmpuishown&refer=https://newsonground.com/?e=1163290
Frame ID: DAB19F53D8E707F51E188D9EE1C847EE
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync/?aid=651796&gdpr_source=cmpuishown&refer=https://newsonground.com/?e=1163290
Frame ID: EDED0CB799CD4854F5C455496ACF0671
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html
Frame ID: B84F194255C6092E1B48231F9ED60EC4
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 6D047AB5D24586C2D82EAFC98540B26D
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1710457306116
Frame ID: D50AA1D0FB08367FFFE569613D6F8E60
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?&gpp=&gpp_sid=
Frame ID: 6FB781594556DC74222A1F6A7DB642F1
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: C74990A62244A8B9BFB8822B908E4DF3
Requests: 4 HTTP requests in this frame

Frame: https://csync.smilewanted.com/?1---
Frame ID: 625108A893D4D265D8464AEA5101322B
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 80153CFA6C324732EE35B9F5A85A172C
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 9E036FC7DBC3228F761F6BDDE3EC73D1
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/7738809124434604367
Frame ID: 2CA713208D0A2B713FCD2D0CE0464583
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 12C355259263C69FFFC1B3AC11C9BD8B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 3F5342FAD4731CC06EAE21269CA964F7
Requests: 2 HTTP requests in this frame

Frame: https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Frame ID: 28D8B7FC1259C399DC4C057BF24D75ED
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/openx/9b5a2e9b-fb3c-45b9-bc40-2c269a495c5b
Frame ID: 2A9E34BCBA9A1916BF46B812DFE7E0D8
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 84C26DB89CF6011E29606615AE1BD30F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/2965030788491927551
Frame ID: 3F6116A8806FB1C8F89D9F733A1E67B7
Requests: 1 HTTP requests in this frame

Frame: https://us.shb-sync.com/d3cf52c0-fa89-45fb-83fa-f14d2af39226.gif?puid=[UID]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadwmg%2F%5BUID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Frame ID: D7709CD3DE6D6259FC75C4ECD291679B
Requests: 1 HTTP requests in this frame

Frame: https://s.ad.smaato.net/c/?adExInit=smile&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsmaato%2F%24UID
Frame ID: 835529329C446F82807BC7F5CFCA8406
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Newsonground.com Home of Breaking News | World News | Politics & Much More – Dont miss an update from us

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

307
Requests

87 %
HTTPS

35 %
IPv6

84
Domains

141
Subdomains

112
IPs

12
Countries

3459 kB
Transfer

8002 kB
Size

63
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://newsonground.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://newsonground.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
Request Chain 64
  • https://newsonground.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://newsonground.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
Request Chain 90
  • https://pbjs.e-planning.net/pbjs/1/76d41/1/newsonground.com/ROS?rnd=0.7221132451162815&e=942357%3A300x250%2C728x90%2C970x90%7C1.5149400000000002&ur=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290&pbv=8.18.0&ncb=1&vs=F&crs=UTF-8 HTTP 302
  • https://pbjs.e-planning.net/hb/1/76d41/1/newsonground.com/ROS?ct=1&r=pbjs&rnd=0.7221132451162815&e=942357%3A300x250%2C728x90%2C970x90%7C1.5149400000000002&ur=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290&pbv=8.18.0&ncb=1&vs=F&crs=UTF-8
Request Chain 100
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=newsonground.com&sn=ChromeSyncframe&so=0&topUrl=newsonground.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=KleSvXxpVjNTaHRFMkN4cHVLVk5SZWpPSkJlYzhoZWFWb2dyL2VPVHE5SW9QL0p0Wi9IZHVNemt3RWFFSkRsbnd5SkpFWVl1Yzk4cjFyZlRBV3VrRmVNUW5ZOEJNSnBFYXlwSE81cWdsVmdoWnh0ejE0bURhSlBPaHZMdFRZcUNlYWdmZGJjZFQxSzExNUhtWGxPbHNvYlZUUmRuUmViTi9HZGxpdjQxN0QrbHRWZE5ZZHZ1RThSY3N3N3lBWHdWaUoxWXdEMjh5aEJjQU40MVNLdzlzK3hNQUExdTl1YzMvcGZnT2pzT0Zmemx2NEdqcjFldVJ2b09RTWw4MjlGU1BId2Zlbjkrd3ZHR1hmbkYxck0xZTZoeldMdTg1bk0rNE4rbVJhREptWE1mbkF2RT18&cppv=2
Request Chain 107
  • https://ads102.adtelligent.com/tracking/scoring?site_id=19004&client_id=313926&event=ok&system=1&rbb=aHR0cHM6Ly9kYXRhLmFkLXNjb3JlLmNvbS9pbWc%2FcGlkPTEwMDAxNTImdGlkPVZpZGVvX090aGVyJmwxPTMxMzkyNiZsMj0xOTAwNCZsMz17YWRpZH0mbDQ9aHR0cHM6Ly9uZXdzb25ncm91bmQuY29tLz9lPTExNjMyOTAmdWlwPXtpcH0mcHViX2FwcD1uZXdzb25ncm91bmQuY29t HTTP 302
  • https://data.ad-score.com/img?pid=1000152&tid=Video_Other&l1=313926&l2=19004&l3={adid}&l4=https://newsonground.com/?e=1163290&uip={ip}&pub_app=newsonground.com
Request Chain 129
  • https://secure.adnxs.com/seg?add=27578847%2C27578847&remove=27578847&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578847%252C27578847%26remove%3D27578847%26t%3D1
Request Chain 130
  • https://secure.adnxs.com/seg?add=27578926%2C27578926&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1
Request Chain 160
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=w7vMnV9RUklMQzdjczJkN21BM01sMFNUM3Z0eE1DRmtwaWFIUmFxcUZzY1QlMkJXbEElM0Q&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k--_sWu70t1nIWiM7H9IH9jwjsbizH4loYYMYW5A HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=w7vMnV9RUklMQzdjczJkN21BM01sMFNUM3Z0eE1DRmtwaWFIUmFxcUZzY1QlMkJXbEElM0Q&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k--_sWu70t1nIWiM7H9IH9jwjsbizH4loYYMYW5A HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k--_sWu70t1nIWiM7H9IH9jwjsbizH4loYYMYW5A&gdpr=&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=w7vMnV9RUklMQzdjczJkN21BM01sMFNUM3Z0eE1DRmtwaWFIUmFxcUZzY1QlMkJXbEElM0Q&u=7c51bb77-5b0d-42a1-b934-194716ec74f9
Request Chain 163
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=7c51bb77-5b0d-42a1-b934-194716ec74f9
Request Chain 169
  • https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D HTTP 302
  • https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Request Chain 188
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D1ec78ea3dbda48e1%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=1ec78ea3dbda48e1&uid=7738809124434604367
Request Chain 189
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D1ec78ea3dbda48e1 HTTP 302
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=1ec78ea3dbda48e1
Request Chain 192
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1ec78ea3dbda48e1%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1ec78ea3dbda48e1%26uid%3D&s=190243&C=1
Request Chain 200
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5%26reqId%3De7e568f6-23d7-4ace-5d54-408b0880da4d%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5%26reqId%3De7e568f6-23d7-4ace-5d54-408b0880da4d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=b3ea6fe2-992d-4c9d-8009-3ce9635d7de4&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Request Chain 207
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5%26reqId%3De7e568f6-23d7-4ace-5d54-408b0880da4d%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5%26reqId%3De7e568f6-23d7-4ace-5d54-408b0880da4d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=86566747657384282533738770740375159412&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Request Chain 210
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5%26reqId%3De7e568f6-23d7-4ace-5d54-408b0880da4d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7346358173295507598&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Request Chain 211
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5
Request Chain 212
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5%26reqId%3De7e568f6-23d7-4ace-5d54-408b0880da4d%26zdid%3D1361 HTTP 307
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5%26reqId%3De7e568f6-23d7-4ace-5d54-408b0880da4d%26zdid%3D1361&bounce=1&random=2216627766 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=0pWH4c2GXtu8oxzjDfE0ke&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Request Chain 214
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Request Chain 215
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-c9chErdE2opw.4tZgJ3jk3jCbT4oEgABHg--~A&zpartnerid=570&env=mWeb
Request Chain 216
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=CYSLYphnIs5VDet6v8WFV%2F9a%2B8eQfAxQ%2BS41iYitP1U%3D
Request Chain 220
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5%26reqId%3De7e568f6-23d7-4ace-5d54-408b0880da4d%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5%26reqId%3De7e568f6-23d7-4ace-5d54-408b0880da4d%26zdid%3D1361&_test=ZfOB1gAA3kqqIgAe HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZfOB1gAA3kqqIgAe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Request Chain 222
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361&dcc=t
Request Chain 224
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5%26reqId%3De7e568f6-23d7-4ace-5d54-408b0880da4d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Request Chain 225
  • https://pixel.rubiconproject.com/token?pid=41544&puid=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=LTRU4423-1F-AEI9&env=mWeb&zpartnerid=1770&gdpr=1
Request Chain 228
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=oLVdhq6xX4O7tgvUoOYWjKO5CtC75AqDorASEIz2&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Request Chain 232
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZfOB1rmqPVAAAHzjAS284gAA
Request Chain 233
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZfOB1rmqPVAAAHzjAS284gAADGsAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZfOB1rmqPVAAAHzjAS284gAADGsAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 235
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8280008358510697853
Request Chain 238
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 243
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D142%26extuid%3D%3Cvsid%3E%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D750708%26a%3D754412%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=g&ep=142&extuid=0000EEA&traffic_source=snippet&session=13BC5D916EECF64F&sp=500592&pb=305453&c=750708&a=754412&domain=https://newsonground.com/?e=1163290&gdpr=0&gdpr_source=&gdpr_consent=
Request Chain 251
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D709112%26a%3D743293%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 302
  • https://cm.adform.net/cookie?CC=1&redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D709112%26a%3D743293%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=2965030788491927551&traffic_source=snippet&session=13BC5D916EECF64F&sp=500592&pb=305453&c=709112&a=743293&domain=https://newsonground.com/?e=1163290&gdpr=0&gdpr_source=&gdpr_consent=
Request Chain 260
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D2e06db8fee740314%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=2e06db8fee740314&uid=7738809124434604367
Request Chain 261
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D2e06db8fee740314 HTTP 302
  • https://u-ams03.e-planning.net/um?uid=csuid_ed734adf-641d-434a-b8bb-4c43ff6f9730&dc=b337141cfdc8cf59&fi=2e06db8fee740314
Request Chain 272
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7738809124434604367
Request Chain 273
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=maNJjbSo1RKU505
Request Chain 276
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZfOB1rmqPVAAAHzjAS284gAA
Request Chain 278
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5%26reqId%3D9dee02fd-c13a-4c5a-4cc2-c0aac3f864de%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=9dee02fd-c13a-4c5a-4cc2-c0aac3f864de&zdid=1361
Request Chain 295
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5%26reqId%3D9a58a8b0-9849-4507-63e1-99166aba1ba9%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=9a58a8b0-9849-4507-63e1-99166aba1ba9&zdid=1361
Request Chain 301
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 303
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/7738809124434604367
Request Chain 308
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/openx/9b5a2e9b-fb3c-45b9-bc40-2c269a495c5b
Request Chain 310
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/adform/2965030788491927551

307 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newsonground.com/ 		101 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
1d9e1c7353e6be26323baf28b88b9361ad24049ec3918344abdcefe90f40fdf2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8647e3098ab38fe0-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 14 Mar 2024 23:01:40 GMT
link
<https://newsonground.com/wp-json/>; rel="https://api.w.org/"
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
X-Forwarded-Proto,Accept-Encoding
x-content-type-options
nosniff
x-powered-by
PHP/7.4.33
lazyload.min.js
newsonground.com/wp-content/plugins/w3-total-cache/pub/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
102865
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 03 Dec 2023 07:39:13 GMT
server
cloudflare
etag
W/"1883-60b9619056195-gzip"
vary
X-Forwarded-Proto,Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8647e30d7c348fe0-FRA
expires
Mon, 27 Jan 2025 04:03:58 GMT
fa-solid-900.woff2
newsonground.com/wp-content/themes/magazine-hoot/hybrid/extend/css/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/wp-content/themes/magazine-hoot/hybrid/extend/css/webfonts/fa-solid-900.woff2
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsonground.com/?e=1163290
Origin
https://newsonground.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
96797
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 06 Aug 2022 04:15:44 GMT
server
cloudflare
etag
W/"13174-5e58ad622e70d-gzip"
vary
X-Forwarded-Proto,Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8647e30d7c358fe0-FRA
expires
Fri, 28 Feb 2025 17:36:46 GMT
fa-regular-400.woff2
newsonground.com/wp-content/themes/magazine-hoot/hybrid/extend/css/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/wp-content/themes/magazine-hoot/hybrid/extend/css/webfonts/fa-regular-400.woff2
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsonground.com/?e=1163290
Origin
https://newsonground.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
111471
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 06 Aug 2022 04:15:44 GMT
server
cloudflare
etag
W/"33dc-5e58ad622f2c5-gzip"
vary
X-Forwarded-Proto,Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8647e30d7c368fe0-FRA
expires
Mon, 27 Jan 2025 04:03:58 GMT
fa-brands-400.woff2
newsonground.com/wp-content/themes/magazine-hoot/hybrid/extend/css/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/wp-content/themes/magazine-hoot/hybrid/extend/css/webfonts/fa-brands-400.woff2
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsonground.com/?e=1163290
Origin
https://newsonground.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
102865
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 06 Aug 2022 04:15:44 GMT
server
cloudflare
etag
W/"12bdc-5e58ad622eaf5-gzip"
vary
X-Forwarded-Proto,Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8647e30d7c378fe0-FRA
expires
Mon, 27 Jan 2025 04:03:58 GMT
a5ff7.css
newsonground.com/wp-content/cache/minify/ 		107 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/wp-content/cache/minify/a5ff7.css
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
2eef46dddc1cd02fd80cd4b37cffbe963ebfda495cb316937805be4595d2e112
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
101512
cf-polished
origSize=110130
x-powered-by
PHP/7.4.33
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 31 Jan 2024 14:05:03 GMT
server
cloudflare
etag
W/"pub1706709903;gz"
vary
Accept-Encoding,X-Forwarded-Proto
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8647e30d7c328fe0-FRA
expires
Fri, 07 Feb 2025 17:19:32 GMT
7c128.css
newsonground.com/wp-content/cache/minify/ 		170 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/wp-content/cache/minify/7c128.css
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d921266a89e528f3093ffde83e53e4f7e01cbb7c997b2b14da2d5bce8bfc586a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
67059
cf-polished
origSize=175347
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Fri, 26 Jan 2024 23:41:20 GMT
server
cloudflare
etag
W/"872b-60fe1d544cc62"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8647e30d7c338fe0-FRA
expires
Mon, 27 Jan 2025 04:05:33 GMT
hbmaster.js
www.headerbidding.ai/publishers/clnt/U1196-W1589/ 		47 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.headerbidding.ai/publishers/clnt/U1196-W1589/hbmaster.js
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8d29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05f65b4650dad8066bed0f60bff7455409fd37003db86c132db7668463902712

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5939
cf-polished
origSize=98637
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 11 Mar 2024 14:47:42 GMT
server
cloudflare
etag
W/"1814d-613639fb08d61"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tl9FdODIWqBbMZQRj%2BBY2uQ6Ow0AJWPZHx8fKZddPHrkOLPHzNn%2F2iECH%2F8nG4wyXiP53F%2F9rYx9mTltzYThmqBsBmAiktwRmLXxvrJIiQVE6fq%2FvKvKKs73VYl9y6uNC18A8c3%2BYd1JfWeXjLt5mg%2F2uA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=7200
cf-ray
8647e30dcc3d5d6b-FRA
tag
btloader.com/ 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=4905162506764288&upapi=true
Requested by
Host: www.headerbidding.ai
URL: https://www.headerbidding.ai/publishers/clnt/U1196-W1589/hbmaster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
842ef96e004b11b266b40e02a23c3d5e663778ddeeb8038e192586f0156e273c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 14 Mar 2024 22:18:38 GMT
server
cloudflare
age
2451
etag
"7c86bf4c78bfcae2d06e37cf158114cc"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
8647e30e29841bc3-FRA
content-length
19244
hbmaster.css
www.headerbidding.ai/publishers/common/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.headerbidding.ai/publishers/common/hbmaster.css
Requested by
Host: www.headerbidding.ai
URL: https://www.headerbidding.ai/publishers/clnt/U1196-W1589/hbmaster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8d29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
179fc947edc89b3bd6e4257a4fdbe710a2c6430c3af632df74a92cf9a69630b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5961
cf-polished
origSize=8355
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 29 Feb 2024 17:55:05 GMT
server
cloudflare
etag
W/"20a3-61288f5907eb1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wJi7o%2F9ONlvNih%2FsN8jJp4q7WX8AcIpvzWyz1UF7Oucb5ep5GK2leC5o3ozKUCw%2FW4%2B0ILzr7p6vQO9L%2FzhT0QegMXOiqG%2BUWczCzkQw5phRwypXEdr2XMqtzHPiy1kP5F1I%2FtLL3P0ewjJQcdua3HGnFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=7200
cf-ray
8647e30dfc585d6b-FRA
hbmasterwl.css
www.headerbidding.ai/publishers/common/ 		186 B
415 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.headerbidding.ai/publishers/common/hbmasterwl.css
Requested by
Host: www.headerbidding.ai
URL: https://www.headerbidding.ai/publishers/clnt/U1196-W1589/hbmaster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8d29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e1ce4d0b24289ec54bb95648e82c5be61fbf955856cb3f8c65f598fd475ca72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5961
cf-polished
origSize=241
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 16 Feb 2023 09:41:32 GMT
server
cloudflare
etag
W/"f1-5f4ce00811562"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wAGoCQNrbHCgRRSpJMNxybV3nm0wO8C9fnqQZM7OpjLnswWQ4govwr0nSlspCDIt5g9M5gIMGnQ2xnbrJVwGjtHalfn0gib49uL2BWGNMwyzORS9u9H0gbY9fi%2FUWHY4GwYzhZv3eNkGpYqYdUQ8sVreog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=7200
cf-ray
8647e30dfc595d6b-FRA
newsongroundcomdynamic.js
adxbid.info/ 		619 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/newsongroundcomdynamic.js
Requested by
Host: www.headerbidding.ai
URL: https://www.headerbidding.ai/publishers/clnt/U1196-W1589/hbmaster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:8a0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53f2d8a3da05ea51816017386af0c5b875d399dde6226fcfc419a641b23e33e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Jan 2024 13:01:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
930
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=my27cNeY3g9lIscmG1Isdc%2FGjpo%2BdUg5nEubNzksPXqJnnU7XrX8yvsp85mO4xqzMXdPI6nT%2FdsvPgQ4HETfbU7K%2Bg4QdiKPMTFhaNP3tQy%2BMzuR5Dq4Ut8PwH2PoyEwsii2HtyWZw5dbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
8647e30e383d1e52-FRA
alt-svc
h3=":443"; ma=86400
hb_313926_19004.js
player.adtcdn.com/prebidlink/475127/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/475127/hb_313926_19004.js
Requested by
Host: www.headerbidding.ai
URL: https://www.headerbidding.ai/publishers/clnt/U1196-W1589/hbmaster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
443ce18dfb9e4d7825690e34ba64ebaa15c7803f50a216fa63434c3d558e32ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 11 Mar 2024 17:50:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65ef4474-603"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9aUJNlQ9%2Bq1McXLVP%2BuCs%2BFg7%2F%2FqX%2FdMEg6gH0vRQibvLoLkirjbyZ9JXfi2aJmS392XPKmfUOjG5D4k0dV5f6qMfzAnmJWIqnSfoFFfjoBsXsD911VYPNvgxQQ2LhLwYdDNxCtmZNP5xR%2FgN3W0%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
8647e30e2d049745-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 14 Mar 2024 23:16:40 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		87 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.headerbidding.ai
URL: https://www.headerbidding.ai/publishers/clnt/U1196-W1589/hbmaster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ece5f476d0695f94958358884e3647d710ac53ec5652538125151600dd1c3239
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28722
x-xss-protection
0
server
cafe
etag
233 / 19796 / m202403130101 / config-hash: 16880888384843752549
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 14 Mar 2024 23:01:40 GMT
wrapper_hb_313926_19004.js
player.adtcdn.com/prebidlink/475127/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtcdn.com/prebidlink/475127/wrapper_hb_313926_19004.js
Requested by
Host: www.headerbidding.ai
URL: https://www.headerbidding.ai/publishers/clnt/U1196-W1589/hbmaster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b85142e5b0be2eed2d6dd9c66f4ebe2f8f4afe21a98e63082ae8cef2bc26551

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 11 Mar 2024 17:50:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65ef4474-9fa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P6lH4EMmdOrbQv6Bq0yZC8m35bs%2BA2QL1UmIRm1DKkNDQUIplLrZcfn3pNdFpvVH2oRvcE%2FCVNjoMN%2BFdqwVPtj0DoLHrzVYQQY0W2VHDj4xOTfVS%2BNo5V3GdnHGRH4mBH0Kcldp8mqWQ5kuAwfHdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
8647e30e2d069745-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 14 Mar 2024 23:16:40 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		298 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.headerbidding.ai
URL: https://www.headerbidding.ai/publishers/clnt/U1196-W1589/hbmaster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:10:06 GMT
content-encoding
gzip
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
last-modified
Wed, 06 Mar 2024 21:59:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
3095
etag
W/"4f9091ca1740c69dd8d2e945b57ade3e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
tJDL7bicXKa2UWkz7ING4Or95JNn_47jIsZUctcRQXg9oZt2dlTt2w==
js
googletagmanager.com/gtag/ 		282 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googletagmanager.com/gtag/js?id=G-8HQJX732BP
Requested by
Host: www.headerbidding.ai
URL: https://www.headerbidding.ai/publishers/clnt/U1196-W1589/hbmaster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
138b12dc273dd74e3dd4bc4ebc955beaa550afec6d608bdc72038dfa0f5532fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96362
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 14 Mar 2024 23:01:40 GMT
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a6573f3119e669f076691dace74b1c2587a7904c59c90bdd186c4587ead4ff0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff4c28c6e15096b5bebd8fea6b7b1f074d1a188a1d1e0a87c408e2eb51c826f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06f103f02541567819e6cf25058c64d7b7766aee8c05341bccc66acbd6ecbc44

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
828a8a9d76992a6d457e77d7f4d3ad1cfeee877a3d7311a204b69c22ee8d6846

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ac5e6349a09636b96921f71ef17c0f845e8fe9e6a45a04548741d9eb38373c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcbdb6e0815d03df2528134bf9064f49ed5075a6a0e225be2e78feef2f4b457c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee3738c9a1854a56b642db18a661c238e671a6c82534ec8907377eff8b36ec8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
normal.woff2
newsonground.com/cf-fonts/s/open-sans/5.0.20/latin/400/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/cf-fonts/s/open-sans/5.0.20/latin/400/normal.woff2
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94754b6ae2bc121b6350c0286e129d8198cde9418d3d1b75816dfcdb78dc459f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsonground.com/?e=1163290
Origin
https://newsonground.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
cf-ray
8647e30e1a793a6d-FRA
alt-svc
h3=":443"; ma=86400
content-length
18664
normal.woff2
newsonground.com/cf-fonts/s/roboto/5.0.11/latin/400/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/cf-fonts/s/roboto/5.0.11/latin/400/normal.woff2
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ce893c505f39dd4648a663903cc54acb53706282331c26552ed55ccef0c127f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsonground.com/?e=1163290
Origin
https://newsonground.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
cf-ray
8647e30e1a7b3a6d-FRA
alt-svc
h3=":443"; ma=86400
content-length
15744
normal.woff2
newsonground.com/cf-fonts/s/roboto/5.0.11/latin/500/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/cf-fonts/s/roboto/5.0.11/latin/500/normal.woff2
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bc37c98295b08006e612be6c569f3cec05d794c9baa73e80c80c1a65c66432f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsonground.com/?e=1163290
Origin
https://newsonground.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
cf-ray
8647e30e1a7c3a6d-FRA
alt-svc
h3=":443"; ma=86400
content-length
15920
normal.woff2
newsonground.com/cf-fonts/s/open-sans/5.0.20/latin/700/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/cf-fonts/s/open-sans/5.0.20/latin/700/normal.woff2
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c2b621ce9b8088ccfdba720f7e25f73213cf0373c4a7b85823047e771629a26
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsonground.com/?e=1163290
Origin
https://newsonground.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
cf-ray
8647e30e1a7d3a6d-FRA
alt-svc
h3=":443"; ma=86400
content-length
18232
normal.woff2
newsonground.com/cf-fonts/s/oswald/5.0.18/latin/400/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/cf-fonts/s/oswald/5.0.18/latin/400/normal.woff2
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f21c93f8b296879189ead0553a860a32571a9ba2621b3f1af1fc464cc7f518f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsonground.com/?e=1163290
Origin
https://newsonground.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
cf-ray
8647e30e1a7e3a6d-FRA
alt-svc
h3=":443"; ma=86400
content-length
12276
email-decode.min.js
newsonground.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Fri, 08 Mar 2024 17:53:27 GMT
server
cloudflare
content-encoding
gzip
etag
W/"65eb5097-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8647e30e4aae3a6d-FRA
expires
Sat, 16 Mar 2024 23:01:40 GMT
rocket-loader.min.js
newsonground.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Fri, 08 Mar 2024 17:53:27 GMT
server
cloudflare
content-encoding
gzip
etag
W/"65eb5097-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8647e30e4aaf3a6d-FRA
expires
Sat, 16 Mar 2024 23:01:40 GMT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=4905162506764288&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Mar 2024 23:01:40 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
113328
x-guploader-uploadid
ABPtcPqkn84ORkTHuFNCRUJTFlhYnkbeQ09QY1pcs7XDkBH8tEs4enE2ou-t0BzneIxmpIQS0CQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ul0RLIR2yysqc%2BWEc%2BnWi%2Bb6WxVHgZQ46oD17%2FlWJXW%2FxONVcO6cqlZHJ0O62wcNM1685evZCFEhLUmwjcg%2FGqkoQzjrZsaooOZbgRmjGCxBEl5rcoUDOiagnNFrRA6jGC61D%2BqRn4QbRyjGBg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8647e30e797f906d-FRA
expires
Wed, 13 Mar 2024 16:15:37 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 00:43:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80274
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Mar 2024 00:43:46 GMT
px.gif
ad-delivery.net/ 		43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.6257209075710313
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
113328
x-guploader-uploadid
ABPtcPqkn84ORkTHuFNCRUJTFlhYnkbeQ09QY1pcs7XDkBH8tEs4enE2ou-t0BzneIxmpIQS0CQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nde6%2F5%2B4n0A10OgMdc%2BcEbqnZkz4V%2BMaCDLRpi8%2FGHATprTqDX9Az46kSaQWIdtqIAmFnikYuZyfpEjQflLP%2FOxrFuct%2BYT8cUwxg1V%2FJGR4erP98GGER1gQP6YI8yVjynpvqI2aBMMLSEWK3A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8647e30e7980906d-FRA
expires
Wed, 13 Mar 2024 16:15:37 GMT
9f69069e-7132-4170-a8f2-2b572c005f5b
config.aps.amazon-adsystem.com/configs/ 		563 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/9f69069e-7132-4170-a8f2-2b572c005f5b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-101.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
ab35a89b7c1df4b00ab44f40262f87f2b5f21a70708cd6b8e8cd8e8ca9302674

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:38:52 GMT
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-P3
age
1368
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
PMcxyUGdMV0BE0b9uKJ_MdkCbJ5XZ4jUBbb1zh4dCIO1iuLAHM-iUg==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnewsonground.com&pubid=9f69069e-7132-4170-a8f2-2b572c005f5b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
Server /
Resource Hash
fb0a3c2974c3a23ee379da795ceeb0d9cef85a64bacc4838268586a7681ffa53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:39 GMT
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://newsonground.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2198
x-amz-cf-id
tI0OgQmQitJ7i0m7d-GWD-jAvvo86X6G8F0AUtjrAy6yXFaHXt0VYg==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290&pid=FfKOovncnoXgu&cb=0&ws=1600x1200&v=24.305.1002&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1600080000001-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22320x480%22%2C%22480x320%22%5D%2C%22sn%22%3A%22%2F22787071134%2Fu1196-w1589__newsonground.com_HBai_1_Popup_Banner%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1600080000002-0%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x100%22%2C%22320x50%22%2C%22300x100%22%5D%2C%22sn%22%3A%22%2F22787071134%2Fu1196-w1589__newsonground.com_HBai_2_Anchor_Bottom%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1600080000003-0%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x100%22%2C%22320x50%22%2C%22300x100%22%5D%2C%22sn%22%3A%22%2F22787071134%2Fu1196-w1589__newsonground.com_HBai_3_Anchor_Top%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1600080000004-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F22787071134%2Fu1196-w1589__newsonground.com_HBai_4_Ancor_Left%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1600080000005-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F22787071134%2Fu1196-w1589__newsonground.com_HBai_5_Anchor_Right%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1600080000006-0%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22300x250%22%2C%22336x280%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22787071134%2Fu1196-w1589__newsonground.com_HBai_6_Billboard_1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1600080000007-0%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22300x250%22%2C%22336x280%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22787071134%2Fu1196-w1589__newsonground.com_HBai_7_Billboard_2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1600080000008-0%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22300x250%22%2C%22336x280%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22787071134%2Fu1196-w1589__newsonground.com_HBai_8_Billboard_3%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1600080000009-0%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x100%22%2C%22300x100%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F22787071134%2Fu1196-w1589__newsonground.com_HBai_9_Leaderboard_1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1600080000010-0%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x100%22%2C%22300x100%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F22787071134%2Fu1196-w1589__newsonground.com_HBai_10_Leaderboard_2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1600080000011-0%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22320x100%22%2C%22300x100%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F22787071134%2Fu1196-w1589__newsonground.com_HBai_11_Leaderboard_3%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1600080000012-0%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F22787071134%2Fu1196-w1589__newsonground.com_HBai_12_Square_1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1600080000013-0%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F22787071134%2Fu1196-w1589__newsonground.com_HBai_13_Square_2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1600080000014-0%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F22787071134%2Fu1196-w1589__newsonground.com_HBai_14_Square_3%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1600080000015-0%22%2C%22s%22%3A%5B%22120x600%22%2C%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F22787071134%2Fu1196-w1589__newsonground.com_HBai_15_Vertical_1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1600080000016-0%22%2C%22s%22%3A%5B%22120x600%22%2C%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F22787071134%2Fu1196-w1589__newsonground.com_HBai_16_Vertical_2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1600080000017-0%22%2C%22s%22%3A%5B%22120x600%22%2C%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F22787071134%2Fu1196-w1589__newsonground.com_HBai_17_Vertical_3%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1600080000018-0%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x100%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F22787071134%2Fu1196-w1589__newsonground.com_HBai_18_InImage%22%7D%5D&pubid=9f69069e-7132-4170-a8f2-2b572c005f5b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.162.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-162-18.muc50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:39 GMT
via
1.1 08cfbbb6f1b1bf4bc1e8ab1a071b4154.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://newsonground.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
oBDL2y-pp82dqoKY-QzogSKqPwEH2fLUEoRT6jCH1hoTo-zPp2nxQw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
date
Thu, 14 Mar 2024 08:43:33 GMT
x-amz-cf-pop
FRA56-P6
age
51488
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
5J1xdVaQUa-uDa_DFZ2Vg9joprlmYvolpV4VcTIfiSwGlpxlYdtIfQ==
1615d.js
newsonground.com/wp-content/cache/minify/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/wp-content/cache/minify/1615d.js
Requested by
Host: newsonground.com
URL: https://newsonground.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3590a50189b749c071460b4b98b86d4231f3fe83c3bac6b8d35f0bcee14e1aec
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
67058
cf-polished
origSize=6275
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Sun, 28 Jan 2024 03:17:20 GMT
server
cloudflare
etag
W/"934-60ff8f799de3b"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8647e30efb563a6d-FRA
expires
Mon, 27 Jan 2025 04:03:58 GMT
88985.js
newsonground.com/wp-content/cache/minify/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/wp-content/cache/minify/88985.js
Requested by
Host: newsonground.com
URL: https://newsonground.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
657cdb31ec053f38927ee938a7342a691e10351b3747f1cab5a1eb511f46ebe1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
100792
cf-polished
origSize=44296
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Sun, 28 Jan 2024 03:20:21 GMT
server
cloudflare
etag
W/"2ed8-60ff9025d0f7b"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8647e30efb573a6d-FRA
expires
Mon, 27 Jan 2025 04:05:33 GMT
sticky
delivery.r2b2.io/get/newsonground.com/generic/ 		161 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.r2b2.io/get/newsonground.com/generic/sticky
Requested by
Host: newsonground.com
URL: https://newsonground.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
45093f4ff6f20b1b6218b651f92d2262630135de13e940a641719be36e7a6b50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
gzip
adt-version
6.91.0
x-77-cache
HIT
x-cache
EXPIRED
x-age
1683
x-accel-date
1710455617
content-length
13159
x-77-nzt
EgwBnJIhiwGzkwYAAAwBnJIhHwH33gAAAA
x-accel-expires
@1710458878
adt-powered-by
slim
x-77-age
1905
last-modified
Thu, 14 Mar 2024 22:57:57 GMT
server
CDN77-Turbo
adt-server
webgarden-track-www1
x-77-nzt-ray
cf878727e1f2dcf1d481f365a44d1a15
content-type
text/javascript; charset=utf-8
cache-control
public, s-maxage=1800
accept-ranges
bytes
headerbid.js
served-by.pixfuture.com/www/delivery/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by
Host: newsonground.com
URL: https://newsonground.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
5b414a201d433a80079bb11f4efacae1f09b93d28cd3540a543e5c4036626898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
last-modified
Thu, 14 Mar 2024 14:33:43 GMT
accept-ranges
bytes
content-length
3009
content-type
text/javascript; charset=utf-8
js
www.googletagmanager.com/gtag/ 		252 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GG9P2R3KTR
Requested by
Host: newsonground.com
URL: https://newsonground.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
73db4486b4b8f9dbd2abd22fa52eaa75e165f93e1d7f91b78fa9238b318a6136
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89594
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 14 Mar 2024 23:01:40 GMT
e64d0.js
newsonground.com/wp-content/cache/minify/ 		119 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/wp-content/cache/minify/e64d0.js
Requested by
Host: newsonground.com
URL: https://newsonground.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
d44263bb136551ebdd0fc944290519f570f187e69f802e344a8b806bfab181d5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
101511
cf-polished
origSize=122465
x-powered-by
PHP/7.4.33
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Wed, 08 Nov 2023 14:05:04 GMT
server
cloudflare
etag
W/"pub1699452304;gz"
vary
Accept-Encoding,X-Forwarded-Proto
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8647e30efb583a6d-FRA
expires
Fri, 07 Feb 2025 17:10:52 GMT
main.js
newsonground.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/ Frame 6561
Redirect Chain
  • https://newsonground.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://newsonground.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H3
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a99d3c1d28dffd8910b689cc388a4892bd7ad066ee0c58915ff3a605a71076c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8647e30f2b7f3a6d-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
8647e30f0b613a6d-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 14 Mar 2024 23:16:40 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-46.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff15ac47504bb557006756aaba7dc0eadcf935f9633390f379405085d9f85de8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 01:34:08 GMT
content-encoding
gzip
via
1.1 d34e2629ef96cca4a5e6c92c061c82b4.cloudfront.net (CloudFront)
last-modified
Wed, 14 Feb 2024 17:39:34 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
80412
x-amz-server-side-encryption
AES256
etag
W/"0f107a0e7753aa69cd07ded21852408c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
ZqhjX0tMGGWor9kgKnxkjslZ8InCRSY_bOoSU9f1NsK53FjbZXXDAw==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290&ref=&_it=amazon&partner_id=568
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ddd96839c08e8cbdd3b1f56569b6d4770021731534b98dd17dec8526bb0d151

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Mar 2024 15:57:22 GMT
server
cloudflare
x-amz-request-id
GPA71GZPJYF3GMCR
age
5310
etag
W/"4f8d7eccb8b77bff110a91871ebadcc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8647e30feea7bba7-FRA
x-amz-id-2
wVIO1wrs31x1jKRIz3dKPn3IKJaxmFZdB4TaOgRyJwNYeBol3+8I/Y1HD2dEOHBU8sCH74De62g=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		91 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3a68fbdfba5a57a68f0041c669c3ce080b1bc7178133518bfc79accd68eb054
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 29 Feb 2024 12:45:12 GMT
server
cloudflare
x-amz-request-id
SH6QM3A184TWDAMR
age
1696
etag
W/"a6dbc54d2082e9b3a0fa778f082e665d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8647e30fee4b39c2-FRA
x-amz-id-2
28GJsYg9nlHlVGwCT9NHkDhqloPam9Abw+Tnje43KkY139h6FP4z1k3IcGpE8rQcU2H4SLCqJHQ=
hbw_master_313926_19004.js
player.adtelligent.com/prebidlink/sRu7W/ 		171 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/sRu7W/hbw_master_313926_19004.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/475127/wrapper_hb_313926_19004.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
600826abda80faa7b07ed3143fae1d269e630160088860b4cfa6b266dc0d33db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Fri, 15 Mar 2024 23:01:40 GMT
date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 17:50:44 GMT
server
nginx
etag
W/"65ef4474-2aa4a"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/ 		433 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d76947c8cf14073f1ddd3d2243a869413b89c0e0fa1aaa9382c5526391ffc63a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 22:34:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
1653
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139511
x-xss-protection
0
server
cafe
etag
4094789103652271715
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 14 Mar 2025 22:34:07 GMT
hbp_master_313926_19004.js
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ 		431 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_313926_19004.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/475127/hb_313926_19004.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
47874dd2d6ffb15ac863d4c8187e5681e09dca3b08dff50cefe7856cbee26814

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Fri, 15 Mar 2024 23:01:40 GMT
date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2024 21:07:11 GMT
server
nginx
etag
W/"65e7897f-6bb9a"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
8647e3098ab38fe0
newsonground.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 6561 		0
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/cdn-cgi/challenge-platform/h/b/jsd/r/8647e3098ab38fe0
Requested by
Host: newsonground.com
URL: https://newsonground.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
8647e3101c473a6d-FRA
alt-svc
h3=":443"; ma=86400
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8HQJX732BP&gtm=45je43d0v9172174638za200&_p=1710457300156&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1689605568.1710457301&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710457300&sct=1&seg=0&dl=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290&dt=Newsonground.com%20Home%20of%20Breaking%20News%20%7C%20World%20News%20%7C%20Politics%20%26%20Much%20More%20%E2%80%93%20Dont%20miss%20an%20update%20from%20us&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1115
Requested by
Host: googletagmanager.com
URL: https://googletagmanager.com/gtag/js?id=G-8HQJX732BP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsonground.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sc
sghb.adtelligent.com/hb/ 		363 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.adtelligent.com/hb/sc?site=19004&pubid=313926&full_page_url=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290&top_domain=newsonground.com
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/sRu7W/hbw_master_313926_19004.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.132.249.188 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.188.249.132.142.clients.your-server.de
Software
Adtelligent /
Resource Hash
4b7e26cc8b26cfc43cfa0c52a57680351ef3aecbc3ca10fc9a1a3a0aed4eaae5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 23:01:40 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://newsonground.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
306
/
sghb.adtelligent.com/geo/ 		165 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.adtelligent.com/geo/
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/sRu7W/hbw_master_313926_19004.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.132.249.188 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.188.249.132.142.clients.your-server.de
Software
Adtelligent /
Resource Hash
001d82d6878c9dc612433abf6d39debd4fd84d7dff6a3f660e50f5c369dff220

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 23:01:40 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://newsonground.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
165
tracking
sghb.adtelligent.com/adunit/ 		43 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=313926&site_id=19004&full_page_url=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290&adid=ru43sa.fz&features=81952&vpbv=m235&tte=390&lifecycle_tte=1139
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/sRu7W/hbw_master_313926_19004.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.132.249.188 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.188.249.132.142.clients.your-server.de
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 23:01:40 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://newsonground.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
map
bcp.crwdcntrl.net/6/ 		60 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.235.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-235-9.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
1effcae83252aa11eed3c626e9a1d0358324214b277eb9b6aa0a135b1bfe9641

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:40 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://newsonground.com
cache-control
no-cache
x-server
10.45.25.76
access-control-allow-credentials
true
content-length
60
expires
0
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=568&sync=0&domain=newsonground.com&url=https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://newsonground.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
8647e310ae591e10-FRA
content-length
0
content-type
application/json
date
Thu, 14 Mar 2024 23:01:40 GMT
debug
OPTIONS block
expires
Fri, 14 Mar 2025 23:01:40 GMT
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/ 		101 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=568&sync=0&domain=newsonground.com&url=https://newsonground.com/?e=1163290
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290&ref=&_it=amazon&partner_id=568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5787c42f269fa3c7310d98a5811bee2832d143351be48c39752aa6db6baf4f9

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
8647e3114ed01e10-FRA
config.json
player.adtelligent.com/exchange_rates/313925/ 		9 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/313925/config.json?cb=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_313926_19004.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e40252109073e433db301361684f678960b837d093e98d2809c8bef7366ee02d

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
text/plain

Response headers

expires
Fri, 15 Mar 2024 23:01:40 GMT
date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
gzip
last-modified
Thu, 14 Mar 2024 12:01:41 GMT
server
nginx
etag
W/"65f2e725-225a"
content-type
application/json
access-control-allow-origin
https://newsonground.com
cache-control
max-age=86400
x-proxy-cache
HIT
js
www.googletagmanager.com/gtag/ 		252 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GG9P2R3KTR&l=dataLayer&cx=c
Requested by
Host: googletagmanager.com
URL: https://googletagmanager.com/gtag/js?id=G-8HQJX732BP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ad31ce26160ef7fc6ff74ccf4152bc134e96a664c5c46b79c0d8e2e51299b58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89451
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 14 Mar 2024 23:01:40 GMT
36a41c03-fb45-4a10-b7e2-545e63dfed0a
https://newsonground.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://newsonground.com/36a41c03-fb45-4a10-b7e2-545e63dfed0a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
bundle.483557f28266f76657e0.js
delivery.r2b2.io/js/6.91.0/online/public/ 		637 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/get/newsonground.com/generic/sticky
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2cd888067948f15a38f6df5da6ae1a8b522a27048afeb650da29f70d734e8303

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
gzip
x-77-cache
HIT
x-cache
HIT
x-age
4039
x-accel-date
1710453261
x-77-nzt
EgwBnJIhiwH3xw8AAAwBisclwQH3IQAAAA
x-accel-expires
@1710464059
x-77-age
4072
last-modified
Tue, 12 Mar 2024 09:37:26 GMT
server
CDN77-Turbo
etag
W/"65f02256-9f59d"
x-77-nzt-ray
cf878727e1f2dcf1d481f365f1f66422
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=10800, public
x-lb-cache
HIT
expires
Tue, 12 Mar 2024 12:53:58 GMT
main.js
newsonground.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/ Frame 6561
Redirect Chain
  • https://newsonground.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://newsonground.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
Protocol
H3
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4a4025195c23d12050cbefdc78e5301a1723ada35de66d8ae3a2c9eb7fcc8e2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8647e310ccdd3a6d-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
cache-control
max-age=300, public
cf-ray
8647e310acb23a6d-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
newsaa.png
newsonground.com/wp-content/uploads/2022/08/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonground.com/wp-content/uploads/2022/08/newsaa.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5deb10419661d129fc5b9ad27f40f94c5972051a7515d6156ad1dbfd3d3d445
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
99468
cf-polished
origSize=9621, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
6944
pragma
public
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:85,h2pri
last-modified
Sat, 06 Aug 2022 04:23:19 GMT
server
cloudflare
etag
"2595-5e58af1477de1"
vary
X-Forwarded-Proto,Accept-Encoding,Accept
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8647e310bcc13a6d-FRA
expires
Mon, 27 Jan 2025 04:03:59 GMT
free-prepaid-debit-card-690x500.jpg
newsonground.com/wp-content/uploads/2024/03/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonground.com/wp-content/uploads/2024/03/free-prepaid-debit-card-690x500.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07cdbe6f28ed03aa059f8a90a26978387feaee023e602ca4f6631038dc2ed495
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
28114
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Mar 2024 07:15:23 GMT
server
cloudflare
etag
"6dd2-613493044f982"
vary
Accept,X-Forwarded-Proto,Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8647e310bcc33a6d-FRA
expires
Mon, 10 Mar 2025 09:53:08 GMT
download-2.png
newsonground.com/wp-content/uploads/2024/03/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonground.com/wp-content/uploads/2024/03/download-2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1fa761e28c9d658cfaaca7836bbda15b02ef7366cfe27786f0e04e743bff072
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
111432
alt-svc
h3=":443"; ma=86400
content-length
10702
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 09 Mar 2024 13:41:15 GMT
server
cloudflare
etag
"29ce-6133a766711fa"
vary
Accept,X-Forwarded-Proto,Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8647e310bcc43a6d-FRA
expires
Sun, 09 Mar 2025 13:43:51 GMT
two-women-discussing-contract-690x500.jpeg
newsonground.com/wp-content/uploads/2024/03/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonground.com/wp-content/uploads/2024/03/two-women-discussing-contract-690x500.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14fcc14dc44eca072015455540f819b759b4b31261fa44d22b1692077652cf0f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
31552
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 03 Mar 2024 05:58:52 GMT
server
cloudflare
etag
"7b40-612bb4dbb4af4"
vary
Accept,X-Forwarded-Proto,Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8647e310bcc53a6d-FRA
expires
Mon, 03 Mar 2025 06:18:53 GMT
TD-Bank-Routing-Number-1-690x500.jpg
newsonground.com/wp-content/uploads/2024/03/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonground.com/wp-content/uploads/2024/03/TD-Bank-Routing-Number-1-690x500.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d635aebf7a23e5f2c66ca046a9f1f5797058912b09c589d4d4f331cb193cf3d7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
degrade=85, origSize=49253, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
46386
pragma
public
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Mar 2024 15:41:43 GMT
server
cloudflare
etag
"c065-6129b36773a0c"
vary
X-Forwarded-Proto,Accept-Encoding,Accept
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8647e310bcc63a6d-FRA
expires
Sat, 01 Mar 2025 15:50:10 GMT
central-bank-690x344.png
newsonground.com/wp-content/uploads/2024/02/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonground.com/wp-content/uploads/2024/02/central-bank-690x344.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1fffa26f534f1897a663d2174d81ecb4325980157d61e4019f061f750b11e42
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
34126
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Feb 2024 16:38:22 GMT
server
cloudflare
etag
"854e-61287e33954bb"
vary
Accept,X-Forwarded-Proto,Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8647e310bcc73a6d-FRA
expires
Fri, 14 Mar 2025 04:50:57 GMT
technology-top10-febw1-690x500.jpg
newsonground.com/wp-content/uploads/2024/02/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsonground.com/wp-content/uploads/2024/02/technology-top10-febw1-690x500.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc24ae6c705bad097f6862c3a1b5ba6629ae0d985c70d548388c615a5c083610
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
100791
alt-svc
h3=":443"; ma=86400
content-length
25208
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 25 Feb 2024 13:14:04 GMT
server
cloudflare
etag
"6278-61234913632ce"
vary
Accept,X-Forwarded-Proto,Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8647e310bcc83a6d-FRA
expires
Mon, 24 Feb 2025 13:27:20 GMT
wp-emoji-release.min.js
newsonground.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
91448
alt-svc
h3=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 30 Mar 2023 04:05:06 GMT
server
cloudflare
etag
W/"4904-5f81632a52310-gzip"
vary
X-Forwarded-Proto,Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8647e310bcd33a6d-FRA
expires
Thu, 30 Jan 2025 14:06:23 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GG9P2R3KTR&gtm=45je43d0v892088146za200&_p=1710457300156&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1689605568.1710457301&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710457300&sct=1&seg=0&dl=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290&dt=Newsonground.com%20Home%20of%20Breaking%20News%20%7C%20World%20News%20%7C%20Politics%20%26%20Much%20More%20%E2%80%93%20Dont%20miss%20an%20update%20from%20us&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1210
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG9P2R3KTR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsonground.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/158361/3614/ 		260 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/158361/3614/pwt.js
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d5e62fff7eaf370fbed188432f6ea7cfb63ca0ee68a91a7ee86c8befc180c77b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
gzip
last-modified
Tue, 17 Oct 2023 13:19:47 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=80094
accept-ranges
bytes
content-length
90697
expires
Fri, 15 Mar 2024 21:16:34 GMT
publishertag.standalone.js
static.criteo.net/js/ld/ 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.standalone.js
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0016339d11c8eb0fb4a8368677d1676bd8055339586714ccd64d8e3da5a7ee98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type
application/javascript

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 27 Feb 2024 07:13:11 GMT
server
nginx
etag
W/"65dd8b87-1836c"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Mar 2024 23:01:40 GMT
pixel.gif
static.criteo.net/images/ 		43 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 09 Mar 2025 23:01:40 GMT
hb_v2.js
cdn.pixfuture.com/ 		55 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/hb_v2.js
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
770a54089cdf274e28d209686be3d02b5e97f17d553d01e0ed9869eb34a446ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30028
cf-bgj
minify
last-modified
Wed, 28 Feb 2024 12:53:35 GMT
server
cloudflare
etag
W/"65df2ccf-daca"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PlQkob3WYsJezOwebOB2vYa6QeW2%2FGaIoXWqW2eMBEXfKnZwawMLRLePpTo8feym0i9PeG3LY9EIbAr3vLn6p9Po1vHLb4LEhbUwmoezP2M9XDAcK3GbiGWp3P%2BJErH2Y7yYqSXo7ndlp1ZCj9SU"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
8647e3119fd69a2d-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 16 Mar 2024 14:41:08 GMT
publishertag.standalone.js
static.criteo.net/js/ld/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.standalone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://newsonground.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=86400
date
Thu, 14 Mar 2024 23:01:40 GMT
expires
Fri, 15 Mar 2024 23:01:40 GMT
server
nginx
strict-transport-security
max-age=31536000; preload;
8647e3098ab38fe0
newsonground.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 6561 		0
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/cdn-cgi/challenge-platform/h/b/jsd/r/8647e3098ab38fe0
Requested by
Host: newsonground.com
URL: https://newsonground.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
8647e311bd8d3a6d-FRA
alt-svc
h3=":443"; ma=86400
prebid
mp.4dex.io/ 		66 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9a593b2e053503a82ef0205edd928d632bbc1dc35c449e4e65d2d011b6482b0

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 14 Mar 2024 23:01:40 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Parsing the Prebid Request. files_bypassed
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsonground.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8647e3122d568ed0-FRA
expires
0
openrtb
adx.adform.net/adx/ 		0
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://newsonground.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ 		186 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
087fd704845c8c20987816e2e6747f5c1b4f777fbc24977bb3004a90352dc78f

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://newsonground.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
dsh
hb.adscale.de/ 		11 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.adscale.de/dsh
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.210.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-210-113.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
gzip
vary
origin
content-type
text/plain
access-control-allow-origin
https://newsonground.com
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
none
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=445636&zone_id=2573666&size_id=2&alt_size_ids=&p_pos=atf&rf=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290&p_screen_res=1600x1200&rp_floor=2.01992&rp_secure=1&slots=1&rand=0.19276390017488976&rp_schain=1.0%2C1!r2b2.cz%2C361%2C1%2C%2C%2C
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
08d3624a1d618a77260d63e977496d7258c589d04933c519f5feb7ebeca88db3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:40 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://newsonground.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
240
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ 		186 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
087fd704845c8c20987816e2e6747f5c1b4f777fbc24977bb3004a90352dc78f

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://newsonground.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://newsonground.com
date
Thu, 14 Mar 2024 23:01:40 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid-request
onetag-sys.com/ 		15 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://newsonground.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
c
prebid.a-mo.net/a/ 		0
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://newsonground.com
date
Thu, 14 Mar 2024 23:01:40 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://newsonground.com
date
Thu, 14 Mar 2024 23:01:40 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
ROS
pbjs.e-planning.net/hb/1/76d41/1/newsonground.com/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/76d41/1/newsonground.com/ROS?rnd=0.7221132451162815&e=942357%3A300x250%2C728x90%2C970x90%7C1.5149400000000002&ur=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290&p...
  • https://pbjs.e-planning.net/hb/1/76d41/1/newsonground.com/ROS?ct=1&r=pbjs&rnd=0.7221132451162815&e=942357%3A300x250%2C728x90%2C970x90%7C1.5149400000000002&ur=https%3A%2F%2Fnewsonground.com%2F%3Fe%3...
290 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/76d41/1/newsonground.com/ROS?ct=1&r=pbjs&rnd=0.7221132451162815&e=942357%3A300x250%2C728x90%2C970x90%7C1.5149400000000002&ur=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290&pbv=8.18.0&ncb=1&vs=F&crs=UTF-8
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b0a82cefc2e16ab918013c1b64e1929557afb6c695df6a9ca76018f268f45590

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Thu, 14 Mar 2024 23:01:40 GMT
date
Thu, 14 Mar 2024 23:01:40 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://newsonground.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
290
x-sid
AMS-912

Redirect headers

date
Thu, 14 Mar 2024 23:01:40 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://newsonground.com
location
/hb/1/76d41/1/newsonground.com/ROS?ct=1&r=pbjs&rnd=0.7221132451162815&e=942357%3A300x250%2C728x90%2C970x90%7C1.5149400000000002&ur=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290&pbv=8.18.0&ncb=1&vs=F&crs=UTF-8
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-912
syncframe
gum.criteo.com/ Frame ED6D 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=newsonground.com
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 14 Mar 2024 23:01:40 GMT
server
Kestrel
server-processing-duration-in-ticks
362702
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
cdb
bidder.criteo.com/ 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=151&profileId=184&cb=37085607074
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://newsonground.com
date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
cdb
bidder.criteo.com/ 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=151&profileId=184&cb=2929492703
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://newsonground.com
date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
568
a.ad.gt/api/v1/u/matches/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/568?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290&ref=&_it=amazon&partner_id=568
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e2ed1a62a0b51ba31d131cb4c62aea162a845f1cf4a213ca7e041bdd9bab7f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 14 Mar 2024 22:57:47 GMT
server
cloudflare
age
230
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
8647e3125b83381a-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5eced3537b5efc44d2bff1bf79e7f6c8c03588d3c66a55433a43171b48464bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28719
x-xss-protection
0
server
cafe
etag
426 / 19796 / m202403130101 / config-hash: 16880888384843752549
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 14 Mar 2024 23:01:40 GMT
pbix.js
cdn.pixfuture.com/ 		396 KB
397 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pbix.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e4196faa28def3b310eed8c11827e29b55f9f3d2bfdd31d3d72669fea7f8c92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30028
cf-polished
origSize=406706
cf-bgj
minify
last-modified
Thu, 19 Jan 2023 19:53:47 GMT
server
cloudflare
etag
W/"63c99fcb-634b2"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TmtvpgMY6d4cenrfq86E1LyAFwv4fwxYrOKmXuXSlKHD%2B7BYxvqqVRycmwfWYVoWH8BKnUnJiQExSuzYG1C76OqaoL7lCigEGY1AB8C9%2FG0JZIGqoRg9HImy%2FVUKPAbUtG0zJTSusFj7maTIOBw4"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
8647e31218259a2d-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 16 Mar 2024 14:41:08 GMT
pixf_sync.html
cdn.pixfuture.com/ Frame DB64 		924 B
896 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pixf_sync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fac75cb8dcdc5caa1e7a3e3a949d5035abc5e9f9f282b5cb3acdfa0ded93f303

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8647e31228269a2d-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Mar 2024 23:01:40 GMT
last-modified
Wed, 07 Dec 2022 20:04:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fCFxdf7TJieYVFi0cmDL4RVZySh2Lc5dGFY13Tziy%2FbvOmLEU4J0iMokAyj%2Fp3RW4kNe%2BrcVbr0KedrMtQaCqUWiGDtc2aA%2FKRzgVste9nslCv%2BXtFdV24Tvxj4PVrqEwV9oGAulHP2v4XTQttg4"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
r.js
aa.agkn.com/adscores/ 		0
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.21.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-21-34.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:40 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
0
expires
0
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=38852x728x90x6721x_ADSLOT1&keywords=newsongroundcom,home,breaking,news,world,news,politics,much,dont,miss,update,us&refUrl=&refresh=false&innerWidth=1600&cb=1710457300817
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
59332fc69de0211b772267b7b42159ead3944390673f67f0a9cfd8ea84b303ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:41 GMT
transfer-encoding
chunked
content-type
application/json
access-control-allow-origin
https://newsonground.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Pragma,Access-Control-Max-Age,Expires,Vary,Cache-Control,Access-Control-Allow-Origin
expires
0
sid
mug.criteo.com/ Frame ED6D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=newsonground.com&sn=ChromeSyncframe&so=0&topUrl=newsonground.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=KleSvXxpVjNTaHRFMkN4cHVLVk5SZWpPSkJlYzhoZWFWb2dyL2VPVHE5SW9QL0p0Wi9IZHVNemt3RWFFSkRsbnd5SkpFWVl1Yzk4cjFyZlRBV3VrRmVNUW5ZOEJNSnBFYXlwSE81cWdsVmdoWnh0ejE0bURhSlBPaHZMdF...
473 B
677 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=KleSvXxpVjNTaHRFMkN4cHVLVk5SZWpPSkJlYzhoZWFWb2dyL2VPVHE5SW9QL0p0Wi9IZHVNemt3RWFFSkRsbnd5SkpFWVl1Yzk4cjFyZlRBV3VrRmVNUW5ZOEJNSnBFYXlwSE81cWdsVmdoWnh0ejE0bURhSlBPaHZMdFRZcUNlYWdmZGJjZFQxSzExNUhtWGxPbHNvYlZUUmRuUmViTi9HZGxpdjQxN0QrbHRWZE5ZZHZ1RThSY3N3N3lBWHdWaUoxWXdEMjh5aEJjQU40MVNLdzlzK3hNQUExdTl1YzMvcGZnT2pzT0Zmemx2NEdqcjFldVJ2b09RTWw4MjlGU1BId2Zlbjkrd3ZHR1hmbkYxck0xZTZoeldMdTg1bk0rNE4rbVJhREptWE1mbkF2RT18&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ac07b1109863a561069f6d346b7914a051ecd40baa9a51cbd67c25ebd95b7bb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1114232
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=KleSvXxpVjNTaHRFMkN4cHVLVk5SZWpPSkJlYzhoZWFWb2dyL2VPVHE5SW9QL0p0Wi9IZHVNemt3RWFFSkRsbnd5SkpFWVl1Yzk4cjFyZlRBV3VrRmVNUW5ZOEJNSnBFYXlwSE81cWdsVmdoWnh0ejE0bURhSlBPaHZMdFRZcUNlYWdmZGJjZFQxSzExNUhtWGxPbHNvYlZUUmRuUmViTi9HZGxpdjQxN0QrbHRWZE5ZZHZ1RThSY3N3N3lBWHdWaUoxWXdEMjh5aEJjQU40MVNLdzlzK3hNQUExdTl1YzMvcGZnT2pzT0Zmemx2NEdqcjFldVJ2b09RTWw4MjlGU1BId2Zlbjkrd3ZHR1hmbkYxck0xZTZoeldMdTg1bk0rNE4rbVJhREptWE1mbkF2RT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
259737
content-length
0
expires
0
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 09 Mar 2025 23:01:40 GMT
events
bidder.criteo.com/csm/ 		0
194 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://newsonground.com
date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 09 Mar 2025 23:01:40 GMT
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 09 Mar 2025 23:01:40 GMT
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 09 Mar 2025 23:01:40 GMT
events
bidder.criteo.com/csm/ 		0
194 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://newsonground.com
date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
img
data.ad-score.com/
Redirect Chain
  • https://ads102.adtelligent.com/tracking/scoring?site_id=19004&client_id=313926&event=ok&system=1&rbb=aHR0cHM6Ly9kYXRhLmFkLXNjb3JlLmNvbS9pbWc%2FcGlkPTEwMDAxNTImdGlkPVZpZGVvX090aGVyJmwxPTMxMzkyNiZsMj...
  • https://data.ad-score.com/img?pid=1000152&tid=Video_Other&l1=313926&l2=19004&l3={adid}&l4=https://newsonground.com/?e=1163290&uip={ip}&pub_app=newsonground.com
35 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.ad-score.com/img?pid=1000152&tid=Video_Other&l1=313926&l2=19004&l3={adid}&l4=https://newsonground.com/?e=1163290&uip={ip}&pub_app=newsonground.com
Protocol
HTTP/1.1
Server
130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 23:01:41 GMT
Last-Modified
Thu, 14 Mar 2024 23:01:41 UTC
Age
0
Access-Control-Allow-Methods
GET,POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
35
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 14 Mar 2024 23:01:40 GMT
Server
Adtelligent
Location
https://data.ad-score.com/img?pid=1000152&tid=Video_Other&l1=313926&l2=19004&l3={adid}&l4=https://newsonground.com/?e=1163290&uip={ip}&pub_app=newsonground.com
Access-Control-Allow-Origin
https://newsonground.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
0
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ Frame DB64 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pixf_sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://cdn.pixfuture.com/
Origin
https://cdn.pixfuture.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:41 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8647e31308fa6adc-FRA
rum
cdn.pixfuture.com/cdn-cgi/ Frame DB64 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cdn.pixfuture.com/pixf_sync.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
application/json

Response headers

date
Thu, 14 Mar 2024 23:01:41 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://cdn.pixfuture.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8647e31358ee9a2d-FRA
v1
prg.smartadserver.com/prebid/ 		186 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
087fd704845c8c20987816e2e6747f5c1b4f777fbc24977bb3004a90352dc78f

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://newsonground.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=151&profileId=184&cb=95793039129
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0103ac22d0587a03114bb9f798ac2406c0897faf78800be588f344ddad517c06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://newsonground.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
dsh
hb.adscale.de/ 		11 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.adscale.de/dsh
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.210.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-210-113.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 14 Mar 2024 23:01:41 GMT
content-encoding
gzip
vary
origin
content-type
text/plain
access-control-allow-origin
https://newsonground.com
cache-control
no-cache
access-control-allow-credentials
true
x-robots-tag
none
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21794&site_id=445636&zone_id=2573668&size_id=2&alt_size_ids=&p_pos=atf&rf=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6367066467013125&rp_schain=1.0%2C1!r2b2.cz%2C361%2C1%2C%2C%2C
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2f1a6ab818a89d9265fd9491a9659edacb9ef3120e3451c0023c056bcc2deff8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://newsonground.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
240
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=151&profileId=184&cb=40280444289
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
afc81c2497cf01c519b492f79fa451289d66f6430bf23dcb83ee052d72ece0f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://newsonground.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
v1
prg.smartadserver.com/prebid/ 		186 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
087fd704845c8c20987816e2e6747f5c1b4f777fbc24977bb3004a90352dc78f

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://newsonground.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		64 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c27414876349712983df81fb135ebf1c414976dde4a0e75d658e69f9dde06728

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 14 Mar 2024 23:01:41 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Parsing the Prebid Request. files_bypassed
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsonground.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8647e3140e928ed0-FRA
expires
0
prebid-request
onetag-sys.com/ 		15 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://newsonground.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
/
prebid.smilewanted.com/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 14 Mar 2024 23:01:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://newsonground.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8647e3144bad35f8-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://newsonground.com
date
Thu, 14 Mar 2024 23:01:41 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
c
prebid.a-mo.net/a/ 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://newsonground.com
date
Thu, 14 Mar 2024 23:01:40 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://newsonground.com
date
Thu, 14 Mar 2024 23:01:41 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
ROS
pbjs.e-planning.net/pbjs/1/76d41/1/newsonground.com/ 		302 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/76d41/1/newsonground.com/ROS?rnd=0.11464850906018009&e=942401%3A300x250%2C728x90%2C970x90%7C0&ur=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290&pbv=8.18.0&ncb=1&vs=F&crs=UTF-8
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
7ee1d49e7fb12e595ab42b7ec53e53585fac6b97fe567dbd57ffb2290c95778e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
Thu, 14 Mar 2024 23:01:41 GMT
date
Thu, 14 Mar 2024 23:01:41 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://newsonground.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
302
x-sid
AMS-912
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnewsonground.com%2F&domain=newsonground.com&bundle=QrRefF96VTRMaXRUdUZUbW9mbjVtOUFYZjI2dSUyRlB3SWNYOCUyQnF3akRQUDA3WFk3JTJCWnhIUTVTTCUyQmk4dHpkWW96OUw2dXdkMndpN0FaRnpyUnZqTU4yajdFd2dEcjJqTlVxckVTQ3hPR1NLUCUyQm16MUliTVZ2b1hoMktpY092VlB6JTJGUlFuMyUyRjhZaFhZUVBobVdWNnZmMHVoYWFrTzZZb3VkR0R1MlRmdHdwJTJCeFRvdTlzJTNE&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://newsonground.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://newsonground.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 14 Mar 2024 23:01:40 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
278152
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnewsonground.com%2F&domain=newsonground.com&bundle=QrRefF96VTRMaXRUdUZUbW9mbjVtOUFYZjI2dSUyRlB3SWNYOCUyQnF3akRQUDA3WFk3JTJCWnhIUTVTTCUyQmk4dHpkWW96OUw2dXdkMndpN0FaRnpyUnZqTU4yajdFd2dEcjJqTlVxckVTQ3hPR1NLUCUyQm16MUliTVZ2b1hoMktpY092VlB6JTJGUlFuMyUyRjhZaFhZUVBobVdWNnZmMHVoYWFrTzZZb3VkR0R1MlRmdHdwJTJCeFRvdTlzJTNE&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:41 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsonground.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
275787
expires
0
f
fid.agkn.com/ 		0
0
prebid
id5-sync.com/api/config/ 		135 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
140e17bdd8186191131c02a6da856adbda9a3d9b961f994407e67f4caeca48e5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://newsonground.com
date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
rid
match.adsrvr.org/track/ 		63 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=yoni5uv&fmt=json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
cd8f04b0a206c80d88b3fe9834bb978700075f9000ef74e93a8d1d3a8aa50343

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Mar 2024 23:01:41 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://newsonground.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 13 Apr 2024 23:01:41 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=27578847%2C27578847&remove=27578847&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578847%252C27578847%26remove%3D27578847%26t%3D1
0
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578847%252C27578847%26remove%3D27578847%26t%3D1
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:41 GMT
an-x-request-uuid
0ef6c578-6dab-433a-a84c-d5175547c3c1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.151; 185.213.155.151; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:41 GMT
an-x-request-uuid
71861e8c-66ba-45e5-b20b-a45702fc73ee
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578847%252C27578847%26remove%3D27578847%26t%3D1
x-proxy-origin
185.213.155.151; 185.213.155.151; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=27578926%2C27578926&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1
0
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:41 GMT
an-x-request-uuid
d713191a-7729-4371-9af1-a9a161e3fb85
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.151; 185.213.155.151; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:41 GMT
an-x-request-uuid
65fd5919-9369-43ae-ac69-49e13c21e753
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27578926%252C27578926%26t%3D1
x-proxy-origin
185.213.155.151; 185.213.155.151; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixels
ssp-sync.criteo.com/user-sync/ 		222 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
095d97ef59c4a4839d0a9e1b260d168e6350b57c424fcb8fa1a5b47c7b9a4a87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsonground.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
events
bidder.criteo.com/csm/ 		0
194 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://newsonground.com
date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixels
ssp-sync.criteo.com/user-sync/ 		13 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsonground.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
events
bidder.criteo.com/csm/ 		0
194 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://newsonground.com
date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
normal.woff2
newsonground.com/cf-fonts/s/open-sans/5.0.20/latin/600/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://newsonground.com/cf-fonts/s/open-sans/5.0.20/latin/600/normal.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be23afbd95a1daa6b901a8b3182370ff6cfb0d7dda0de9a06bbe16a312513cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsonground.com/?e=1163290
Origin
https://newsonground.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:41 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
cf-ray
8647e314a8763a6d-FRA
alt-svc
h3=":443"; ma=86400
content-length
18628
img
imageproxy.eu.criteo.net/img/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19891&q=80&r=0&u=https%3A%2F%2Fmedia.visable.com%2Fhttps%3A%2F%2Fd18yn9dcojt05d.cloudfront.net%2Fmedia%2Ffiles%2Fproduct%2F7%2F752%2Ffb%2F17%2F752fb175fef1d6bdece1f6c7700afbcda7caff402b9fa3dece91dfd260e74516.png%3Fw%3D240%26h%3D180&ups=1&v=3&w=400&rid=73&s=HczAFBV6X7_GL213P3Pm7Jhu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
efffa79371e746df6ebf227f1ad689910a80103c8af6cd60c37404d516e2eaf4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
34698
expires
Thu, 06 Mar 2025 07:17:22 GMT
img
imageproxy.eu.criteo.net/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19891&q=80&r=0&u=https%3A%2F%2Fmedia.visable.com%2Fhttps%3A%2F%2Fd18yn9dcojt05d.cloudfront.net%2Fmedia%2Ffiles%2Fproduct%2F6%2F613%2F58%2Ff3%2F61358f3f6320ef5ee07ac15791720785e7ba209e874ba8a4465c6e60ddcec0bc.jpg%3Fw%3D240%26h%3D180&ups=1&v=3&w=400&rid=73&s=lUhqVKD_x7kwAuBB3vHG21Pz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4df0ead6bde7e3d5e09e526abac0459c7d38132927347acb1ffba4e8c3bfc649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
12912
expires
Sat, 22 Feb 2025 05:16:53 GMT
img
imageproxy.eu.criteo.net/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19891&q=80&r=0&u=https%3A%2F%2Fmedia.visable.com%2Fhttps%3A%2F%2Fd18yn9dcojt05d.cloudfront.net%2Fmedia%2Ffiles%2Fproduct%2F2%2Fad9%2F5c%2Fb4%2Fad95cb4357eb0c83870502677bc5e1296157740fbf23a9b829fe6780c11579c0.jpg%3Fw%3D240%26h%3D180&ups=1&v=3&w=400&rid=73&s=ZwVKE6ewLIg-T0N_4qHFfIPl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0f31f2821cd4bafa915656369ac622ca105445565d7dda34225f8833061546a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
13826
expires
Thu, 06 Feb 2025 03:46:51 GMT
img
imageproxy.eu.criteo.net/img/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19891&q=80&r=0&u=https%3A%2F%2Fmedia.visable.com%2Fhttps%3A%2F%2Fd18yn9dcojt05d.cloudfront.net%2Fmedia%2Ffiles%2Fproduct%2F0%2F068%2Fde%2Fd5%2F068ded5142233f97a62b69d3bd8445090ad89784b8b54f1c007e8756b2ffb5dd.jpg%3Fw%3D240%26h%3D180&ups=1&v=3&w=400&rid=73&s=YzN8DuoEDpjkqGe--YHHvGwS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
28e106935178157fc8612fccb5abd30f4a68fcd73e07fa19ce5c69cad84ce516
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
17644
expires
Thu, 06 Mar 2025 01:37:25 GMT
img
imageproxy.eu.criteo.net/img/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19891&q=80&r=0&u=https%3A%2F%2Fmedia.visable.com%2Fhttps%3A%2F%2Fd18yn9dcojt05d.cloudfront.net%2Fmedia%2Ffiles%2Fproduct%2F0%2F8ce%2F6b%2F85%2F8ce6b85191cfdc2979000ac8ef064c3ecffec4044658b4448c7ee022b35a10b8.png%3Fw%3D240%26h%3D180&ups=1&v=3&w=400&rid=73&s=OJt2I0H26avR-9oAQ_CyWJVC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
085a79a479d07f31d01f2127561c5bba4382dbd48c698acf0aa6d13f0f1f29d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
45770
expires
Thu, 20 Feb 2025 09:45:22 GMT
img
imageproxy.eu.criteo.net/img/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19891&q=80&r=0&u=https%3A%2F%2Fmedia.visable.com%2Fhttps%3A%2F%2Fd18yn9dcojt05d.cloudfront.net%2Fmedia%2Ffiles%2Fproduct%2F7%2Fffe%2F23%2F8a%2Fffe238a7052e4734cbe36c21a9fb41c5bc7099eee1bb7567e9a24a9ae1608ba6.png%3Fw%3D240%26h%3D180&ups=1&v=3&w=400&rid=73&s=xXZufH_4jgDld1NyIHgPXYH0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f48f81604f637fa6e714c5bdc73c16e24419c3e6cf43897b8fe7c3ee6fd0e43b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
91272
expires
Sun, 09 Feb 2025 03:41:05 GMT
nai_small.png
static.criteo.net/flash/icon/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/nai_small.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:41 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 30 Aug 2011 09:18:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"4e5caadb-527"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
1319
expires
Sun, 09 Mar 2025 23:01:41 GMT
lgn.php
cat.nl3.eu.criteo.com/delivery/ 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=Ks8tgO-fqB0HJ0yu8ZvWxAppsngMnTN-NZJABYqMKeB2OtmFgdBZ4Hth3SNBJ3ea5HrThyR5p03efYAhZ7vRuwvCXcTd_e6B3tu2FS10LFQz5LfgBltalKVu_Mrifz00Ae6zu2nYiUDWlwtsJU4JMtbOtojnPuh_4tWn8xn7R2ldF6mWaXILaRyvlSnSoid-ttfvQV8y2q8f5cGn667bfq5skDrNwBCQEMH3re-oGuFQuRFt8NKadeWgFkZrN1bEYIo0zSVvleCmliwZJLoXwtjbcG53rTMZ4IlOqm-m2JxjmXKBuUOyWScaaYuh7mlS56-oMozZ6EGp4lI-WM5BoHBGRO80AvDKOCqj03GcLY5gb2FxDlixL7RaTwx91PcHPzBaVeGspL-djKMMyZEdAQ-zAQNMNcMPuGYwwztBCz93bOhe1jX4usNynMD-wN2O3IMm1YV5o4Svi7dKec1vt7yWadB_R6rJ347iJC4dtobG_q8r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2385073
expires
Mon, 26 Jul 1997 05:00:00 GMT
tpd
cat.nl3.eu.criteo.com/ 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/tpd?dd=cIOYUl9rUVVKRkdQalhSSUhuRVZKdWd1QmZXd1NCckpBTERsaFJMeWR2S0hVQkRHJTJGd2tJcSUyRmIzSE1sJTJGNzBOejJ1bHRBT1VKajdGUHFIWGJpSUJZRFZobTZmZGxMYWUxVzlLbzM4U0FFOWF0TVN6RlNOTHBmJTJGU3UzaWRCQldySjNTQVM5OTBnYjd1Q1hqUXZhS3ZsWGE3QVRpRFlXZEZrcktIQVZQZ2VKdkpwbzdocHMybXZndTY5NXowNTk4bkd6TWJjTDl4ZnZoRk80WnpLdWphY21wVjNFdWFFN251dVZYTSUyQlY3ejNETWNlT0dKUzUyand1bUNEdkFYMldLMnNqR21VTWJKYkJKMW9EZTg0cTgwaklnUCUyRjhiWXlEOW1LWTdOTjdRJTJCN3NoTG5rRUhIdyUyQjcxZ1ZGWHElMkJQTXhOaFRWbnIxU3ZoOEtLUlh1T2FRNnhjbnJQalhSSVU2RklPNDJESkYwJTJGeXRqYnVhWFZ6cXBKS0lKUUUwRTF4NmZlMmxkYkNzM2JxSVd6OSUyRm04eTNnJTJGQyUyRmdoQnJuTllwdG5kQ1Z4WUxTVHZxdTAlMkYySjJTYUFOQkdud2oycXM2TGVxY3RnWHElMkZZU0cxTWFPcFg2d3VUaThWSlA3bVR2bUE3T28lMkI0aEklMkZCNExHcjVOalduNlZSJTJCSWc0ZVVDbERKTHhMJTJGc1RLVmx2cFhUdW9rS3RqV1BDV2ZuWHJXOCUyQjd5SldSVjNvam1YNEZubnJINWw3cmR1eENLU3RBUlRLYzVWYWp2ZFFhT05qbXEydkFPa29BWkdtWkhxR3kyVzRscnhuMWttQjFRRkNOSHpESTM3MzcwdldWSUI4UTVVblpiU2hyUiUyRmFjck5sdEs1eTZlTWUlMkZNaCUyQkM2Nk02TWklMkYxd1Z4TDhvTlB4S0g0OEZtb1FXYzZmZ1czVzBZJTJCNkRzTzBiY1glMkJlZXIzRXA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
228848
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cookie_sync
prebidserver.pixfuture.com/ 		792 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/cookie_sync
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
1d6693b7186c190fb6f7b0f65ae79fd4fe3cc66281a3c322e1317b6860175e95

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:41 GMT
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsonground.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
792
expires
0
auction
prebidserver.pixfuture.com/openrtb2/ 		176 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/openrtb2/auction
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
af861c744ee66e8c7e69fc339113057b547b29b97ecbe8cf9b185594adfe5c88

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:41 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
application/json
access-control-allow-origin
https://newsonground.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
ea487c53d46f33f509711d7adc82b08209678a18969e0d0b7ca534aa74a11c21

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:41 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://newsonground.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
58
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 14 Mar 2024 23:01:41 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		407 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=469176&zone_id=2881032&size_id=2&p_pos=atf&rp_schain=1.0,1!pixfuture.com,6721,1,,,&eid_pubcid.org=a13888a7-a9c2-4f84-a2da-0f666a65db2a%5E1&rf=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290&kw=newsongroundcom%2Chome%2Cbreaking%2Cnews%2Cworld%2Cnews%2Cpolitics%2Cmuch%2Cdont%2Cmiss%2Cupdate%2Cus&tg_i.domain=newsonground.com&tg_i.cat=IAB1%2CIAB12%2CIAB12-1&tg_i.sectioncat=IAB1%2CIAB12%2CIAB12-1&tg_i.pagecat=IAB1%2CIAB12%2CIAB12-1&tg_i.page=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290&tk_flint=pbjs_lite_v7.16.0-pre&x_source.tid=c59efe43-d20c-4391-8910-3bf437283e5c&l_pb_bid_id=106c174089a4a8e&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.46812479594596135
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0b50e072ecbb56aa78c9ca8b6df6467fb0f5cfbc2e35a524e8c2d339525c38f1

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:41 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://newsonground.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
407
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ 		186 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:41 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://newsonground.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		24 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.16.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.17.147.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-147-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a1d3e4249cbf19c72eeea5082aa6faf1c812d10fc4012ea403ab5f0b626d9ac5

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Mar 2024 23:01:41 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://newsonground.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
arj
pixfuture2-d.openx.net/w/1.0/ 		73 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c59efe43-d20c-4391-8910-3bf437283e5c&nocache=1710457301263&pubcid=a13888a7-a9c2-4f84-a2da-0f666a65db2a&schain=1.0%2C1!pixfuture.com%2C6721%2C1%2C%2C%2C&aus=728x90&divids=38852x728x90x6721x_ADSLOT1&aucs=&auid=540580842&tps=bXlrZXl3b3JkPW5ld3Nvbmdyb3VuZGNvbSxob21lLGJyZWFraW5nLG5ld3Msd29ybGQsbmV3cyxwb2xpdGljcyxtdWNoLGRvbnQsbWlzcyx1cGRhdGUsdXMmbXlvdGhlcmtleXdvcmQ9bmV3c29uZ3JvdW5kY29tLGhvbWUsYnJlYWtpbmcsbmV3cyx3b3JsZCxuZXdzLHBvbGl0aWNzLG11Y2gsZG9udCxtaXNzLHVwZGF0ZSx1cw%3D%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
360eb41166d321be8d7db2acd0b3e563608db556afd5012c09509b00c7537054

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:41 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsonground.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
6d6311806f00b65e3e5edf7ce5ce3bddc41c5b825fd458c9523920337c80c64c

Request headers

Referer
https://newsonground.com/?e=1163290
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Mar 2024 23:01:41 GMT
content-encoding
gzip
server
ATS/9.1.10.94
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://newsonground.com
access-control-allow-credentials
true
content-length
84
prebid
ib.adnxs.com/ut/v3/ 		50 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:41 GMT
an-x-request-uuid
902ea8e2-032d-4e14-98d9-327f300aa149
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsonground.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.151; 185.213.155.151; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
50
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.108.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-108-3.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://newsonground.com
date
Thu, 14 Mar 2024 23:01:41 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
ghb.adtelligent.com/v2/auction/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:932::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
4a596a8aa7f01ff1aeb23d27a67284c7d245923f00b0b9be24d334ba0d7cc620

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 14 Mar 2024 23:01:40 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://newsonground.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1110
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:41 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://newsonground.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
trinity.json
apex.go.sonobi.com/ 		93 B
1020 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22288295e21e6f1%22%3A%22951d83dd852c9348161e%7C728x90%7Cf%3D0.3%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290&s=34481808-1921-463a-ae2e-faaf8e3dde84&pv=bff9e5e0-338a-43f6-b445-5ebe56905852&vp=desktop&lib_name=prebid&lib_v=7.16.0-pre&us=0&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22newsonground.com%22%2C%22cat%22%3A%5B%22IAB1%2CIAB12%2CIAB12-1%22%5D%2C%22sectioncat%22%3A%5B%22IAB1%2CIAB12%2CIAB12-1%22%5D%2C%22pagecat%22%3A%5B%22IAB1%2CIAB12%2CIAB12-1%22%5D%2C%22page%22%3A%22https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%22%2C%22keywords%22%3A%22newsongroundcom%2Chome%2Cbreaking%2Cnews%2Cworld%2Cnews%2Cpolitics%2Cmuch%2Cdont%2Cmiss%2Cupdate%2Cus%22%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%226721%22%2C%22hp%22%3A1%2C%22rid%22%3A%22e4f40176-2168-4e31-9486-4c5a8d020bab%22%7D%5D%7D&userid=%7B%22pubcid%22%3A%22a13888a7-a9c2-4f84-a2da-0f666a65db2a%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22a13888a7-a9c2-4f84-a2da-0f666a65db2a%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=newsongroundcom%2Chome%2Cbreaking%2Cnews%2Cworld%2Cnews%2Cpolitics%2Cmuch%2Cdont%2Cmiss%2Cupdate%2Cus&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:200a , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e90dde1c7f83a69c22b32f62a4205b22082e51d0e7ab5ee5305096e6543a5bbf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:41 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-111
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://newsonground.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
118
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://newsonground.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://newsonground.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 14 Mar 2024 23:01:41 GMT
server
ATS/9.1.10.94
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
35885abf1497c8fff53e54036b502e3557d612c32f902891e36c587c7b353b66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://newsonground.com
date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=w7vMnV9RUklMQzdjczJkN21BM01sMFNUM3Z0eE1DRmtwaWFIUmFxcUZzY1QlMkJXbEElM0Q&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k--_sWu70t1nIWiM7H9IH9jwjsbizH...
  • https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=w7vMnV9RUklMQzdjczJkN21BM01sMFNUM3Z0eE1DRmtwaWFIUmFxcUZzY1QlMkJXbEElM0Q&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k--_sWu70t1nIWiM7H9IH9jw...
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k--_sWu70t1nIWiM7H9IH9jwjsbizH4loYYMYW5A&gdpr=&gdpr_consent=
  • https://ssp-sync.criteo.com/user-sync/match?p=w7vMnV9RUklMQzdjczJkN21BM01sMFNUM3Z0eE1DRmtwaWFIUmFxcUZzY1QlMkJXbEElM0Q&u=7c51bb77-5b0d-42a1-b934-194716ec74f9
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=w7vMnV9RUklMQzdjczJkN21BM01sMFNUM3Z0eE1DRmtwaWFIUmFxcUZzY1QlMkJXbEElM0Q&u=7c51bb77-5b0d-42a1-b934-194716ec74f9
Protocol
H2
Server
2a02:2638:3::6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:41 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

Location
//ssp-sync.criteo.com/user-sync/match?p=w7vMnV9RUklMQzdjczJkN21BM01sMFNUM3Z0eE1DRmtwaWFIUmFxcUZzY1QlMkJXbEElM0Q&u=7c51bb77-5b0d-42a1-b934-194716ec74f9
Date
Thu, 14 Mar 2024 23:01:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
img
imageproxy.eu.criteo.net/img/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19891&q=80&r=0&u=https%3A%2F%2Fmedia.visable.com%2Fhttps%3A%2F%2Fd18yn9dcojt05d.cloudfront.net%2Fmedia%2Ffiles%2Fproduct%2F7%2F752%2Ffb%2F17%2F752fb175fef1d6bdece1f6c7700afbcda7caff402b9fa3dece91dfd260e74516.png%3Fw%3D240%26h%3D180&ups=1&v=3&w=400&rid=73&s=HczAFBV6X7_GL213P3Pm7Jhu
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
efffa79371e746df6ebf227f1ad689910a80103c8af6cd60c37404d516e2eaf4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
34698
expires
Thu, 06 Mar 2025 07:17:22 GMT
529.json
id5-sync.com/g/v2/ 		251 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/529.json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
fa7cc1fa9b4365cc8f674102f18aae0b89f2560192ab9bb4aca5d281af54f4ce
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://newsonground.com
date
Thu, 14 Mar 2024 23:01:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin
content-type
application/json
setuid
prebidserver.pixfuture.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy=
  • https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=7c51bb77-5b0d-42a1-b934-194716ec74f9
86 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=7c51bb77-5b0d-42a1-b934-194716ec74f9
Protocol
HTTP/1.1
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Thu, 14 Mar 2024 23:01:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
content-type
image/png

Redirect headers

Location
https://prebidserver.pixfuture.com/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=7c51bb77-5b0d-42a1-b934-194716ec74f9
Date
Thu, 14 Mar 2024 23:01:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
22787071134
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/22787071134?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403130101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e5703c35fa1af2dc134f5469196f17570b4abcf4c3df08f8c6f1b2faf314428d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hu4nBI4uDSZW4YKTHPcCuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:41 GMT
content-security-policy
script-src 'report-sample' 'nonce-hu4nBI4uDSZW4YKTHPcCuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw15BiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaery-ZJIBYA4j51k1nVQFi3fXTWUOBOOb5dNYUIHZKn8EaBMQ-9TNYY4C49eY51qlAfHLBedaLQCzEw3G1-dx6NoEJT-4fZwIAMEA2nA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
pxft_iel.js
cdn.pixfuture.com/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pxft_iel.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22de3cfef032de2d4fdb9617e21c37a4e1b94d3c388eacf661428139aac3e19c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30031
cf-bgj
minify
last-modified
Fri, 09 Dec 2022 15:37:52 GMT
server
cloudflare
etag
W/"63935650-139c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZInKbMlMsLMtzoS8wgBmWW8lVBKOr2XKmbeVXr6%2F%2BC96clCOB0iWuRq5wA5CMrFyTjKvPt506gqMyHYYogf2ce4W8ejLl7iIPhvjLsCpxX9UyqLa%2BE0xXOdMuzDcMLZPWFTjHpYv7Xm0wov0uLIm"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
cf-ray
8647e3173c279a2d-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 16 Mar 2024 14:41:08 GMT
tag.min.js
get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-110.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04da339baae1948d51e6ffcd4f1f118fe304f7aef2884cd164714df856f0e7f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
0Wki3095rBiC8xDP56.qUYf2JNRTRIn7
content-encoding
gzip
via
1.1 ba2af690a81a9d904af393a857344bf4.cloudfront.net (CloudFront)
date
Thu, 14 Mar 2024 03:06:27 GMT
last-modified
Mon, 07 Nov 2022 19:46:30 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
71729
etag
W/"34bbd675e8b425becff971d5a4756c10"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
iuPMlWMDKvtw0WkZHJy2s5_VyFAZ4A_3oAFsvarfUb0LGJWwJG2LvA==
728x90.gif
cdn.pixfuture.com/banners/ Frame FE1D 		234 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.pixfuture.com/banners/728x90.gif
Requested by
Host: newsonground.com
URL: https://newsonground.com/?e=1163290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05d819a825f8098149df71183c9a11a719fef4058283ce710b8fde5759a9e90f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30030
content-length
239110
last-modified
Fri, 01 Sep 2023 13:59:28 GMT
server
cloudflare
etag
"64f1ee40-3a606"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZdimFEjmkj6W1Pc%2Bc%2F9I3DpuAWu25sTNnpXYynbG%2F6mPTZtqcUgIJ7wmhsKUj0SqdzaV7bO8HePAIQ%2BODp8alPBPgZgtvIx8Tp3%2F%2BZK3ddRNvHeiyXAoYPHBAVbIyhBPbP0OAO1c0VaLK4Z3Gf7o"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=172800, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8647e3173c289a2d-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 16 Mar 2024 14:41:09 GMT
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
161.35.253.218 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 14 Mar 2024 23:01:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
setuid
prebidserver.pixfuture.com/ Frame 0CE5
Redirect Chain
  • https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
  • https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
0
489 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Thu, 14 Mar 2024 23:01:41 GMT
expires
0
pragma
no-cache
vary
Origin

Redirect headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
content-length
0
location
https://prebidserver.pixfuture.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
strict-transport-security
max-age=15552000
/
onetag-geo.s-onetag.com/ 		555 B
969 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-32.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 18:29:42 GMT
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront), 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2, FRA56-P5
age
16319
x-amzn-requestid
0aee2ba2-c475-4929-adea-f4a20c7afd8f
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
UodDfHTgCYcERvw=
content-length
555
x-amz-cf-id
6ZQ83V1I7skhXGtlzojkeaOT6FXPGr5FO46SMj6rPEg5uFey14DIiQ==
beacon.min.js
signal-beacon.s-onetag.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-94.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
bto3eb0o1YxjKQVMPWidTjdqvOBrBN1F
content-encoding
gzip
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
date
Thu, 14 Mar 2024 02:42:16 GMT
last-modified
Tue, 13 Jun 2023 14:58:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
73166
x-amz-server-side-encryption
AES256
etag
W/"565eb88b90415391668a5cb7cfb4557a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
NxXg-B3jlOLDhJzQJdwdee96Mx6cFFF2_C11sA4hUapqeTRbhVq5lw==
%2F
signal-segments.s-onetag.com/desktop/newsonground.com/ 		5 KB
619 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/newsonground.com/%2F
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-70.fra2.r.cloudfront.net
Software
/
Resource Hash
39df69a677a3d83efbf5f9399177414837349fb9ffab6b6df73180ea83f55174

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 14:24:54 GMT
content-encoding
br
via
1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
31007
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amz-cf-id
F-Ctq9Mn3xg60Mzq9hOCauf3nh-kY9qKQaVhI4-VaK07UxJvvzR08Q==
apigw-requestid
Un5MliBoiYcEPdw=
newsonground.com
signal-segments.s-onetag.com/desktop/ 		5 KB
641 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/newsonground.com
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/6a105cf8-5d47-4e0a-8c4b-7c60422256d2/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-70.fra2.r.cloudfront.net
Software
/
Resource Hash
39df69a677a3d83efbf5f9399177414837349fb9ffab6b6df73180ea83f55174

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 18:10:34 GMT
content-encoding
br
via
1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
17467
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amz-cf-id
U7aChfE2f-PSzGBfTDw2c7l6Ie1_DIZzbKZSz-xGUh5PV2QuMBquTA==
apigw-requestid
UoaQIib2CYcEMZg=
AGSKWxVkN63NoAQK5opcf7abJx0TR3aRdeMc7_0MbzJu1G6Fe-yXETxYt0UEWALpYPRCUU_VQ8RdW8kD8fJKmprehrRPFRSDTW0WbVB2yS-4LjcGF0ShqwhPkABAlZ7Xzu1cSIwtIsRHUw==
fundingchoicesmessages.google.com/f/ 		484 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVkN63NoAQK5opcf7abJx0TR3aRdeMc7_0MbzJu1G6Fe-yXETxYt0UEWALpYPRCUU_VQ8RdW8kD8fJKmprehrRPFRSDTW0WbVB2yS-4LjcGF0ShqwhPkABAlZ7Xzu1cSIwtIsRHUw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwNDU3MzAxLDc5NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9uZXdzb25ncm91bmQuY29tLyIsbnVsbCxbWzgsImdESndwR3ZOQWRFIl0sWzksImRlIl0sWzE5LCIxIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDJwpGvNAdE.es5.O/am=wA/d=1/rs=AJlcJMymP2Q7tkgywvgUmxgDQ4lsbkgv7g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
49a5387185d006dc896eb021e877a5b7018b56352ee2df7263b2d60e31e0ed17
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-GHe0j_Sxg_AhygSRA3BplQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:41 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-GHe0j_Sxg_AhygSRA3BplQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw0pBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaery-ZJIBYA4j51k1nVQFi3fXTWUOBOOb5dNYUIHZKn8EaBMQ-9TNYY4C49eY51qlAfHLBedaLQCzEw3G1-dx6NoEFc74vZgYALQ82VA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
ads.us.e-planning.net/uspd/1/ Frame 1978 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
77401ea9049b65863a8f950c7b31e994c2f89682f832d137ed3596b6c11de106

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Thu, 14 Mar 2024 23:01:41 GMT
expires
Thu, 14 Mar 2024 23:01:41 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-912
css
fonts.googleapis.com/ 		107 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDJwpGvNAdE.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxGN4DYAWzjyVb6K0bp2ijXz_gw-Q/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
45d873527380ba0d1e01ca057514cc8214594a65088cf47a8046ef527d5b85a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 14 Mar 2024 23:01:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 14 Mar 2024 23:01:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Mar 2024 23:01:42 GMT
dqEEe7erITIB63ZZlVWET-l-P2C_DT3M3OmbuQsQXh3UsP1-B_kV9c7H-4vh291W3R8NWqhX6Vw7dMtvxWJJv31u_u5-WXh1wrmL8bsNaTZBWh-_dH0=h60
lh3.googleusercontent.com/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/dqEEe7erITIB63ZZlVWET-l-P2C_DT3M3OmbuQsQXh3UsP1-B_kV9c7H-4vh291W3R8NWqhX6Vw7dMtvxWJJv31u_u5-WXh1wrmL8bsNaTZBWh-_dH0=h60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
add0f85d64f867e1b6818956c36e068c7afb5d73e83befd7606e2d624ba9efaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 20:24:57 GMT
x-content-type-options
nosniff
age
9405
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13766
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 15 Mar 2024 20:24:57 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsonground.com/
Origin
https://newsonground.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 04:08:42 GMT
x-content-type-options
nosniff
age
154380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 04:08:42 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsonground.com/
Origin
https://newsonground.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 04:08:42 GMT
x-content-type-options
nosniff
age
154380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Mar 2025 04:08:42 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsonground.com/
Origin
https://newsonground.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 08:54:31 GMT
x-content-type-options
nosniff
age
223631
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Mar 2025 08:54:31 GMT
AGSKWxXu12pDBEJ9ab68nNQnLpzuZXCl3pA4TghDtN-DdtiSeHnol3oaKVGa_G62HzD3xH9nQS1zCAq7I3s8hlHnOHWI_M9TkHr6wtKOzDtURNUtqSE8K_GOGRK75pVgjP6-vBedPDs50Q==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXu12pDBEJ9ab68nNQnLpzuZXCl3pA4TghDtN-DdtiSeHnol3oaKVGa_G62HzD3xH9nQS1zCAq7I3s8hlHnOHWI_M9TkHr6wtKOzDtURNUtqSE8K_GOGRK75pVgjP6-vBedPDs50Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDJwpGvNAdE.es5.O/am=wA/d=1/rs=AJlcJMymP2Q7tkgywvgUmxgDQ4lsbkgv7g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WqBOdTSQpzd0rdxeYyOQTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WqBOdTSQpzd0rdxeYyOQTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1JBiqGV4xtQKxE7pM1gDgFiIm-Na87n1bAIfVt7SAAC7VQwc"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://newsonground.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
pbs.gif
sync.admanmedia.com/ Frame 1978 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D1ec78ea3dbda48e1%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.26 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 23:01:49 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
60
Content-Type
text/plain
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 1978 		566 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.1 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:41 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 13 Mar 2029 23:01:41 GMT
redirectuser
ssp.disqus.com/ Frame 1978 		0
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D1ec78ea3dbda48e1%26uid%3D%24UID&partner=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.75.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-75-98.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
cache-control
no-store
expires
0
v1
match.sharethrough.com/universal/ Frame 1978 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.69.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-69-244.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
us
sync.go.sonobi.com/ Frame 1978 		0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D1ec78ea3dbda48e1%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:200d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-111
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
rtb.openx.net/sync/ Frame 1978 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D1ec78ea3dbda48e1%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
um
u-ams03.e-planning.net/ Frame 1978
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D1ec78ea3dbda48e1%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=1ec78ea3dbda48e1&uid=7738809124434604367
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=1ec78ea3dbda48e1&uid=7738809124434604367
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

server
openresty
date
Thu, 14 Mar 2024 23:01:42 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
an-x-request-uuid
f271fecd-c0fc-4684-a19c-71dc4cc2d7e2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=1ec78ea3dbda48e1&uid=7738809124434604367
x-proxy-origin
185.213.155.151; 185.213.155.151; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame 1978
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=1ec78ea3dbda48e1
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=1ec78ea3dbda48e1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

location
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=1ec78ea3dbda48e1
date
Thu, 14 Mar 2024 23:01:42 GMT
server
fasthttp
content-length
0
sync
x.bidswitch.net/ Frame 1978 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 23:01:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ABC8 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D1ec78ea3dbda48e1%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c861dd92be984fe498ece34c0f3c921861ac51bfee50323fcae21231abf7a82b

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=31878
content-encoding
gzip
content-length
5685
content-type
text/html
date
Thu, 14 Mar 2024 23:01:42 GMT
expires
Fri, 15 Mar 2024 07:53:00 GMT
last-modified
Tue, 13 Feb 2024 04:57:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 1C41
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1ec78ea3dbda48e1%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1ec78ea3dbda48e1%26uid%3D&s=190243&C=1
2 KB
913 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1ec78ea3dbda48e1%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d05414a13f17446ee58506f9c656a410185e0f7b7e4501404f51ee77191f931

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8647e319ff66367f-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Mar 2024 23:01:42 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pdYe7xw2BSas4n%2Brd58NPie6Q2miY2vz4F9Kf14Efh9g%2FL%2BUyJY%2BECVUumuvP9LwD5pipsDnS2xgVVhqB5PC75T9lKbPGYnMhaijl8hJ2McLFEQb%2FF%2BeRaapeyIF692FcOSYiSmY"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8647e319bf3f367f-FRA
content-length
0
date
Thu, 14 Mar 2024 23:01:42 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1ec78ea3dbda48e1%26uid%3D&s=190243&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jhc4sBGM8coBv9aTgIePhNJ2ojhbB8buvgThf0KI8CpoFGME1%2FL3Okv4t26sU23yTe05N%2Be8tmcB5ob3yrYVntq9CE053o6Gmu3VAcIBEiGHtruKN8gRv1RhD4zhxPdUCZ1xexqW"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 758F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 329D 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
375ef054d5a932e594e6f94a8e9982e848dd5b10b2c86c473ffebd26c45a92fb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
8647e319c9cf5c44-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Mar 2024 23:01:42 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
PugMaster
image6.pubmatic.com/AdServer/ Frame ABC8 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12749096&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D1ec78ea3dbda48e1%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:40 GMT
content-length
0
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 1978 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-46.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e6a8b2e3a2af539c51845e313a8ce4e3eb38ae3ff5498772b4714d992f3e49e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 04:42:57 GMT
content-encoding
gzip
via
1.1 d34e2629ef96cca4a5e6c92c061c82b4.cloudfront.net (CloudFront)
last-modified
Wed, 14 Feb 2024 17:14:09 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
65926
x-amz-server-side-encryption
AES256
etag
W/"d7a259136e59c031f3957a16241e3c9a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
0RAVWXxlTUdlMKJP381uQYmUkRS3JtZgOlPt36GO_L3UTD7xcaCqBQ==
setuid
prebidserver.pixfuture.com/ Frame 7FE1 		0
597 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebidserver.pixfuture.com/setuid?bidder=eplanning&gdpr=&gdpr_consent=&f=b&uid=AH1pAQbEzggPqiNg
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fprebidserver.pixfuture.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
137.184.242.150 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Thu, 14 Mar 2024 23:01:42 GMT
expires
0
pragma
no-cache
vary
Origin
getuid
ib.adnxs.com/ Frame 329D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 329D 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 329D
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=b3ea6fe2-992d-4c9d-8009-3ce9635d7de4&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=b3ea6fe2-992d-4c9d-8009-3ce9635d7de4&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8647e31a8a425c44-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Thu, 14 Mar 2024 23:01:42 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?cid=b3ea6fe2-992d-4c9d-8009-3ce9635d7de4&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 329D 		0
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 329D 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5%26reqId%3De7e568f6-23d7-4ace-5d54-408b0880da4d%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
server
Kestrel
content-length
70
content-type
image/gif
cm
trc.taboola.com/sg/zeotap/1/ Frame 329D 		0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Thu, 14 Mar 2024 23:01:42 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230051-FRA
server
nginx
x-timer
S1710457302.095780,VS0,VE8
x-fastly-to-nlb-rtt
7208
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v2
x-cache-hits
0
u
dmp.v.fwmrm.net/ad/ Frame 329D 		0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:6593:f602:8bd3:480b:a39:d536 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 23:01:42 GMT
X-Fw-Request-Id
ume95d1_1710457302635417047
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 329D 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5%26reqId%3De7e568f6-23d7-4ace-5d54-408b0880da4d%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 14 Mar 2024 23:01:42 GMT
content-length
0
content-type
text/html; charset=UTF-8
genericusersync.ashx
sync.tidaltv.com/ Frame 329D 		0
0
mw
mwzeom.zeotap.com/ Frame 329D
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=86566747657384282533738770740375159412&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=86566747657384282533738770740375159412&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8647e31b0a915c44-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

dcs
dcs-prod-irl1-2-v058-033b39512.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
FiCvnMp4R2w=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://mwzeom.zeotap.com/mw?cid=86566747657384282533738770740375159412&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 329D 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
zeotap.php
bn01.er.bemail.it/ Frame 329D 		0
0
mw
mwzeom.zeotap.com/ Frame 329D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7346358173295507598&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7346358173295507598&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8647e31a3a1d5c44-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7346358173295507598&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Date
Thu, 14 Mar 2024 23:01:42 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 329D
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Thu, 14 Mar 2024 23:01:42 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame 329D
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://mwzeom.zeotap.com/mw?webouuid=0pWH4c2GXtu8oxzjDfE0ke&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4a...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=0pWH4c2GXtu8oxzjDfE0ke&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8647e31aca665c44-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:41 GMT
via
1.1 google
last-modified
Thu, 14 Mar 2024 23:01:42 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=0pWH4c2GXtu8oxzjDfE0ke&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 329D 		0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.81 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 329D
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8647e31a3a1c5c44-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
cache-control
no-cache
x-server
10.45.21.21
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 329D
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-c9chErdE2opw.4tZgJ3jk3jCbT4oEgABHg--~A&zpartnerid=570&env=mWeb
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-c9chErdE2opw.4tZgJ3jk3jCbT4oEgABHg--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8647e31b7af55c44-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-c9chErdE2opw.4tZgJ3jk3jCbT4oEgABHg--~A&zpartnerid=570&env=mWeb
date
Thu, 14 Mar 2024 23:01:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.106
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame 329D
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=CYSLYphnIs5VDet6v8WFV%2F9a%2B8eQfAxQ%2BS41iYitP1U%3D
95 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=CYSLYphnIs5VDet6v8WFV%2F9a%2B8eQfAxQ%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8647e31a1a0c5c44-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=CYSLYphnIs5VDet6v8WFV%2F9a%2B8eQfAxQ%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 329D 		42 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
via
1.1 google
last-modified
Thu, 19 Oct 2023 06:07:48 GMT
server
nginx
etag
"6530c7b4-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 329D 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.14.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-14-43.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
server
awselb/2.0
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 329D 		0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:13 GMT
x-powered-by
PHP/8.2.4
server
nginx/1.14.1
mw
mwzeom.zeotap.com/ Frame 329D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZfOB1gAA3kqqIgAe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZfOB1gAA3kqqIgAe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8647e31c7ba55c44-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-fra-eddf8230059-FRA
pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1710457302.372823,VS0,VE98
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZfOB1gAA3kqqIgAe&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
v2
usermatch.krxd.net/um/ Frame 329D 		2 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.101.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-101-25.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
server
awselb/2.0
content-length
2
content-type
application/json; charset=utf-8
dcm
aax-eu.amazon-adsystem.com/s/ Frame 329D
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7df...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7df...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 23:01:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B0XKYMVEHF9K2W17676S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 23:01:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N4X8ZC4TNYM13J1ZYQEF
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 329D 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.81.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-81-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 329D
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfa2...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8647e31c7b925c44-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
date
Thu, 14 Mar 2024 23:01:42 GMT
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame 329D
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=41544&puid=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5c...
  • https://mwzeom.zeotap.com/mw?cid=LTRU4423-1F-AEI9&env=mWeb&zpartnerid=1770&gdpr=1
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=LTRU4423-1F-AEI9&env=mWeb&zpartnerid=1770&gdpr=1
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8647e31bab125c44-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=LTRU4423-1F-AEI9&env=mWeb&zpartnerid=1770&gdpr=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
syncd
x.bidswitch.net/ Frame 329D 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5%26reqId%3De7e568f6-23d7-4ace-5d54-408b0880da4d%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 23:01:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
mw
mwzeom.zeotap.com/ Frame 329D 		95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8647e31bab0f5c44-FRA
access-control-allow-headers
*
content-length
95
mw
mwzeom.zeotap.com/ Frame 329D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_...
  • https://mwzeom.zeotap.com/mw?cid=oLVdhq6xX4O7tgvUoOYWjKO5CtC75AqDorASEIz2&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=fa21807f-5414-4a4...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=oLVdhq6xX4O7tgvUoOYWjKO5CtC75AqDorASEIz2&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8647e31c0b455c44-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://mwzeom.zeotap.com/mw?cid=oLVdhq6xX4O7tgvUoOYWjKO5CtC75AqDorASEIz2&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cmp.min.js
spl.zeotap.com/ Frame 329D 		557 B
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8199a0f86a39648e6d011f26fb9fef019e9e9bffd5a15fed6a418be26e4ac9b8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8647e319f9f65c44-FRA
access-control-allow-headers
*
TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v53/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
201dc695ba7ad24f5b671ffbb0074bcf1880605ab9bbf91a380465b6fe760988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsonground.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 20:04:08 GMT
x-content-type-options
nosniff
age
269854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12808
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:38:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Mar 2025 20:04:08 GMT
31327
i.liadm.com/s/ Frame 1C41 		0
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZfOB1rmqPVAAAHzjAS284gAA%263179&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1ec78ea3dbda48e1%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.155.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-155-213.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 23:01:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
0
pixel
cm.g.doubleclick.net/ Frame 1C41
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZfOB1rmqPVAAAHzjAS284gAA
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZfOB1rmqPVAAAHzjAS284gAA
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1ec78ea3dbda48e1%26uid%3D&s=190243&C=1
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UMNXipZa201fozGfVvZ0%2FPyVQI%2BiWXMDoshV3PMwa5odgd3Az1eIZD7iM2vXtgdx%2F7RAtXdMcYpToHhIiUyR9N6A6Jp%2FTXTl1AVpiVFApRv8Dom5R23yuOZpN3CTQJOg2JaJ0D9JN%2F4b%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZfOB1rmqPVAAAHzjAS284gAA
cache-control
no-cache
cf-ray
8647e31a4faa367f-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
dcm
s.amazon-adsystem.com/ Frame 1C41
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZfOB1rmqPVAAAHzjAS284gAADGsAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZfOB1rmqPVAAAHzjAS284gAADGsAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZfOB1rmqPVAAAHzjAS284gAADGsAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1ec78ea3dbda48e1%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 23:01:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MB2AA1SSV39AC25X2M6S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 23:01:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
28366A15EHZGRQEB6CG9
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZfOB1rmqPVAAAHzjAS284gAADGsAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 1C41 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1ec78ea3dbda48e1%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
server
Kestrel
content-length
70
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 1C41
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8280008358510697853
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8280008358510697853
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1ec78ea3dbda48e1%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4iIpo3Lb%2B7R3aQqNBXsMt4Kk3I4ynbj86IP5JwTS6gmuSPob5CJqWTcGE2JnUdVfBC%2F8slhafG%2FvRu7m5pzKE0KZDdj4TrTxVwMlb2RiDA52f%2BQW2rKIzH18gPeQ5K4%2BDiqa5eiT3D044w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8647e31aad8f1999-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8280008358510697853
pragma
no-cache
date
Thu, 14 Mar 2024 23:01:41 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
user-registering
ads.stickyadstv.com/ Frame 1C41 		43 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZfOB1rmqPVAAAHzjAS284gAADGsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1ec78ea3dbda48e1%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:192:1::173 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 23:01:42 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1710457302144016-351
ix
ad4m.at/ad/sim/ Frame 1C41 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1ec78ea3dbda48e1%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 1C41
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1ec78ea3dbda48e1%26uid%3D&s=190243&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bzlf44swQ4LkDlW4F470niDL%2BunuDY1cByB752lxyiIeWe4fbZHaOxpTWLFDxfkkrAcPHgyvfx%2BTtSzghYxB29i1MI6zbRLDJ24hSXR0acuKIo0NcNkF4WC9HRkwM6F1euzt1zSbsQfA5w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8647e31aad8c1999-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Thu, 14 Mar 2024 23:01:42 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
um
u-ams03.e-planning.net/ Frame 1C41 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=1ec78ea3dbda48e1&uid=ZfOB1rmqPVAAAHzjAS284gAA%263179
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D1ec78ea3dbda48e1%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

server
openresty
date
Thu, 14 Mar 2024 23:01:42 GMT
content-type
image/gif
multitracking
sghb.adtelligent.com/adunit/ 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sghb.adtelligent.com/adunit/multitracking
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/sRu7W/hbw_master_313926_19004.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.132.249.188 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.188.249.132.142.clients.your-server.de
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://newsonground.com
Date
Thu, 14 Mar 2024 23:01:41 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
/
ssc-cms.33across.com/ps/ Frame 8184 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D58%26extuid%3D33XUSERID33X%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D488210%26a%3D304056%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP018 /
Resource Hash

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
server
33XP018
x-33x-status
2000208
sync.html
s.adtelligent.com/ Frame D1C8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:262:3e00::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Adtelligent /
Resource Hash
38f1048becbf634666bdf693feb407fa12dc03c59a7e354b5a25a78db8a06353

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://newsonground.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
976
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Mar 2024 23:01:42 GMT
Server
Adtelligent
X-Robots-Tag
noindex
csync
sync.adtelligent.com/ Frame 8039
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent={gdpr_consent}&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D...
  • https://sync.adtelligent.com/csync?t=g&ep=142&extuid=0000EEA&traffic_source=snippet&session=13BC5D916EECF64F&sp=500592&pb=305453&c=750708&a=754412&domain=https://newsonground.com/?e=1163290&gdpr=0&...
43 B
441 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=g&ep=142&extuid=0000EEA&traffic_source=snippet&session=13BC5D916EECF64F&sp=500592&pb=305453&c=750708&a=754412&domain=https://newsonground.com/?e=1163290&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 14 Mar 2024 23:01:42 GMT
Etag
9e024e026d3b0c2d
Server
Adtelligent

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Thu, 14 Mar 2024 23:01:42 GMT
expires
Thu, 14 Mar 2024 23:01:42 GMT
location
https://sync.adtelligent.com/csync?t=g&ep=142&extuid=0000EEA&traffic_source=snippet&session=13BC5D916EECF64F&sp=500592&pb=305453&c=750708&a=754412&domain=https://newsonground.com/?e=1163290&gdpr=0&gdpr_source=&gdpr_consent=
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
pd
u.openx.net/w/1.0/ Frame B88F 		199 B
213 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Thu, 14 Mar 2024 23:01:42 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
ads.us.e-planning.net/uspd/1/ Frame 287D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
696fcc10368bb1fc6fce0eedc4f337b0945068b0aaa794d1e5637eaae9255d89

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Thu, 14 Mar 2024 23:01:42 GMT
expires
Thu, 14 Mar 2024 23:01:42 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-912
/
onetag-sys.com/usync/ Frame 2422 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 733F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.64.214 Helsinki, Finland, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
a104-103-64-214.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 14 Mar 2024 23:01:42 GMT
ETag
"623de86a-cf34"
Expires
Fri, 15 Mar 2024 23:01:44 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 0890 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2055%2C2075%2C2030%2C3020%2C251%2C233%2C2027%2C2026%2C236%2C2069%2C237%2C238%2C359%2C338%2C459%2C70%2C97%2C55%2C77%2C2022%2C3012%2C2043%2C262%2C461%2C244%2C201%2C2039%2C4%2C126%2C203%2C10000%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.211.10.95 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-10-95.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d7553b6dd398d5c64bd4fd0f2c386a2737dab7fda6e63dbc52b34966fd3bba62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
8420
content-type
text/html; charset=UTF-8
date
Thu, 14 Mar 2024 23:01:42 GMT
expires
Sat, 16 Mar 2024 23:01:42 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 19E9 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D76%26extuid%3D%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D631382%26a%3D558003%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c861dd92be984fe498ece34c0f3c921861ac51bfee50323fcae21231abf7a82b

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=31878
content-encoding
gzip
content-length
5685
content-type
text/html
date
Thu, 14 Mar 2024 23:01:42 GMT
expires
Fri, 15 Mar 2024 07:53:00 GMT
last-modified
Tue, 13 Feb 2024 04:57:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame CDB2 		2 KB
1007 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.141.195 Rome, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-141-195.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0db0c6b0fa609e2d64cd4a065f652828236be1730861409986f2a74566dc0b8a

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
686
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Mar 2024 23:01:42 GMT
ETag
"2052b-661-613698fc7e540"
Last-Modified
Mon, 11 Mar 2024 21:52:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame A40E
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26...
  • https://cm.adform.net/cookie?CC=1&redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D5005...
  • https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=2965030788491927551&traffic_source=snippet&session=13BC5D916EECF64F&sp=500592&pb=305453&c=709112&a=743293&domain=https://newsonground.com/?e=...
43 B
456 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=2965030788491927551&traffic_source=snippet&session=13BC5D916EECF64F&sp=500592&pb=305453&c=709112&a=743293&domain=https://newsonground.com/?e=1163290&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 14 Mar 2024 23:01:42 GMT
Etag
9e024e026d3b0c2d
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Thu, 14 Mar 2024 23:01:42 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=743293&extuid=2965030788491927551&traffic_source=snippet&session=13BC5D916EECF64F&sp=500592&pb=305453&c=709112&a=743293&domain=https://newsonground.com/?e=1163290&gdpr=0&gdpr_source=&gdpr_consent=
server
nginx
sync.html
s.console.adtarget.com.tr/ Frame 8487 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:242:57ce::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Adtarget /
Resource Hash
44d18febe35cb8ac1fb4f8844ca2228cf1f7dd452d044ba1fba77c28e0180e71

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://newsonground.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
980
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Mar 2024 23:01:42 GMT
Server
Adtarget
X-Robots-Tag
noindex
sync
x.bidswitch.net/ 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=themediagrid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsonground.com/?e=1163290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 23:01:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pbs.gif
sync.admanmedia.com/ Frame 287D 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D2e06db8fee740314%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.26 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 23:01:49 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
60
Content-Type
text/plain
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 287D 		566 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.1 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Tue, 13 Mar 2029 23:01:42 GMT
redirectuser
ssp.disqus.com/ Frame 287D 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D2e06db8fee740314%26uid%3D%24UID&partner=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.75.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-75-98.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
cache-control
no-store
expires
0
v1
match.sharethrough.com/universal/ Frame 287D 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.69.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-69-244.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
us
sync.go.sonobi.com/ Frame 287D 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D2e06db8fee740314%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f350:3:2569:0:10:0:200d , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-111
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
rtb.openx.net/sync/ Frame 287D 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D2e06db8fee740314%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
um
u-ams03.e-planning.net/ Frame 287D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D2e06db8fee740314%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=2e06db8fee740314&uid=7738809124434604367
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=2e06db8fee740314&uid=7738809124434604367
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

server
openresty
date
Thu, 14 Mar 2024 23:01:42 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
an-x-request-uuid
e7925d1a-cfab-4900-a566-fba9289040e7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=2e06db8fee740314&uid=7738809124434604367
x-proxy-origin
185.213.155.151; 185.213.155.151; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame 287D
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-ams03.e-planning.net/um?uid=csuid_ed734adf-641d-434a-b8bb-4c43ff6f9730&dc=b337141cfdc8cf59&fi=2e06db8fee740314
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?uid=csuid_ed734adf-641d-434a-b8bb-4c43ff6f9730&dc=b337141cfdc8cf59&fi=2e06db8fee740314
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

server
openresty
date
Thu, 14 Mar 2024 23:01:42 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?uid=csuid_ed734adf-641d-434a-b8bb-4c43ff6f9730&dc=b337141cfdc8cf59&fi=2e06db8fee740314
date
Thu, 14 Mar 2024 23:01:42 GMT
server
fasthttp
content-length
0
sync
x.bidswitch.net/ Frame 287D 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 23:01:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1E4A 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2e06db8fee740314%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c861dd92be984fe498ece34c0f3c921861ac51bfee50323fcae21231abf7a82b

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=31878
content-encoding
gzip
content-length
5685
content-type
text/html
date
Thu, 14 Mar 2024 23:01:42 GMT
expires
Fri, 15 Mar 2024 07:53:00 GMT
last-modified
Tue, 13 Feb 2024 04:57:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 168A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2e06db8fee740314%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a67446c2680e1e70b9d5dff4352e564a398fe9913b049209bdd05f9f48ae453e

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8647e31db8281999-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Mar 2024 23:01:42 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qWbXJzj4XRI1QOARSqejyyOI6XrxPIABX0uNcYVq0sy60bWdxIVGUf%2BXnoFFvLbVkOeoc1wTjghO%2FpgtmXjyMpmrQcRBiplBriHBbkxOdaEC%2F0v2%2BcCLIMEiayGJn%2B4V%2FUmtYDBe"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 9292 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 56B3 		760 B
787 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8059a27aae6e523a5a6cbd3ed278550f080aea83ab644f0ae2c229b5d66ee17d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
8647e31dbc675c44-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Mar 2024 23:01:42 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 287D 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-46.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e6a8b2e3a2af539c51845e313a8ce4e3eb38ae3ff5498772b4714d992f3e49e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 04:42:57 GMT
content-encoding
gzip
via
1.1 d34e2629ef96cca4a5e6c92c061c82b4.cloudfront.net (CloudFront)
last-modified
Wed, 14 Feb 2024 17:14:09 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
65926
x-amz-server-side-encryption
AES256
etag
W/"d7a259136e59c031f3957a16241e3c9a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
vaqadTl6uNBlnAdNNFo3FBUt8xbkwZ4kgmriYnm8DLg4Os-axTloPQ==
csync
sync.adtelligent.com/ Frame D646 		43 B
449 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=g&ep=90&extuid=AH1pAQbEzggPqiNg&traffic_source=snippet&session=13BC5D916EECF64F&sp=500592&pb=305453&c=484122&a=307971&domain=https://newsonground.com/?e=1163290&gdpr=0&gdpr_source=&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Dg%26ep%3D90%26extuid%3D%24UID%26traffic_source%3Dsnippet%26session%3D13BC5D916EECF64F%26sp%3D500592%26pb%3D305453%26c%3D484122%26a%3D307971%26domain%3Dhttps%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290%26gdpr%3D0%26gdpr_source%3D%26gdpr_consent%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.146.18 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 14 Mar 2024 23:01:42 GMT
Etag
40eefd17f5a2c80c
Server
Adtelligent
pixel
cm.g.doubleclick.net/ Frame 168A 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZfOB1rmqPVAAAHzjAS284gAADGsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2e06db8fee740314%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
31327
i.liadm.com/s/ Frame 168A 		0
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZfOB1rmqPVAAAHzjAS284gAA%263179&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2e06db8fee740314%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.155.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-155-213.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 23:01:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
0
ZfOB1rmqPVAAAHzjAS284gAADGsAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 168A 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZfOB1rmqPVAAAHzjAS284gAADGsAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2e06db8fee740314%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:7bcf:ba48:68f0:f6ab Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 168A
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7738809124434604367
43 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7738809124434604367
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2e06db8fee740314%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Empq301lsLdKHRuCutVLoeFSnQu35TUeNI5DzXrARvHipBdESixo4bH3iiLB0zmofZuQjqkjyisrIqSEkLyqjwrgCQ6nqJaXnKnZ2T6cbWZuSq0tO9O7ZdScnXOxhNnoKutNmhwNeJc3w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8647e31df8831999-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
an-x-request-uuid
008d03a7-3737-4686-87d8-b115f98581cb
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7738809124434604367
x-proxy-origin
185.213.155.151; 185.213.155.151; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 168A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=maNJjbSo1RKU505
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=maNJjbSo1RKU505
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2e06db8fee740314%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LBVgAHyP1qLll5HKa8%2B6PoNyt6BIycRHMpFvEcn7zk2MfXMZPParzLJEB8InWwxwtQyWy8appO2EV%2FiLwrjA5lWgWFmBByyKi%2B2TtwYN%2FtHHY9VvZOttb2yXe4wmbQiN%2FPrfswVF3ICzxw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8647e31e49331999-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 23:01:42 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-801-g0076fb7#rel-ec2-master i-05557567c5646faef@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=maNJjbSo1RKU505
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 168A 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZfOB1rmqPVAAAHzjAS284gAADGsAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2e06db8fee740314%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Mar 2024 23:01:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MDXFES06MH80AAVGPVMC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 168A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2e06db8fee740314%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 168A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZfOB1rmqPVAAAHzjAS284gAA
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZfOB1rmqPVAAAHzjAS284gAA
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2e06db8fee740314%26uid%3D
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uWk%2BCS5o4HD2WM1i7GRp%2F8EdN0URghDz3l5dpeSOJN7P7yvzYHObvUhyedgY8g7LTSdy6zqwkVGuAW6WCPd0xQ2mjp%2FQhWlqmZE%2Bby0u3ud85YziX%2B4JNNhQIBBP2PvnI%2FlEvLcHP%2Fl8ow%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZfOB1rmqPVAAAHzjAS284gAA
cache-control
no-cache
cf-ray
8647e31de85d1999-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
um
u-ams03.e-planning.net/ Frame 168A 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=2e06db8fee740314&uid=ZfOB1rmqPVAAAHzjAS284gAA%263179
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2e06db8fee740314%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

server
openresty
date
Thu, 14 Mar 2024 23:01:42 GMT
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame 56B3
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfa2...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=9dee02fd-c13a-4c5a-4cc2-c0aac3f864de&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=9dee02fd-c13a-4c5a-4cc2-c0aac3f864de&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8647e31e2cc15c44-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=9dee02fd-c13a-4c5a-4cc2-c0aac3f864de&zdid=1361
date
Thu, 14 Mar 2024 23:01:42 GMT
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame 56B3 		95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=9dee02fd-c13a-4c5a-4cc2-c0aac3f864de&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8647e31dec945c44-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame 56B3 		557 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=9dee02fd-c13a-4c5a-4cc2-c0aac3f864de&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c62795dab40a8d2eff7b25a5b7d4c22e809eaf7148a5883718168f24cab6645
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:42 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8647e31dec955c44-FRA
access-control-allow-headers
*
usync.js
eus.rubiconproject.com/ Frame CDB2 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.141.195 Rome, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-141-195.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
49e80d5add76d271511d8ccf3b951ba740dbdbab36ab75d4c1aff894dd1d8aea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 23:01:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Mar 2024 15:16:57 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58505
Connection
keep-alive
Content-Length
10989
Expires
Fri, 15 Mar 2024 15:16:47 GMT
/
s.console.adtarget.com.tr/sync/ Frame DAB1 		0
271 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync/?aid=755289&gdpr_source=cmpuishown&refer=https://newsonground.com/?e=1163290
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:242:57ce::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Adtarget /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/sync.html?aid=755289
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.console.adtarget.com.tr
Connection
Keep-Alive
Content-Length
0
Date
Thu, 14 Mar 2024 23:01:42 GMT
Server
Adtarget
X-Robots-Tag
noindex
/
s.adtelligent.com/sync/ Frame EDED 		0
266 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync/?aid=651796&gdpr_source=cmpuishown&refer=https://newsonground.com/?e=1163290
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:262:3e00::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=651796
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Length
0
Date
Thu, 14 Mar 2024 23:01:42 GMT
Server
Adtelligent
X-Robots-Tag
noindex
async_usersync
ib.adnxs.com/ Frame 733F 		0
922 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:42 GMT
an-x-request-uuid
cb5435b7-9926-44c2-a306-251b852b5834
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.155.151; 185.213.155.151; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 287D 		155 B
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-46.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 14 Mar 2024 01:53:37 GMT
via
1.1 da7d0e99d4b5322bc1c874b2af707374.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
78466
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 14 Feb 2024 17:14:10 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
aCxq90GtTHJn2oumcVIwh7FJhDnbhT4na1aC2OaXoPurmfthQhFduQ==
data
bcp.crwdcntrl.net/6/ Frame 287D 		60 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.235.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-235-9.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c107fcc64f967d3bcb25f72475fa25708339aa7c1efccc2863ef2edcd82f3e85

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:43 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.45.3.121
access-control-allow-credentials
true
content-length
60
expires
0
khaos.json
token.rubiconproject.com/ Frame CDB2 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
5e091a4bda7cb1b96cf60040ae4e8596
Expires
0
events.php
log.r2b2.io/ 		9 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.r2b2.io/events.php?u=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
185.59.208.177 , Czech Republic, ASN43541 (VSHOSTING, CZ),
Reverse DNS
webgarden-track-lb-ha.vshosting.cz
Software
nginx /
Resource Hash
08acb2d9e20eaa2169933410e22462765ca36c0cc14757f9bc067b44184cce41

Request headers

Referer
https://newsonground.com/?e=1163290
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 14 Mar 2024 23:01:46 GMT
content-encoding
gzip
last-modified
Thu, 14 Mar 2024 23:01:44 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://newsonground.com
p3p
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate, private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
expires
Tue, 01 Jan 2000 00:00:00 GMT
pbsync.html
js.adscale.de/ Frame B84F 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:8400:f:4f64:8940:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2e9bc088c597c87498eaf303ba5be8ce8b84e0a187576c89c7cb33579e35963

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3245
cache-control
max-age=7200, stale-while-revalidate=86400
content-encoding
br
content-type
text/html
date
Thu, 14 Mar 2024 22:07:42 GMT
etag
W/"093414ce71e32cba0aa5d32e70ce697c"
last-modified
Thu, 14 Mar 2024 16:07:40 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 90cfd2dca03ef57cde2166b6abbd53ca.cloudfront.net (CloudFront)
x-amz-cf-id
YZ6TqnUrFrxO6nIcceGdbBYfxOnrbsiuQhVzkp_umR02N4-mg-L_6A==
x-amz-cf-pop
FRA56-P12
x-amz-server-side-encryption
AES256
x-amz-version-id
LZXGk_dVE1lKkl7SUpYa3yQoL5bRIZ1h
x-cache
Hit from cloudfront
usync.html
eus.rubiconproject.com/ Frame 6D04 		2 KB
1007 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.141.195 Rome, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-141-195.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0db0c6b0fa609e2d64cd4a065f652828236be1730861409986f2a74566dc0b8a

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
686
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Mar 2024 23:01:46 GMT
ETag
"2052b-661-613698fc7e540"
Last-Modified
Mon, 11 Mar 2024 21:52:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame D50A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1710457306116
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
isyn
prebid.a-mo.net/ Frame 6FB7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?&gpp=&gpp_sid=
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Thu, 14 Mar 2024 23:01:45 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
/
spl.zeotap.com/ Frame C749 		760 B
837 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8027343ba39c852275441944884be81b00abe70743fa6963420c61ac9f93d272
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://newsonground.com
cf-cache-status
DYNAMIC
cf-ray
8647e3336c185c44-FRA
content-encoding
br
content-type
text/html
date
Thu, 14 Mar 2024 23:01:46 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
/
csync.smilewanted.com/ Frame 6251 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/?1---
Requested by
Host: delivery.r2b2.io
URL: https://delivery.r2b2.io/js/6.91.0/online/public/bundle.483557f28266f76657e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e1450b21a6f1b2807726ebbeadbaf68bafbbf406c15209e5d903f17c9a262b7

Request headers

Referer
https://newsonground.com/?e=1163290
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8647e3338e8335f8-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 14 Mar 2024 23:01:46 GMT
server
cloudflare
vary
Accept-Encoding
mw
mwzeom.zeotap.com/ Frame C749
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Dfa2...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=9a58a8b0-9849-4507-63e1-99166aba1ba9&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=9a58a8b0-9849-4507-63e1-99166aba1ba9&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:46 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8647e333dc645c44-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=9a58a8b0-9849-4507-63e1-99166aba1ba9&zdid=1361
date
Thu, 14 Mar 2024 23:01:46 GMT
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame C749 		95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=9a58a8b0-9849-4507-63e1-99166aba1ba9&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:46 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8647e333ac3d5c44-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame C749 		557 B
419 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=9a58a8b0-9849-4507-63e1-99166aba1ba9&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1d91172f496c8fb0562d0eb10134a965add2c90731d0ccfad2b36077726aecc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:46 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
8647e333ac3f5c44-FRA
access-control-allow-headers
*
usync.js
eus.rubiconproject.com/ Frame 6D04 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.141.195 Rome, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-141-195.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
49e80d5add76d271511d8ccf3b951ba740dbdbab36ab75d4c1aff894dd1d8aea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Thu, 14 Mar 2024 23:01:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Mar 2024 15:16:57 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58501
Connection
keep-alive
Content-Length
10989
Expires
Fri, 15 Mar 2024 15:16:47 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 6251 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
99643
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8647e3342eff35f8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 8015 		0
315 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/?1---
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8647e3348f4a35f8-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 14 Mar 2024 23:01:46 GMT
server
cloudflare
vary
Accept-Encoding
getuid
sync.smartadserver.com/ Frame 9E03
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.117 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Thu, 14 Mar 2024 23:01:46 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Thu, 14 Mar 2024 23:01:46 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
uu
ih.adscale.de/ Frame B84F 		0
38 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1710457306
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.189.237 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:46 GMT
content-length
0
7738809124434604367
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame 2CA7
Redirect Chain
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/7738809124434604367
0
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/appnexus/7738809124434604367
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8647e334efaa35f8-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 14 Mar 2024 23:01:46 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
563b67a8-0cd5-4770-98bc-4be37cd21d1e
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 14 Mar 2024 23:01:46 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/appnexus/7738809124434604367
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
185.213.155.151; 185.213.155.151; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
sync.php
pixel.rubiconproject.com/exchange/ Frame 12C3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?1---
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3F53 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c861dd92be984fe498ece34c0f3c921861ac51bfee50323fcae21231abf7a82b

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=31874
content-encoding
gzip
content-length
5685
content-type
text/html
date
Thu, 14 Mar 2024 23:01:46 GMT
expires
Fri, 15 Mar 2024 07:53:00 GMT
last-modified
Tue, 13 Feb 2024 04:57:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 3F53 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=11164192&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 14 Mar 2024 23:01:44 GMT
content-length
0
server_match
ice.360yield.com/ Frame 28D8 		43 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.51.146.36 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-length
43
content-type
image/gif
date
Thu, 14 Mar 2024 23:01:46 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
9b5a2e9b-fb3c-45b9-bc40-2c269a495c5b
csync.smilewanted.com/set_partner_userid_get/openx/ Frame 2A9E
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://csync.smilewanted.com/set_partner_userid_get/openx/9b5a2e9b-fb3c-45b9-bc40-2c269a495c5b
0
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/openx/9b5a2e9b-fb3c-45b9-bc40-2c269a495c5b
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8647e33658f035f8-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 14 Mar 2024 23:01:46 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Thu, 14 Mar 2024 23:01:46 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/openx/9b5a2e9b-fb3c-45b9-bc40-2c269a495c5b
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pixel
ap.lijit.com/ Frame 84C2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.17.147.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-147-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
date
Thu, 14 Mar 2024 23:01:46 GMT
2965030788491927551
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 3F61
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/2965030788491927551
0
433 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/2965030788491927551
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8647e336e96535f8-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 14 Mar 2024 23:01:46 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Thu, 14 Mar 2024 23:01:46 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/2965030788491927551
server
nginx
d3cf52c0-fa89-45fb-83fa-f14d2af39226.gif
us.shb-sync.com/ Frame D770 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.shb-sync.com/d3cf52c0-fa89-45fb-83fa-f14d2af39226.gif?puid=[UID]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadwmg%2F%5BUID%5D&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.33 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 14 Mar 2024 23:01:46 GMT
Server
nginx
/
s.ad.smaato.net/c/ Frame 8355 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.ad.smaato.net/c/?adExInit=smile&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsmaato%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3800:1b:5138:8a40:93a1 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
36
cache-control
no-cache, must-revalidate
date
Thu, 14 Mar 2024 23:01:10 GMT
server
CloudFront
via
1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
x-amz-cf-id
t16e5zOOoGc-Epo8CFPPBtT_GYN1M80AdX1JGnkZ5D2TKquWdn5f8g==
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fid.agkn.com
URL
https://fid.agkn.com/f?apiKey=2194730263&i4=185.213.155.151&r=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694
Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Domain
bn01.er.bemail.it
URL
https://bn01.er.bemail.it/zeotap.php?_bid=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361

Verdicts & Comments Add Verdict or Comment

346 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 number| whitalabel number| HBActive number| HBBypass string| approvedsite number| passbacksolution number| hbonlysolution number| displayadsoff number| videoadsoff number| lightsite number| superlightsiteadxenabled number| StdRefreshTime number| VisileRefreshTime number| VisibleRefresh number| adsenabled number| videoInreadRight number| videoInreadOnly number| videoFloatingRight number| videoFloatingLeft string| hbcountry object| btloaderinsert number| cacheurl number| cacheurlforced string| timestampHBAi string| currentLocation number| DynamicAdboostEnabled object| dynamicbidinsert undefined| gptinsert undefined| adSlot1 undefined| adSlot2 undefined| adSlot3 undefined| adSlot4 undefined| adSlot5 undefined| adSlot6 undefined| adSlot7 undefined| adSlot8 undefined| adSlot9 undefined| adSlot10 undefined| adSlot11 object| adSlot12 object| adSlot13 undefined| adSlot14 undefined| adSlot15 undefined| adSlot16 undefined| adSlot17 undefined| adSlot18 undefined| adSlot1exists undefined| adSlot2exists undefined| adSlot3exists undefined| adSlot4exists undefined| adSlot5exists undefined| adSlot6exists undefined| adSlot7exists undefined| adSlot8exists undefined| adSlot9exists undefined| adSlot10exists undefined| adSlot11exists undefined| adSlot12exists undefined| adSlot13exists undefined| adSlot14exists undefined| adSlot15exists undefined| adSlot16exists undefined| adSlot17exists undefined| adSlot18exists number| AmazonUAMEnabled number| AmazonUAMactive object| apstagSlots object| refreshableSlots number| AnalyticsEnabled object| script undefined| newLocation function| refreshBids function| adRefresh undefined| hbvideoads function| gtag object| googletag object| vmpbjs object| vpb object| apstag object| dataLayer object| __bt object| __bt_intrnl object| __bt_tag_d object| _aps boolean| apstagLOADED object| apscustom string| reqCountry function| a0_0x875750 function| a0_0xa15a function| checkDivExists function| getLMCountry object| condLabels_Syq6JPG function| a0_0x43b8 object| dynamicAdBoost_Syq6JPGAdUnits_Syq6JPG object| dynamicAdBoost_Syq6JPG object| booster_Syq6JPGTargetAdunits object| DynamicAdBoostPlus_Syq6JPG function| callBooster_Syq6JPG function| initBooster_Syq6JPG function| dynamicAdBoost_Syq6JPGChunk object| _dynamicAdBoost_Syq6JPGGlobals object| __cfQR object| lotame_sync_16576 function| ha object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_t object| sync16576_ga object| sync16576_u object| sync16576_pa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_v function| sync16576_x function| sync16576_y function| sync16576_z function| sync16576_ha function| sync16576_ia function| sync16576_A function| sync16576_ja function| sync16576_B function| sync16576_C function| sync16576_w function| sync16576_D function| sync16576_ka function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_la function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_M function| sync16576_ma function| sync16576_na function| sync16576_oa function| sync16576_N function| sync16576_O function| sync16576_qa function| sync16576_P function| sync16576_ra function| sync16576_sa function| sync16576_ta function| sync16576_Q function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_xa function| sync16576_R function| sync16576_ya function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_za function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Da function| sync16576_Aa function| sync16576_1 function| sync16576_Ca function| sync16576_Ba function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Fa function| sync16576_Ga function| sync16576_Ia function| sync16576_Ea function| sync16576_7 function| sync16576_Ha function| sync16576_Ka function| sync16576_Ja function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_La function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_$ function| sync16576_Pa function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa object| PublisherCommonId object| __id5_finalization_registry object| ID5 object| vmpbjsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| hadron boolean| __halo_loaded__ undefined| google_measure_js_timing object| _wpemojiSettings undefined| $ function| jQuery object| html5 object| Modernizr string| image_save_msg string| no_menu_msg string| smessage function| disableEnterKey function| wccp_free_iscontenteditable function| disable_copy function| disable_copy_ie function| reEnable function| disableSelection function| onlongtouch undefined| timer number| touchduration string| elemtype function| touchstart function| touchend function| wccp_pro_is_passive function| nocontext object| e object| AdTrack undefined| timeout_result function| show_wpcp_message function| hide_message number| w3tc_lazyload object| lazyLoadOptions boolean| __cfRLUnblockHandlers function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _extends function| _typeof function| LazyLoad object| R2B2 object| Criteo object| headerBidParamObject object| attrData string| pxft_clear_cache_flag undefined| pxft_first_init_activated undefined| attrDataArray object| displayPlacement_PF_script boolean| pixfuture_environment_started function| init_____display____pixfuture object| ID5EspConfig object| twemoji object| wp object| ADAGIO undefined| f object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_standalone_151 object| Criteo_standalone_151 object| au object| ihowpbjsChunk object| ihowpbjs object| IHPWT string| partnerName string| key boolean| isPxftLibrariesPending function| findCMP_PixFuture object| pbjs_pixChunk object| pbjs_pix object| pxft_googletag object| node boolean| _pxft_iel_init boolean| pxft_first_init_iel_activated object| __connect object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| OWZmZWQ2MzRmNTBjMjNkZmxvYWRlcl9qcw== string| OWZmZWQ2MzRmNTBjMjNkZmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady

63 Cookies

Domain/Path Name / Value
.newsonground.com/ Name: __cf_bm
Value: Ctbj4UFc3pa.84UKvCSMf6CJSDzfLC6X0rhe_EnhSOM-1710457300-1.0.1.1-d5d13Q75flOqN8poCsEsFSCPO1Pwu7qd33vtRr1KAoOzgot0d8N1ad2qtSSZ5HhZHtDGZChE5nucTHDjDnIbRw
.newsonground.com/ Name: _ga_8HQJX732BP
Value: GS1.1.1710457300.1.0.1710457300.0.0.0
.newsonground.com/ Name: _ga
Value: GA1.1.1689605568.1710457301
.newsonground.com/ Name: _ga_GG9P2R3KTR
Value: GS1.1.1710457300.1.0.1710457300.0.0.0
.newsonground.com/ Name: cf_clearance
Value: yF0JHrFxQS9k2RMKhwE_0sv_jeYXRYz0nvezJp97Yr4-1710457300-1.0.1.1-86oMj8CS2WuTvzCl0TRzvzc73K5YKTsXZlFE8AvERArKEK6F5kgzxUzqnXwiuHOPkdq8SFwbtB2gQP2ABtUy1w
pbjs.e-planning.net/ Name: CT
Value: 1
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 8a5dbdde-154b-4bcf-8ad2-9d36222c96e6
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.e-planning.net/ Name: E
Value: AH1pAQbEzggPqiNg
.agkn.com/ Name: ab
Value: 0001%3A4pz53QhuuLBsYabmndcqUROFMBOafgb9
.newsonground.com/ Name: cto_bundle
Value: QrRefF96VTRMaXRUdUZUbW9mbjVtOUFYZjI2dSUyRlB3SWNYOCUyQnF3akRQUDA3WFk3JTJCWnhIUTVTTCUyQmk4dHpkWW96OUw2dXdkMndpN0FaRnpyUnZqTU4yajdFd2dEcjJqTlVxckVTQ3hPR1NLUCUyQm16MUliTVZ2b1hoMktpY092VlB6JTJGUlFuMyUyRjhZaFhZUVBobVdWNnZmMHVoYWFrTzZZb3VkR0R1MlRmdHdwJTJCeFRvdTlzJTNE
.rubiconproject.com/ Name: khaos
Value: LTRU4423-1F-AEI9
.rubiconproject.com/ Name: audit
Value: 1|yQuirGeEF6DDyRgWATh1fz5APvdogVCbaTd6KyMQnav7WhEtU9POVjBzo9RTP8qvp95By6kO+HMJog3xIDaLvUgcdj94p/MzAAlSoM7OEdIijy0RC4Zd8SKPLRELhl3xpmvllXEtYN4=
.prebid.a-mo.net/ Name: __amc
Value: 2_1710457300_1710457301
newsonground.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.newsonground.com/ Name: _pubcid
Value: a13888a7-a9c2-4f84-a2da-0f666a65db2a
newsonground.com/ Name: _lr_retry_request
Value: true
newsonground.com/ Name: _lr_env_src_ats
Value: false
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: 1Syqhjt0Rqx-4VEQ2RZv0dUGsBH7P4X1PWwgpUCGoMx7PTnSWmsNbp3cNzuZ48G1XC2y6n6dxpGHfKOKREVvfq6CKa0s1U4NNJtnz2ZyyJM.
.adnxs.com/ Name: uuid2
Value: 7738809124434604367
newsonground.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-03-14T23%3A01%3A41%22%7D
.bidswitch.net/ Name: tuuid
Value: 7c51bb77-5b0d-42a1-b934-194716ec74f9
.bidswitch.net/ Name: c
Value: 1710457301
.bidswitch.net/ Name: tuuid_lu
Value: 1710457301
.go.sonobi.com/ Name: __uis
Value: e7d0dc2a-c6ad-4bbf-afaa-ec6cbdf473fd
.go.sonobi.com/ Name: _usd_newsonground.com
Value: bff9e5e0-338a-43f6-b445-5ebe56905852
apex.go.sonobi.com/ Name:
Value: receive-cookie-deprecation: 1
.go.sonobi.com/ Name: HAPLB8G
Value: s85111|ZfOB2
.casalemedia.com/ Name: CMID
Value: ZfOB1rmqPVAAAHzjAS284gAA
.casalemedia.com/ Name: CMPS
Value: 3179
.casalemedia.com/ Name: CMPRO
Value: 3179
.zeotap.com/ Name: zc
Value: fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5
.adfarm1.adition.com/ Name: UserID1
Value: 7346358173295507598
.tapad.com/ Name: TapAd_TS
Value: 1710457302123
.tapad.com/ Name: TapAd_DID
Value: b3ea6fe2-992d-4c9d-8009-3ce9635d7de4
prebidserver.pixfuture.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJlcGxhbm5pbmciOnsidWlkIjoiQUgxcEFRYkV6Z2dQcWlOZyIsImV4cGlyZXMiOiIyMDI0LTAzLTI4VDIzOjAxOjQyLjEwNjIxNzg1WiJ9LCJncmlkIjp7InVpZCI6IjdjNTFiYjc3LTViMGQtNDJhMS1iOTM0LTE5NDcxNmVjNzRmOSIsImV4cGlyZXMiOiIyMDI0LTAzLTI4VDIzOjAxOjQxLjYzMzEwNTAxOVoifX0sImJkYXkiOiIyMDI0LTAzLTE0VDIzOjAxOjQxLjYzMzA4OTAxM1oifQ==
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.weborama.fr/ Name: AFFICHE_W
Value: I9P3bXUaf6Mj10
.turn.com/ Name: uid
Value: 8280008358510697853
.ads.stickyadstv.com/ Name: UID
Value: b3ddd93c4ae97b3f2e24373fbc567762
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZfOB1rmqPVAAAHzjAS284gAADGsAAAIB
.demdex.net/ Name: demdex
Value: 86566747657384282533738770740375159412
.dpm.demdex.net/ Name: dpm
Value: 86566747657384282533738770740375159412
.yahoo.com/ Name: A3
Value: d=AQABBNaB82UCEFBdZdVhBwc_xuCwGXQ4Cq0FEgEBAQHT9GX9ZeAKyiMA_eMAAA&S=AQAAAgDQJj6q_y9CSYMmGQkJ5es
.analytics.yahoo.com/ Name: IDSYNC
Value: 19ah~2han
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_ed734adf-641d-434a-b8bb-4c43ff6f9730
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZfOB1gAA3kqqIgAe
.quantserve.com/ Name: d
Value: EAoBDQGvK-vLswA
.quantserve.com/ Name: mc
Value: 65f381d6-60a6f-9591e-d1640
.fwmrm.net/ Name: _uid
Value: ume95d1_7347504005606113378
.amazon-adsystem.com/ Name: ad-id
Value: A5fimFIRr08xnTfXAl0YQnw
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.zeotap.com/ Name: zsc
Value: x%F2%D5%1C%E3%FAi%9C%C9%EF%FD%E1%3BE%19%EC%DCj%91%E3%12K%0Ag%D4%5D%02%9CBKe%3D%A3%1Bc%0D3%80%7FqNu%5B%A77%0B%A2%10%7B%27%CD%7DA%00%F9%F9%3B%C5%B6%F6I%1E%D2JRa%D9%1F%DF%86q%12e%E6%D4%E5o%AA%E6D%A5%A9%A3%D5%99%F1%9C3%D3%D5or%98%19u%98%DA%E4tr%0A%5B%B8%2F%E3%9C%C1%3D%E3i%F0M%A3%C8fH%D2%ABb%D56%C0%FC%8B6%B1%C3%CDy%AE%FB%82%1D-zT%60%AES%A3%B4%2Bf%F9%28%16%CB%7D_%1B%B1%5B8%D4%8A%7Ds%F8%C4%9B%A2%3CX%99%7DV-%D6%C4%15%97
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: wfivefivec
Value: maNJjbSo1RKU505
.w55c.net/ Name: matchcasale
Value: 5
.adform.net/ Name: uid
Value: 2965030788491927551
.adtelligent.com/ Name: g90
Value: AH1pAQbEzggPqiNg
.adtelligent.com/ Name: vmuid
Value: 9e024e026d3b0c2d
.adtelligent.com/ Name: a743293
Value: 2965030788491927551
.adtelligent.com/ Name: g142
Value: 0000EEA

364 Console Messages

Source Level URL
Text
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://newsonground.com/?e=1163290
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694' from origin 'https://newsonground.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://newsonground.com/?e=1163290
Message:
Access to XMLHttpRequest at 'https://fid.agkn.com/f?apiKey=2194730263&i4=185.213.155.151&r=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290' from origin 'https://newsonground.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://fid.agkn.com/f?apiKey=2194730263&i4=185.213.155.151&r=https%3A%2F%2Fnewsonground.com%2F%3Fe%3D1163290
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D1ec78ea3dbda48e1%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=1ec78ea3dbda48e1
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://tags.bluekai.com/site/87734?id=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=e7e568f6-23d7-4ace-5d54-408b0880da4d&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=9dee02fd-c13a-4c5a-4cc2-c0aac3f864de&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D2e06db8fee740314%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://s.console.adtarget.com.tr/sync/?aid=755289&gdpr_source=cmpuishown&refer=https://newsonground.com/?e=1163290
Message:
Failed to load resource: the server responded with a status of 451 (Unavailable For Legal Reasons)
network error URL: https://s.adtelligent.com/sync/?aid=651796&gdpr_source=cmpuishown&refer=https://newsonground.com/?e=1163290
Message:
Failed to load resource: the server responded with a status of 451 (Unavailable For Legal Reasons)
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript warning URL: https://newsonground.com/?e=1163290
Message:
The resource https://newsonground.com/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=fa21807f-5414-4a4e-7dfc-9cc0cd5ca6f5&reqId=9a58a8b0-9849-4507-63e1-99166aba1ba9&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsonground.com/?e=1163290
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
ads102.adtelligent.com
adx.adform.net
adxbid.info
ap.lijit.com
apex.go.sonobi.com
api.btloader.com
api.rlcdn.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
bn01.er.bemail.it
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
cat.nl3.eu.criteo.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.pixfuture.com
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
config.aps.amazon-adsystem.com
contextual.media.net
cookies.nextmillmedia.com
csync.smilewanted.com
data.ad-score.com
delivery.r2b2.io
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
get.s-onetag.com
ghb.adtelligent.com
googletagmanager.com
gum.criteo.com
hb.adscale.de
hbx.media.net
i.liadm.com
ib.adnxs.com
ice.360yield.com
id.hadron.ad.gt
id5-sync.com
idsync.frontend.weborama.fr
ih.adscale.de
image6.pubmatic.com
imageproxy.eu.criteo.net
js.adscale.de
lb.eu-1-id5-sync.com
lh3.googleusercontent.com
loadeu.exelator.com
log.r2b2.io
match.adsrvr.org
match.sharethrough.com
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
newsonground.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-geo.s-onetag.com
onetag-sys.com
pbjs.e-planning.net
pixel.rubiconproject.com
pixel.tapad.com
pixfuture2-d.openx.net
player.adtcdn.com
player.adtelligent.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
prebidserver.pixfuture.com
prg.smartadserver.com
region1.google-analytics.com
rtb.openx.net
s.ad.smaato.net
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
served-by.pixfuture.com
sghb.adtelligent.com
signal-beacon.s-onetag.com
signal-segments.s-onetag.com
spl.zeotap.com
ssc-cms.33across.com
ssp-sync.criteo.com
ssp.disqus.com
ssum.casalemedia.com
static.cloudflareinsights.com
static.criteo.net
static.smilewanted.com
sync-tm.everesttech.net
sync.admanmedia.com
sync.adotmob.com
sync.adtelligent.com
sync.go.sonobi.com
sync.richaudience.com
sync.smartadserver.com
sync.tidaltv.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
trc.taboola.com
u-ams03.e-planning.net
u.openx.net
ups.analytics.yahoo.com
us.shb-sync.com
usermatch.krxd.net
web.hb.ad.cpe.dotomi.com
www.googletagmanager.com
www.headerbidding.ai
x.bidswitch.net
api.rlcdn.com
bn01.er.bemail.it
fid.agkn.com
sync.tidaltv.com
104.103.64.214
104.18.36.155
108.138.36.46
108.138.6.136
13.224.189.70
130.211.115.4
130.211.23.194
137.184.242.150
142.132.249.188
142.250.186.130
142.250.186.70
143.204.98.94
145.40.97.66
151.101.66.49
161.35.253.218
162.19.138.82
162.55.233.29
178.250.1.6
178.250.1.8
178.250.1.9
18.173.154.101
18.173.162.18
18.198.21.34
18.66.112.32
18.66.192.110
185.15.245.81
185.184.8.90
185.59.208.177
185.64.190.78
193.3.178.1
193.3.178.3
193.3.178.4
2.17.141.195
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
23.211.10.95
23.215.22.18
23.227.146.18
23.32.184.192
2600:1f18:6593:f602:8bd3:480b:a39:d536
2600:9000:211e:3800:1b:5138:8a40:93a1
2600:9000:2724:8400:f:4f64:8940:93a1
2602:803:c003:200::21
2606:4700:10::6816:1ed1
2606:4700:10::6816:3456
2606:4700:10::6816:445
2606:4700:10::6816:4ad8
2606:4700:10::ac43:246e
2606:4700:10::ac43:28ad
2606:4700:10::ac43:9bd
2606:4700:20::681a:246
2606:4700:20::681a:644
2606:4700:20::681a:bd1
2606:4700:3030::ac43:8a0d
2606:4700:3030::ac43:8d29
2606:4700:4400::6812:22b2
2606:4700::6810:5049
2607:4f00:932::2
2607:ae80:192:1::173
2607:f350:3:2569:0:10:0:200a
2607:f350:3:2569:0:10:0:200d
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:802::2001
2a00:1450:4001:80e::2008
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::200a
2a00:1450:4001:831::2008
2a01:4f8:242:57ce::2
2a01:4f8:262:3e00::2
2a01:4f8:262:3e01::2
2a02:2638:3::10
2a02:2638:3::3
2a02:2638:3::6
2a02:2638:3::c
2a02:6ea0:c700::18
2a02:fa8:8806:12::1460
2a04:4e42::300
2a05:d018:d29:3601:7bcf:ba48:68f0:f6ab
2a06:98c1:3121::3
3.64.171.73
3.71.149.231
3.78.210.113
34.111.113.62
34.111.131.239
34.120.63.153
34.160.236.64
34.225.101.25
34.250.129.70
34.252.235.9
34.98.64.218
35.157.246.167
35.186.253.211
35.214.149.91
35.244.159.8
35.71.131.137
37.157.2.228
37.157.5.133
37.252.171.52
45.133.44.3
45.137.176.88
51.89.9.254
52.17.14.43
52.17.147.221
52.201.75.98
52.215.99.44
52.28.108.3
52.46.155.104
52.51.146.36
52.57.189.237
52.59.69.244
52.95.125.22
54.235.155.213
54.78.254.47
54.85.116.15
67.202.105.23
69.173.144.138
69.173.144.139
8.2.110.26
8.2.110.33
81.17.55.113
81.17.55.117
85.114.159.93
95.100.81.28
0016339d11c8eb0fb4a8368677d1676bd8055339586714ccd64d8e3da5a7ee98
001d82d6878c9dc612433abf6d39debd4fd84d7dff6a3f660e50f5c369dff220
0103ac22d0587a03114bb9f798ac2406c0897faf78800be588f344ddad517c06
04da339baae1948d51e6ffcd4f1f118fe304f7aef2884cd164714df856f0e7f0
05d819a825f8098149df71183c9a11a719fef4058283ce710b8fde5759a9e90f
05f65b4650dad8066bed0f60bff7455409fd37003db86c132db7668463902712
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06f103f02541567819e6cf25058c64d7b7766aee8c05341bccc66acbd6ecbc44
07cdbe6f28ed03aa059f8a90a26978387feaee023e602ca4f6631038dc2ed495
085a79a479d07f31d01f2127561c5bba4382dbd48c698acf0aa6d13f0f1f29d5
087fd704845c8c20987816e2e6747f5c1b4f777fbc24977bb3004a90352dc78f
08acb2d9e20eaa2169933410e22462765ca36c0cc14757f9bc067b44184cce41
08d3624a1d618a77260d63e977496d7258c589d04933c519f5feb7ebeca88db3
095d97ef59c4a4839d0a9e1b260d168e6350b57c424fcb8fa1a5b47c7b9a4a87
0ad31ce26160ef7fc6ff74ccf4152bc134e96a664c5c46b79c0d8e2e51299b58
0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a
0b50e072ecbb56aa78c9ca8b6df6467fb0f5cfbc2e35a524e8c2d339525c38f1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db0c6b0fa609e2d64cd4a065f652828236be1730861409986f2a74566dc0b8a
0f31f2821cd4bafa915656369ac622ca105445565d7dda34225f8833061546a3
138b12dc273dd74e3dd4bc4ebc955beaa550afec6d608bdc72038dfa0f5532fd
140e17bdd8186191131c02a6da856adbda9a3d9b961f994407e67f4caeca48e5
14fcc14dc44eca072015455540f819b759b4b31261fa44d22b1692077652cf0f
179fc947edc89b3bd6e4257a4fdbe710a2c6430c3af632df74a92cf9a69630b2
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
1a6573f3119e669f076691dace74b1c2587a7904c59c90bdd186c4587ead4ff0
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1d6693b7186c190fb6f7b0f65ae79fd4fe3cc66281a3c322e1317b6860175e95
1d9e1c7353e6be26323baf28b88b9361ad24049ec3918344abdcefe90f40fdf2
1e2ed1a62a0b51ba31d131cb4c62aea162a845f1cf4a213ca7e041bdd9bab7f7
1effcae83252aa11eed3c626e9a1d0358324214b277eb9b6aa0a135b1bfe9641
201dc695ba7ad24f5b671ffbb0074bcf1880605ab9bbf91a380465b6fe760988
22de3cfef032de2d4fdb9617e21c37a4e1b94d3c388eacf661428139aac3e19c
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28e106935178157fc8612fccb5abd30f4a68fcd73e07fa19ce5c69cad84ce516
2a99d3c1d28dffd8910b689cc388a4892bd7ad066ee0c58915ff3a605a71076c
2cd888067948f15a38f6df5da6ae1a8b522a27048afeb650da29f70d734e8303
2ddd96839c08e8cbdd3b1f56569b6d4770021731534b98dd17dec8526bb0d151
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eef46dddc1cd02fd80cd4b37cffbe963ebfda495cb316937805be4595d2e112
2f1a6ab818a89d9265fd9491a9659edacb9ef3120e3451c0023c056bcc2deff8
30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a
35885abf1497c8fff53e54036b502e3557d612c32f902891e36c587c7b353b66
3590a50189b749c071460b4b98b86d4231f3fe83c3bac6b8d35f0bcee14e1aec
360eb41166d321be8d7db2acd0b3e563608db556afd5012c09509b00c7537054
375ef054d5a932e594e6f94a8e9982e848dd5b10b2c86c473ffebd26c45a92fb
38f1048becbf634666bdf693feb407fa12dc03c59a7e354b5a25a78db8a06353
39df69a677a3d83efbf5f9399177414837349fb9ffab6b6df73180ea83f55174
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443ce18dfb9e4d7825690e34ba64ebaa15c7803f50a216fa63434c3d558e32ac
44d18febe35cb8ac1fb4f8844ca2228cf1f7dd452d044ba1fba77c28e0180e71
45093f4ff6f20b1b6218b651f92d2262630135de13e940a641719be36e7a6b50
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45d873527380ba0d1e01ca057514cc8214594a65088cf47a8046ef527d5b85a6
47874dd2d6ffb15ac863d4c8187e5681e09dca3b08dff50cefe7856cbee26814
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49a5387185d006dc896eb021e877a5b7018b56352ee2df7263b2d60e31e0ed17
49e80d5add76d271511d8ccf3b951ba740dbdbab36ab75d4c1aff894dd1d8aea
4a596a8aa7f01ff1aeb23d27a67284c7d245923f00b0b9be24d334ba0d7cc620
4b7e26cc8b26cfc43cfa0c52a57680351ef3aecbc3ca10fc9a1a3a0aed4eaae5
4df0ead6bde7e3d5e09e526abac0459c7d38132927347acb1ffba4e8c3bfc649
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1ce4d0b24289ec54bb95648e82c5be61fbf955856cb3f8c65f598fd475ca72
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
53f2d8a3da05ea51816017386af0c5b875d399dde6226fcfc419a641b23e33e9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59332fc69de0211b772267b7b42159ead3944390673f67f0a9cfd8ea84b303ae
5b414a201d433a80079bb11f4efacae1f09b93d28cd3540a543e5c4036626898
5be23afbd95a1daa6b901a8b3182370ff6cfb0d7dda0de9a06bbe16a312513cf
5c2b621ce9b8088ccfdba720f7e25f73213cf0373c4a7b85823047e771629a26
5d05414a13f17446ee58506f9c656a410185e0f7b7e4501404f51ee77191f931
5f21c93f8b296879189ead0553a860a32571a9ba2621b3f1af1fc464cc7f518f
600826abda80faa7b07ed3143fae1d269e630160088860b4cfa6b266dc0d33db
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
657cdb31ec053f38927ee938a7342a691e10351b3747f1cab5a1eb511f46ebe1
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
696fcc10368bb1fc6fce0eedc4f337b0945068b0aaa794d1e5637eaae9255d89
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6d6311806f00b65e3e5edf7ce5ce3bddc41c5b825fd458c9523920337c80c64c
6e1450b21a6f1b2807726ebbeadbaf68bafbbf406c15209e5d903f17c9a262b7
73db4486b4b8f9dbd2abd22fa52eaa75e165f93e1d7f91b78fa9238b318a6136
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
770a54089cdf274e28d209686be3d02b5e97f17d553d01e0ed9869eb34a446ed
77401ea9049b65863a8f950c7b31e994c2f89682f832d137ed3596b6c11de106
7bc37c98295b08006e612be6c569f3cec05d794c9baa73e80c80c1a65c66432f
7c62795dab40a8d2eff7b25a5b7d4c22e809eaf7148a5883718168f24cab6645
7e6a8b2e3a2af539c51845e313a8ce4e3eb38ae3ff5498772b4714d992f3e49e
7ee1d49e7fb12e595ab42b7ec53e53585fac6b97fe567dbd57ffb2290c95778e
8027343ba39c852275441944884be81b00abe70743fa6963420c61ac9f93d272
8059a27aae6e523a5a6cbd3ed278550f080aea83ab644f0ae2c229b5d66ee17d
8199a0f86a39648e6d011f26fb9fef019e9e9bffd5a15fed6a418be26e4ac9b8
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
828a8a9d76992a6d457e77d7f4d3ad1cfeee877a3d7311a204b69c22ee8d6846
842ef96e004b11b266b40e02a23c3d5e663778ddeeb8038e192586f0156e273c
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8ac5e6349a09636b96921f71ef17c0f845e8fe9e6a45a04548741d9eb38373c5
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
8b85142e5b0be2eed2d6dd9c66f4ebe2f8f4afe21a98e63082ae8cef2bc26551
8ce893c505f39dd4648a663903cc54acb53706282331c26552ed55ccef0c127f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e4196faa28def3b310eed8c11827e29b55f9f3d2bfdd31d3d72669fea7f8c92
94754b6ae2bc121b6350c0286e129d8198cde9418d3d1b75816dfcdb78dc459f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1d3e4249cbf19c72eeea5082aa6faf1c812d10fc4012ea403ab5f0b626d9ac5
a4a4025195c23d12050cbefdc78e5301a1723ada35de66d8ae3a2c9eb7fcc8e2
a5deb10419661d129fc5b9ad27f40f94c5972051a7515d6156ad1dbfd3d3d445
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b
a67446c2680e1e70b9d5dff4352e564a398fe9913b049209bdd05f9f48ae453e
ab35a89b7c1df4b00ab44f40262f87f2b5f21a70708cd6b8e8cd8e8ca9302674
ac07b1109863a561069f6d346b7914a051ecd40baa9a51cbd67c25ebd95b7bb6
add0f85d64f867e1b6818956c36e068c7afb5d73e83befd7606e2d624ba9efaa
af861c744ee66e8c7e69fc339113057b547b29b97ecbe8cf9b185594adfe5c88
afc81c2497cf01c519b492f79fa451289d66f6430bf23dcb83ee052d72ece0f4
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e
b0a82cefc2e16ab918013c1b64e1929557afb6c695df6a9ca76018f268f45590
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
c107fcc64f967d3bcb25f72475fa25708339aa7c1efccc2863ef2edcd82f3e85
c1fa761e28c9d658cfaaca7836bbda15b02ef7366cfe27786f0e04e743bff072
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c27414876349712983df81fb135ebf1c414976dde4a0e75d658e69f9dde06728
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3a68fbdfba5a57a68f0041c669c3ce080b1bc7178133518bfc79accd68eb054
c5eced3537b5efc44d2bff1bf79e7f6c8c03588d3c66a55433a43171b48464bc
c861dd92be984fe498ece34c0f3c921861ac51bfee50323fcae21231abf7a82b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd8f04b0a206c80d88b3fe9834bb978700075f9000ef74e93a8d1d3a8aa50343
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d1d91172f496c8fb0562d0eb10134a965add2c90731d0ccfad2b36077726aecc
d44263bb136551ebdd0fc944290519f570f187e69f802e344a8b806bfab181d5
d5e62fff7eaf370fbed188432f6ea7cfb63ca0ee68a91a7ee86c8befc180c77b
d635aebf7a23e5f2c66ca046a9f1f5797058912b09c589d4d4f331cb193cf3d7
d7553b6dd398d5c64bd4fd0f2c386a2737dab7fda6e63dbc52b34966fd3bba62
d76947c8cf14073f1ddd3d2243a869413b89c0e0fa1aaa9382c5526391ffc63a
d921266a89e528f3093ffde83e53e4f7e01cbb7c997b2b14da2d5bce8bfc586a
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dcbdb6e0815d03df2528134bf9064f49ed5075a6a0e225be2e78feef2f4b457c
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40252109073e433db301361684f678960b837d093e98d2809c8bef7366ee02d
e5703c35fa1af2dc134f5469196f17570b4abcf4c3df08f8c6f1b2faf314428d
e5787c42f269fa3c7310d98a5811bee2832d143351be48c39752aa6db6baf4f9
e90dde1c7f83a69c22b32f62a4205b22082e51d0e7ab5ee5305096e6543a5bbf
e9a593b2e053503a82ef0205edd928d632bbc1dc35c449e4e65d2d011b6482b0
ea487c53d46f33f509711d7adc82b08209678a18969e0d0b7ca534aa74a11c21
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ece5f476d0695f94958358884e3647d710ac53ec5652538125151600dd1c3239
ee3738c9a1854a56b642db18a661c238e671a6c82534ec8907377eff8b36ec8d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efffa79371e746df6ebf227f1ad689910a80103c8af6cd60c37404d516e2eaf4
f1fffa26f534f1897a663d2174d81ecb4325980157d61e4019f061f750b11e42
f2e9bc088c597c87498eaf303ba5be8ce8b84e0a187576c89c7cb33579e35963
f48f81604f637fa6e714c5bdc73c16e24419c3e6cf43897b8fe7c3ee6fd0e43b
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
fa7cc1fa9b4365cc8f674102f18aae0b89f2560192ab9bb4aca5d281af54f4ce
fac75cb8dcdc5caa1e7a3e3a949d5035abc5e9f9f282b5cb3acdfa0ded93f303
fb0a3c2974c3a23ee379da795ceeb0d9cef85a64bacc4838268586a7681ffa53
fc24ae6c705bad097f6862c3a1b5ba6629ae0d985c70d548388c615a5c083610
ff15ac47504bb557006756aaba7dc0eadcf935f9633390f379405085d9f85de8
ff4c28c6e15096b5bebd8fea6b7b1f074d1a188a1d1e0a87c408e2eb51c826f8
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876