fir-auth.newswav.com Open in urlscan Pro
199.36.158.100 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fir-auth.newswav.com/
Submission: On June 29 via automatic, source certstream-suspicious (June 29th 2022, 6:21:50 pm UTC) — Scanned from DE

Summary HTTP 147 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 9 domains to perform 147 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is fir-auth.newswav.com.
TLS certificate: Issued by GTS CA 1D4 on June 21st 2022. Valid for: 3 months.

This is the only time fir-auth.newswav.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
39	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::ac43:16dc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:733	13335 (CLOUDFLAR...) (CLOUDFLARENET)
147	13

44 199.36.158.100 (United States)

ASN54113 (FASTLY, US)

fir-auth.newswav.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:16dc (United States)

ASN13335 (CLOUDFLARENET, US)

newswav.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.newswav.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:733 (United States)

ASN13335 (CLOUDFLARENET, US)

www.malaymail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	1 MB
48	newswav.com fir-auth.newswav.com newswav.com — Cisco Umbrella Rank: 124448 cdn.newswav.com — Cisco Umbrella Rank: 136437	659 KB
12	google.com adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	5 KB
9	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54	5 KB
6	google.de adservice.google.de — Cisco Umbrella Rank: 7751	1 KB
6	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867	910 B
4	googleapis.com www.googleapis.com — Cisco Umbrella Rank: 53	1 KB
3	malaymail.com www.malaymail.com — Cisco Umbrella Rank: 139767
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	86 KB
147	9

	Domain	Requested by
44	fir-auth.newswav.com	fir-auth.newswav.com
39	pagead2.googlesyndication.com	fir-auth.newswav.com pagead2.googlesyndication.com tpc.googlesyndication.com
18	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com
6	www.google.com	tpc.googlesyndication.com
6	adservice.google.com	pagead2.googlesyndication.com
6	adservice.google.de	pagead2.googlesyndication.com
6	partner.googleadservices.com	pagead2.googlesyndication.com
4	www.googleapis.com	fir-auth.newswav.com
3	www.malaymail.com
2	cdn.newswav.com
2	newswav.com	fir-auth.newswav.com
2	connect.facebook.net	fir-auth.newswav.com connect.facebook.net
147	13

This site contains no links.

Subject Issuer	Validity	Valid
firebaseapp.com GTS CA 1D4	`2022-06-21` - `2022-09-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-08` - `2022-07-07`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 27 frames:

Primary Page: https://fir-auth.newswav.com/
Frame ID: 733233CACE09EBA4334385F8708DF201
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220623/r20190131/zrt_lookup.html
Frame ID: 01866C9E6C4CB214D927E71CA4284A41
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202249324250874&output=html&adk=1812271804&adf=3025194257&lmt=1581687616&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffir-auth.newswav.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656526905119&bpp=3&bdt=169&idt=103&shv=r20220623&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7210730376657&frm=20&pv=2&ga_vid=640529636.1656526905&ga_sid=1656526905&ga_hid=827604731&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067528%2C31068269%2C42531606&oid=2&pvsid=4243421166422023&tmod=791360171&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=120
Frame ID: 2991F63CEBFD41655452C4213A2C3CBF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3A54D37619E80E58AAB313F5AA65487E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EDE341531A8E2F0535DDE540AAFC8A10
Requests: 2 HTTP requests in this frame

Frame: https://fir-auth.newswav.com/assets/ads/feed-ad.html
Frame ID: 5B84A66910F717E7A2C6E1E15B005BF5
Requests: 9 HTTP requests in this frame

Frame: https://fir-auth.newswav.com/assets/ads/feed-ad.html
Frame ID: 7267E1C336018CE46EB07A3F61E01995
Requests: 9 HTTP requests in this frame

Frame: https://fir-auth.newswav.com/assets/ads/feed-ad.html
Frame ID: 35D4631108DA08A7B2C68679599E766C
Requests: 10 HTTP requests in this frame

Frame: https://fir-auth.newswav.com/assets/ads/feed-ad.html
Frame ID: CDCD419E82E33D16CF2332971CD68AE2
Requests: 9 HTTP requests in this frame

Frame: https://fir-auth.newswav.com/assets/ads/feed-ad.html
Frame ID: FB5335475C7FADF81062D015A7714E57
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202249324250874&output=html&adk=1812271804&adf=3279755400&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffir-auth.newswav.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656526909436&bpp=3&bdt=202&idt=163&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&cookie=ID%3D5b3040fea4b2f5d5-228b8890c1cd0075%3AT%3D1656526905%3ART%3D1656526905%3AS%3DALNI_MZNDJjEs3ts4vjdZhwIj5UXFAKdGw&nras=1&correlator=7210730376657&frm=23&ife=1&pv=1&ga_vid=2141087478.1656526910&ga_sid=1656526910&ga_hid=575437887&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=150&ifk=3681673310&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068196%2C31068232%2C42531607&oid=2&pvsid=4168789358369152&tmod=950746876&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C150&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.fzsi48lyxyjd&btvi=1&fsb=1&dtd=183
Frame ID: 5C2BAC630EDD15B62BF5C9DC18E8E20F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202249324250874&output=html&adk=1812271804&adf=3279755398&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffir-auth.newswav.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656526909456&bpp=2&bdt=193&idt=179&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&cookie=ID%3D5b3040fea4b2f5d5-228b8890c1cd0075%3AT%3D1656526905%3ART%3D1656526905%3AS%3DALNI_MZNDJjEs3ts4vjdZhwIj5UXFAKdGw&nras=1&correlator=7210730376657&frm=23&ife=1&pv=1&ga_vid=8204812.1656526910&ga_sid=1656526910&ga_hid=747009698&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=150&ifk=3681673310&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44767166%2C31067983%2C31068196%2C31068268&oid=2&pvsid=2277195840211486&tmod=1778759675&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C150&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.x3nd53logicp&btvi=1&fsb=1&dtd=195
Frame ID: 03EA5336CAA04E11D2F5E0E6AC358E28
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202249324250874&output=html&adk=1812271804&adf=3279755403&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffir-auth.newswav.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656526909475&bpp=2&bdt=233&idt=189&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&cookie=ID%3D5b3040fea4b2f5d5-228b8890c1cd0075%3AT%3D1656526905%3ART%3D1656526905%3AS%3DALNI_MZNDJjEs3ts4vjdZhwIj5UXFAKdGw&nras=1&correlator=7210730376657&frm=23&ife=1&pv=1&ga_vid=1583487619.1656526910&ga_sid=1656526910&ga_hid=1298196583&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=150&ifk=3681673310&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067528%2C42531606&oid=2&pvsid=2388316792800042&tmod=1742237075&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C150&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.vi0rtrcnpcpa&btvi=1&fsb=1&dtd=204
Frame ID: 8CF7A7CD5EF499E9964E7EE1492F7D83
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202249324250874&output=html&h=694&slotname=2346212182&adk=275089449&adf=1507960141&pi=t.ma~as.2346212182&w=1200&rafmt=11&psa=0&format=1200x694&url=https%3A%2F%2Ffir-auth.newswav.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656526909458&bpp=1&bdt=195&idt=229&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&cookie=ID%3D5b3040fea4b2f5d5-228b8890c1cd0075%3AT%3D1656526905%3ART%3D1656526905%3AS%3DALNI_MZNDJjEs3ts4vjdZhwIj5UXFAKdGw&prev_fmts=0x0&nras=1&correlator=7210730376657&frm=23&ife=1&pv=1&ga_vid=8204812.1656526910&ga_sid=1656526910&ga_hid=747009698&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=1680&biw=1600&bih=1200&isw=1600&ish=150&ifk=3681673310&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44767166%2C31067983%2C31068196%2C31068268&oid=2&pvsid=2277195840211486&tmod=1778759675&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C150&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.tml4mzkyjjes&btvi=2&fsb=1&dtd=232
Frame ID: 9E3F646171FCC5A7386508EE12955E4A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202249324250874&output=html&adk=1812271804&adf=3279755402&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffir-auth.newswav.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656526909511&bpp=2&bdt=252&idt=189&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&cookie=ID%3D5b3040fea4b2f5d5-228b8890c1cd0075%3AT%3D1656526905%3ART%3D1656526905%3AS%3DALNI_MZNDJjEs3ts4vjdZhwIj5UXFAKdGw&nras=1&correlator=7210730376657&frm=23&ife=1&pv=1&ga_vid=1228925358.1656526910&ga_sid=1656526910&ga_hid=285847808&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=150&ifk=3681673310&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C31068260%2C31068268%2C42531607&oid=2&pvsid=3597987212034348&tmod=92799025&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C150&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.5m0s0o952exu&btvi=1&fsb=1&dtd=206
Frame ID: D51C4D1DE704FCBE577514791BCA2275
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202249324250874&output=html&adk=1812271804&adf=3279755401&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffir-auth.newswav.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656526909525&bpp=2&bdt=276&idt=199&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&cookie=ID%3D5b3040fea4b2f5d5-228b8890c1cd0075%3AT%3D1656526905%3ART%3D1656526905%3AS%3DALNI_MZNDJjEs3ts4vjdZhwIj5UXFAKdGw&nras=1&correlator=7210730376657&frm=23&ife=1&pv=1&ga_vid=393263694.1656526910&ga_sid=1656526910&ga_hid=569434858&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=150&ifk=3681673310&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065545%2C31068232%2C42531605%2C42531607&oid=2&pvsid=3427228608702479&tmod=548608495&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C150&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.uo8u76eopdsc&btvi=1&fsb=1&dtd=207
Frame ID: E34E49CA7FC18F4925DCCE6533235494
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202249324250874&output=html&h=694&slotname=2346212182&adk=275089449&adf=1507960142&pi=t.ma~as.2346212182&w=1200&rafmt=11&psa=0&format=1200x694&url=https%3A%2F%2Ffir-auth.newswav.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656526909527&bpp=1&bdt=278&idt=215&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&cookie=ID%3D5b3040fea4b2f5d5-228b8890c1cd0075%3AT%3D1656526905%3ART%3D1656526905%3AS%3DALNI_MZNDJjEs3ts4vjdZhwIj5UXFAKdGw&prev_fmts=0x0&nras=1&correlator=7210730376657&frm=23&ife=1&pv=1&ga_vid=393263694.1656526910&ga_sid=1656526910&ga_hid=569434858&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=3184&biw=1600&bih=1200&isw=1600&ish=150&ifk=3681673310&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065545%2C31068232%2C42531605%2C42531607&oid=2&pvsid=3427228608702479&tmod=548608495&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C150&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.mq2plu3kt60x&btvi=2&fsb=1&dtd=218
Frame ID: 2CFE21129562220D5911AA97303E5991
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A4EC01278F8F081C9DB07BFAE15C8122
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D7A0736CFB1CC229D4D1791D868B5B51
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1DB58877EE61D0F002906B9AAAF84631
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FA5397BA1F657D5AD7D38AEE235818A2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CF568C051DD1B50E24151BBFFB5C945E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CF9382ED2CF5B1E09B7E06D52F39597C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F56D377BFA7371AC1D14B80ED2D9E7D5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6FE5CAEF1294BBBA49D1822DB0957A5B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8998CDCA478DC676586E55DE4809269E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CCC294D5A7D9D16F5D91C5013BE08BB8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Newswav

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

147
Requests

70 %
HTTPS

83 %
IPv6

9
Domains

13
Subdomains

13
IPs

2
Countries

2293 kB
Transfer

6485 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

147 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fir-auth.newswav.com/ 2 KB
1 KB 297ms
238ms Document
text/html 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

837cfed2af13a02703b41caf5ceb4a558f3170b81a5038556ba20dd39db7f0b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: gzip
content-length: 1077
content-type: text/html; charset=utf-8
date: Wed, 29 Jun 2022 18:21:44 GMT
etag: "f7c54377453304c4800a1cfea97f61dfc0730220e743972dd378d8aa67b03b64"
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4075-HHN
x-timer: S1656526905.713017,VS0,VE212

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
56 KB 117ms
62ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd22cfa807c6228637925a35e4e515b74d1c3b44aed2d6aab8887a5aa08e5c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56450
x-xss-protection: 0
server: cafe
etag: 5043126072260763940
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 18:21:45 GMT

GET
H2 200 styles.43bc8e0a35339d4009bd.css
fir-auth.newswav.com/ 22 KB
4 KB 245ms
241ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/styles.43bc8e0a35339d4009bd.css

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

695a899dfd6dacd57e93bf933a78c443b326deb052ade92fa323ec742787c182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526905.967722,VS0,VE219
etag: "0ddf6e0a17adabef42a9f23cc3e629bd87d14098bf7077c9cfa99c5d7910fe83"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/css; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4121
x-cache-hits: 0

GET
H2 200 firebase-app.js Show response
fir-auth.newswav.com/__/firebase/7.8.2/ 18 KB
6 KB 153ms
150ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/__/firebase/7.8.2/firebase-app.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

sffe /

Resource Hash

19c71649a369516dd319aea5ce96539e1e679d29cca0c8691f1f907482ce3fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
x-cache: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6134
x-xss-protection: 0
x-served-by: cache-hhn4075-HHN
last-modified: Thu, 13 Feb 2020 22:17:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
x-timer: S1656526905.967863,VS0,VE125
date: Wed, 29 Jun 2022 18:21:45 GMT
vary: Accept-Encoding, x-fh-requested-host, accept-encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 23 Jun 2023 20:40:02 GMT
cache-control: max-age=31556926
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 firebase-analytics.js Show response
fir-auth.newswav.com/__/firebase/7.8.2/ 23 KB
8 KB 151ms
148ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/__/firebase/7.8.2/firebase-analytics.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

sffe /

Resource Hash

f3dda2180e5f083ffb39775656ef79199b63efb33bf250a87b4bbfe99a3056fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
x-cache: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7779
x-xss-protection: 0
x-served-by: cache-hhn4075-HHN
last-modified: Thu, 13 Feb 2020 22:17:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
x-timer: S1656526905.968711,VS0,VE124
date: Wed, 29 Jun 2022 18:21:45 GMT
vary: Accept-Encoding, x-fh-requested-host, accept-encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 27 Jun 2023 13:18:20 GMT
cache-control: max-age=31556926
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 init.js Show response
fir-auth.newswav.com/__/firebase/ 461 B
458 B 405ms
402ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/__/firebase/init.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c05ed0dc9a85bbe49d6d8277ea394f309a495e1cd4cfa7c0b26ae77f8d96e4b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526905.969179,VS0,VE377
etag: "e28fc7a17c66e26a6dcdf64e586c834ac3c62ade18f7c4d1ce48632378c16301"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 324
x-cache-hits: 0

GET
H2 200 runtime.a3a2043b38d0564b0ae4.js Show response
fir-auth.newswav.com/ 7 KB
4 KB 222ms
220ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

19a05a47dffce3df5434625e6056d89db277530299cfeb4b6d15a29a67a0e000

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526905.969156,VS0,VE196
etag: "0708c74f9bbe4974f0c76dc0a171297fecd4ee79e74091c733756f7e92b63136"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3987
x-cache-hits: 0

GET
H2 200 polyfills.0c0ce2c23a80372a114a.js Show response
fir-auth.newswav.com/ 41 KB
12 KB 226ms
224ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/polyfills.0c0ce2c23a80372a114a.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

45c1061e48e271d529c1c55be8ea7ff12ed5815738b12e17d1755a34cac6a078

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526905.969161,VS0,VE200
etag: "c86adca10e2bf217ebba253190593e16348f6a1d87d4678cf2fbbec428cf47ac-br"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12534
x-cache-hits: 0

GET
H2 200 main.5d975ca5809890fb385d.js Show response
fir-auth.newswav.com/ 858 KB
242 KB 276ms
274ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/main.5d975ca5809890fb385d.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a859922477c704154c3b35ecea76a9cdcc31c5d86e9e4fc952387188d66bf323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526905.969130,VS0,VE248
etag: "48337d4b4a11b868ecc7511664490db7493fdada5f4e1ea67f9622ae84a2684a"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 247175
x-cache-hits: 0

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/ 339 KB
120 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com&bust=31068269

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8557aa7cb2cc1a0747e99974092e0eb652a23d24d33eb9ca0cd8f4a6147389f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122217
x-xss-protection: 0
server: cafe
etag: 1712394025760425813
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 18:21:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220623/r20190131/ Frame 0186 10 KB
5 KB 90ms
21ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220623/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80394
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 20:01:51 GMT
etag: 10429905676100781186
expires: Tue, 12 Jul 2022 20:01:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 71ms
23ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

61a38617334c075ae97d15d388b381c4e28bbcfd8ab7d88060f4822fd2a91359

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: b2k5lt1hSs3I3v5Ufj/8Lw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: uo8fGEYgPbIQIUPhOYzjE93KXbc+LAGZqtHALFBttOKx3BnF0AkBnIbbo/rYqbzdZHL9uX0qheNkasP6pD2nzA==
x-fb-trip-id: 917726464
x-fb-content-md5: 34ce1469bad7f636a8f306d75bb842f3
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Jun 2022 18:21:45 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "bf0545ea6b3c594dd41a9114c6bfe33b"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 29 Jun 2022 18:37:41 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
645 B 96ms
30ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fir-auth.newswav.com&callback=_gfp_s_&client=ca-pub-7202249324250874

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com&bust=31068269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

0f4481f296ade836c067bb78ed0e3f1c681ad717e731c1f47c056615ef2718c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 84ms
32ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fir-auth.newswav.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Jun 2022 18:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 86ms
32ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fir-auth.newswav.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Jun 2022 18:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ffir-auth.newswav.com%2F&tn=BODY&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 18:21:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ffir-auth.newswav.com%2F&tn=BODY&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 18:21:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2991 0
19 B 140ms
95ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202249324250874&output=html&adk=1812271804&adf=3025194257&lmt=1581687616&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffir-auth.newswav.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656526905119&bpp=3&bdt=169&idt=103&shv=r20220623&mjsv=m202206280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7210730376657&frm=20&pv=2&ga_vid=640529636.1656526905&ga_sid=1656526905&ga_hid=827604731&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067528%2C31068269%2C42531606&oid=2&pvsid=4243421166422023&tmod=791360171&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=120

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 18:21:45 GMT
expires: Wed, 29 Jun 2022 18:21:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 294 KB
84 KB 49ms
24ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=950da10c2af8487775aab9c552079e18

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e4e06cef14614c2ebf5f5428588dcd76e6b072d7b3b1b9667408cd3fd776ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://fir-auth.newswav.com/
Origin: https://fir-auth.newswav.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: c4tfa1iX3t8/yloSFt2BcA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85957
x-fb-rlafr: 0
x-fb-debug: 9eblxHBSs2dhoQRZD2RtNKCmB23PObUm4Dv5KhhB4iZyK7Oce7Pbmgcbb8vchLhBsTcV1fa0bS9ShhupwL0Jgw==
x-fb-content-md5: 090ed66b8b7202cc1895bfb6784c20a7
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Jun 2022 18:21:45 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "5939c5b243ee77d190c9d43bbb9f54f0"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 29 Jun 2023 17:52:27 GMT

GET
H2 200 common.c3c2ac3fdf9aabb85ee0.js Show response
fir-auth.newswav.com/ 21 KB
7 KB 256ms
256ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/common.c3c2ac3fdf9aabb85ee0.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7b5411df8558b24f221207d02a17de3de47d186336c51c2508af58aa3cc93dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526905.466990,VS0,VE233
etag: "78205ad7a6a3d5fe2feabfb46877ad755a08e49ffad03ea9477ca2cb267b889f"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6995
x-cache-hits: 0

GET
H2 200 153.5c9350bdad4296de3267.js Show response
fir-auth.newswav.com/ 21 KB
5 KB 218ms
218ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/153.5c9350bdad4296de3267.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d4479c880f0bcfb89615033c0ba805b0a49a1b7fa2392c274bd7127271dc5e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526905.467134,VS0,VE195
etag: "c532218356fbd79f35c9f85c73d79b837a176182de93f366156f08ea7362e5c0"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5132
x-cache-hits: 0

GET
H2 200 77.211ec0c042ccc3df4679.js Show response
fir-auth.newswav.com/ 16 KB
5 KB 224ms
224ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/77.211ec0c042ccc3df4679.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c3c142e398bba95469b7cf331c59ffeaa41e5802c84b7222fe2fe48733e2c2ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526905.467227,VS0,VE198
etag: "f3e5c12082e6453ff639ad63476358b4a43878a8075f965fac8463c3b45288e8"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4649
x-cache-hits: 0

GET
H2 200 2.187a2366ff1dde9fd042.js Show response
fir-auth.newswav.com/ 42 KB
8 KB 211ms
210ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/2.187a2366ff1dde9fd042.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

12fe116ec4d6b8f6345cba9c5433e1fe1dbdeadc9e2853eb215a9ebff3038014

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526905.468355,VS0,VE188
etag: "77f9f6142dcac6c7eaa4fe3003f212749f19ee8e1e63eb4bf849c82121133632"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8496
x-cache-hits: 0

GET
H2 200 11.283f6f44d21a4425312d.js Show response
fir-auth.newswav.com/ 19 KB
4 KB 216ms
215ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/11.283f6f44d21a4425312d.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1c70589854612719289b42f74f079bb27f00679b22ba1bdd5488d4b886a0a35f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526905.468662,VS0,VE192
etag: "c9decdc241a75979592c1d8145414425cb45982ee11aed829235a1640f527f7a"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4179
x-cache-hits: 0

GET
H2 200 17.7d0c9d95047d7c74b80d.js Show response
fir-auth.newswav.com/ 15 KB
4 KB 205ms
205ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/17.7d0c9d95047d7c74b80d.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

461b50045f113d9b3739fe0875e3b7b5b1194dd5945ea56f9a03573e51fedf33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526905.468755,VS0,VE182
etag: "fd81679305d2c778c5fee6d36f8b26058f35f23b3e89e4c5ded274e8db033ffc"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4024
x-cache-hits: 0

POST
H3 200 signupNewUser Show response
www.googleapis.com/identitytoolkit/v3/relyingparty/ 1 KB
975 B 501ms
454ms XHR
application/json 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/signupNewUser?key=AIzaSyBKQzRJeHcb3d5xvd9qPUSWlIClX2UpBtA

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/polyfills.0c0ce2c23a80372a114a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4864b5b2acbc8a730913cc44c7f5de42b17d48fb439e1d719a40242a96a3c5cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fir-auth.newswav.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-Client-Version: Chrome/JsCore/6.0.2/FirebaseCore-web
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 18:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fir-auth.newswav.com
access-control-expose-headers: date,vary,vary,vary,content-encoding,server,content-length
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, X-Origin, Referer
content-length: 950
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 signupNewUser
www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 0
0 175ms
123ms Preflight
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/signupNewUser?key=AIzaSyBKQzRJeHcb3d5xvd9qPUSWlIClX2UpBtA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-version
Access-Control-Request-Method: POST
Origin: https://fir-auth.newswav.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-client-version
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://fir-auth.newswav.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 29 Jun 2022 18:21:45 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 hot
newswav.com/v3/jagaapp/api/articles/ Frame 0
0 508ms
340ms Preflight
application/json 2606:4700:10::ac43:16dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newswav.com/v3/jagaapp/api/articles/hot?time_stamp=1656526905734&languages=en&page=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:16dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: build-id,firebaseid,languages,mainlanguage,platform,profile-id,sublanguage,user-id,user-udid
Access-Control-Request-Method: GET
Origin: https://fir-auth.newswav.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, build-id, profile-id, firebaseID, user-udid, languages, sublanguage, mainlanguage, platform, api-key, User-Agent, user-id, token, nwtoken, custom_user_id, hash, designVersion, dashboard, dryMode, request-type
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7230af09f9ce9ba7-FRA
content-encoding: gzip
content-length: 40
content-type: application/json
date: Wed, 29 Jun 2022 18:21:46 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
via: 1.1 google

GET
H2 200 16.b5bf55a2d8f4add74f71.js Show response
fir-auth.newswav.com/ 30 KB
6 KB 250ms
250ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/16.b5bf55a2d8f4add74f71.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

23ab8489c351dd8728a025de884b0821afe3acec246dd6b93ccc724a058ae5ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526906.739353,VS0,VE226
etag: "d277ac819c8f16db3de3a1f315669a673c07f82ec2874b69e7916a30a4ee3c23"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6019
x-cache-hits: 0

GET
H2 200 7.0c0d619906ddc471614e.js Show response
fir-auth.newswav.com/ 605 B
540 B 167ms
167ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/7.0c0d619906ddc471614e.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bf02ec9a43080a2e565be7e6bf3148a461b4a43450fe88badb7d056aca336ae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526906.740649,VS0,VE144
etag: "5127c002a27d58bf2316e3d5ca1b3910ce19cd05f5e04bfc02bbc9259c60ef88-br"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 357
x-cache-hits: 0

GET
H2 200 hot Show response
newswav.com/v3/jagaapp/api/articles/ 229 KB
52 KB 2383ms
2383ms XHR
application/json 2606:4700:10::ac43:16dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newswav.com/v3/jagaapp/api/articles/hot?time_stamp=1656526905734&languages=en&page=1
Requested by: Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/polyfills.0c0ce2c23a80372a114a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:16dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f30c29c70c373ce3873b1fa9a14d31490a1e60ea9704c27b86204ec571c0ed9c

Request headers

user-id
firebaseID
build-id: 75
mainlanguage: en
languages: en
profile-id
accept-language: de-DE,de;q=0.9
Accept: application/json, text/plain, */*
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
platform: web
sublanguage
user-udid

Response headers

cf-ray: 7230af0c1d899ba7-FRA
date: Wed, 29 Jun 2022 18:21:48 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
content-encoding: gzip
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, build-id, profile-id, firebaseID, user-udid, languages, sublanguage, mainlanguage, platform, api-key, User-Agent, user-id, token, nwtoken, custom_user_id, hash, designVersion, dashboard, dryMode, request-type

GET
H2 200 65.06d59db571cf4e37dcaf.js Show response
fir-auth.newswav.com/ 35 KB
5 KB 249ms
248ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/65.06d59db571cf4e37dcaf.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ed75cb6eee15799e4fcf9d03f2a42376c372e1c1d2379a4a84664cbf4ccf1a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526906.746604,VS0,VE224
etag: "5435052a9d0232fe967347b1ea7fa49abc460290ce5452eac377c55067aa100c-br"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5059
x-cache-hits: 0

GET
H2 200 99.4620b196800bf24a62ad.js Show response
fir-auth.newswav.com/ 16 KB
4 KB 199ms
199ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/99.4620b196800bf24a62ad.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0e2de299e67f1ef4c49de03c0a2427b8a0ba13f86babdadb43f223a29af30c58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526906.746576,VS0,VE174
etag: "10d32e05a19e3f67d93ee45093ed17cb81b1dd3a43c1ad5c31c519263d20b624-br"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3912
x-cache-hits: 0

GET
H2 200 167.e00358ca49d4a3de1688.js Show response
fir-auth.newswav.com/ 5 KB
2 KB 205ms
205ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/167.e00358ca49d4a3de1688.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8729bb401307e75394b05afdc79d19cff5c86d030e137c2d7193c35b1d75df04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526906.746499,VS0,VE182
etag: "4454022b6cfadd192d463e286f6708798a5b25d3e6e23c05d509c9cec0175e0e-br"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1356
x-cache-hits: 0

GET
H2 200 close.svg
fir-auth.newswav.com/assets/icon/ 1 KB
629 B 392ms
391ms Image
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fir-auth.newswav.com/assets/icon/close.svg

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f1cb435b893a3ddf3e78b51b509374133939217e1dedd1b56deaac22eff254a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526906.746831,VS0,VE368
etag: "444f2c1d6d4b7ff8c1aae160aeb23e10d44b7d56d790d858541641b3c4851ca7"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:46 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 494
x-cache-hits: 0

GET
H2 200 logo_ios.svg
fir-auth.newswav.com/assets/icon/ 4 KB
2 KB 206ms
206ms Image
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fir-auth.newswav.com/assets/icon/logo_ios.svg

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2c0ce4beaef66899d3756b7e173ff56ec855115de45b4d12f14fb8c25e61557d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526906.747020,VS0,VE183
etag: "cbe9e1a1647e93d12296d70e5498a3fdaa34a7d9ed0f79b9176756ddd8136e34"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1735
x-cache-hits: 0

GET
DATA 200
OK truncated
/ 140 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e030bf142f137e2317d41ba0ec10fcdb26d2691e477e90eb4350c51eebe0ce91

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 5.ddd0a72185376268a758.js Show response
fir-auth.newswav.com/ 2 KB
915 B 230ms
230ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/5.ddd0a72185376268a758.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3d11109fff0c1fd3bbef3753ce993b9c729d04397181566bbcb7aea78fc684a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526906.751455,VS0,VE206
etag: "9bb0bd06ba75c41a7aa7be3b9d81934c8ed05d30aae7d8fef8d5c468d0ee3de7-br"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 801
x-cache-hits: 0

GET
H2 200 4.54d1be505b517fb8a365.js Show response
fir-auth.newswav.com/ 825 B
509 B 206ms
206ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/4.54d1be505b517fb8a365.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

af8f110119c05434f02b15a09b70b4f942004d43d575d524a7cb098ab4a8a164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526906.751529,VS0,VE183
etag: "51d0f8728f13501e92b762caea7d10e1c31b75cf5329926467eff401316603d2-br"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:45 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 372
x-cache-hits: 0

GET
H2 200 129.2c7eb5d138d0e82c4940.js Show response
fir-auth.newswav.com/ 4 KB
1 KB 220ms
220ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/129.2c7eb5d138d0e82c4940.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

205a92bbf0bcaf1eaf34c5f9dee67981754eff2a17d66a4fcadc9c640ad38642

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526906.004858,VS0,VE196
etag: "0badb66eb285528ee4e59b3f31d2631b62636b3df3e76decc5afd2f75e9b268e-br"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:46 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1039
x-cache-hits: 0

POST
H3 200 getAccountInfo Show response
www.googleapis.com/identitytoolkit/v3/relyingparty/ 258 B
227 B 159ms
159ms XHR
application/json 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyBKQzRJeHcb3d5xvd9qPUSWlIClX2UpBtA

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/polyfills.0c0ce2c23a80372a114a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

642b3d011836539d5a36a8149a040ec4c55a6d8fbbcd9dfd9c524a6bebcb0cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fir-auth.newswav.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-Client-Version: Chrome/JsCore/6.0.2/FirebaseCore-web
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 18:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://fir-auth.newswav.com
access-control-expose-headers: date,vary,vary,vary,content-encoding,server,content-length
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, X-Origin, Referer
content-length: 202
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 getAccountInfo
www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 0
0 121ms
121ms Preflight
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyBKQzRJeHcb3d5xvd9qPUSWlIClX2UpBtA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-version
Access-Control-Request-Method: POST
Origin: https://fir-auth.newswav.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-client-version
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://fir-auth.newswav.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 29 Jun 2022 18:21:46 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 92ms
45ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220623&st=env

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/polyfills.0c0ce2c23a80372a114a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4028169746f17c94f6e5955d64a8fc877506efe2b3a4722f5ba5ccab0fa6c20e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Jun 2022 18:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10657
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 110ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Jun 2022 18:21:46 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3A54 13 KB
5 KB 83ms
24ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 16:17:33 GMT
expires: Thu, 29 Jun 2023 16:17:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EDE3 783 B
1 KB 103ms
36ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a4dfe278a6adb1b1717bc739adbd90a6a7bd40e8131e95a177e4d69baf7aa1dd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4I2zSZRt_6-QTSDuJN1GLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-4I2zSZRt_6-QTSDuJN1GLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 18:21:46 GMT
expires: Wed, 29 Jun 2022 18:21:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EDE3 0
0 64ms
63ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220623&jk=4243421166422023&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 dau_FpmLnjA1nZzZFDoTX4UbCPbIdSsT1MkkAohHNiI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A54 36 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dau_FpmLnjA1nZzZFDoTX4UbCPbIdSsT1MkkAohHNiI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75abbf16998b9e30359d9cd9143a135f851b08f6c8752b13d4c9240288473622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 12:39:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14011
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Jun 2023 12:39:56 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3A54 0
9 B 23ms
22ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?N4tUFg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 125ms
125ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220623&jk=4243421166422023&bg=!x8SlxIDNAAa8IIBmnCA7ACkAdvg8WtfjBz1lgxEC5mbhtiT0oA4CDcKHyvBcFddm_j4JfeNbq0SzQQIAAABeUgAAAAFoAQcKAGJxAuN_GGczQvFfXF2qiTVxLyyNmaDQtYAobOPpb7zUyhqMyVd-wqXzJRqQyzYUjiDsbsy5asjKEUuGumoP8RMf-jBlxqs_GPUr9ddm0wiFGSuYMNUxfKpjfelTctrZS1KIZpkCr8_Ic2pUMZmwFoEs6TkeKY0nnbaTMIC5xbVeMEgRHRRP8_oX84XiXIdFkKYmz5rLQnylNhNE-yxTPTwOryu0qgvsV3hBjBHAWtgsHx1XnOOYNjM2mBW00J9hS4_4fmuHM8rXFTmnqCnBYW5MvwaKtfPnJfxumrHZWM9vqtQ0zTt0uRafXYQYhaYX0Mhc2lrewdriafYWcC-VvhiZKZEjUvz6z47HCbPgrpODDRGftyWnhfhPnPjivvcA-gYQYGISdTXNn6SGA5xMgmhOjKjdHACW-ucfXPRk5aVERMGpoJ2XPLOvwLs8PN3W_etb0SjqVw_Dv-IefBk3JzJZgtb94fxtDDUFyKjTfKf6wa4PWMq97sSPq4hKBSy23P8087qwzPFtcgXp5MYJ8Z9CdfZJDB1nR9pDkzidZYt4aVRborxtNcbqS7BPEaDlFYhsrGgK_FAYxOs_OsakL3YW-zeSLKKVnkSlzrCjlKcqPxRl5FxSbRh1wcPM-EYj_tECYTjAHCfcipHfv9JXBxwjegfZkF9zNueU2EY5tPf0DsGpa9rZiLl8R1Aj_EQbgCvISNQNKKn8G8qipdi05kF-5zGbvleGmT-xJUItOLjoRz09UqiqIlDgga2lzS5y1Kj5H8tvkmj8GVGb98w5ErdpRMoosTpvbA-LCdWjXsxpLpYeHvlPOrGnhBBZotyAijF6nVpV0xswheefLb97AEvyTiDneS0NJJg9j2s_57e4PE3ZQ6Joh5okuxcEPqCQFHKPVQVT9Fve-qBSNrWdQAHhj5pvexyrdO6UogItiUuDovWhSYvHVkQGa6SVp39rAYe8J_h_sIwNbA0JSQCSdoC_ocmfXEkefcn_mSCxqJnTBVwa6d3TjcNv8JmQAM-evHanatL_3mN-NSEZ4Ea4wypfxvyAUQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 feed-ad.html Show response
fir-auth.newswav.com/assets/ads/ Frame 5B84 1 KB
662 B 272ms
271ms Document
text/html 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/assets/ads/feed-ad.html

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/main.5d975ca5809890fb385d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5bced7cfcba7722dd7bfca3998078bc92098b1bc72a7c7d2802a4322e9972f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: gzip
content-length: 566
content-type: text/html; charset=utf-8
date: Wed, 29 Jun 2022 18:21:49 GMT
etag: "deb10e1b74a0e2f81ef013065d91cf6108b9deefddcf6a3dca3ebf71421dd075"
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 4
x-served-by: cache-hhn4075-HHN
x-timer: S1656526909.975130,VS0,VE214

GET
H2 200 feed-ad.html Show response
fir-auth.newswav.com/assets/ads/ Frame 7267 1 KB
628 B 267ms
267ms Document
text/html 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/assets/ads/feed-ad.html

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/main.5d975ca5809890fb385d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5bced7cfcba7722dd7bfca3998078bc92098b1bc72a7c7d2802a4322e9972f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: gzip
content-length: 566
content-type: text/html; charset=utf-8
date: Wed, 29 Jun 2022 18:21:49 GMT
etag: "deb10e1b74a0e2f81ef013065d91cf6108b9deefddcf6a3dca3ebf71421dd075"
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 4
x-served-by: cache-hhn4075-HHN
x-timer: S1656526909.979504,VS0,VE210

GET
H2 200 feed-ad.html Show response
fir-auth.newswav.com/assets/ads/ Frame 35D4 1 KB
704 B 264ms
263ms Document
text/html 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/assets/ads/feed-ad.html

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/main.5d975ca5809890fb385d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5bced7cfcba7722dd7bfca3998078bc92098b1bc72a7c7d2802a4322e9972f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: gzip
content-length: 566
content-type: text/html; charset=utf-8
date: Wed, 29 Jun 2022 18:21:49 GMT
etag: "deb10e1b74a0e2f81ef013065d91cf6108b9deefddcf6a3dca3ebf71421dd075"
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 4
x-served-by: cache-hhn4075-HHN
x-timer: S1656526909.981772,VS0,VE207

GET
H2 200 feed-ad.html Show response
fir-auth.newswav.com/assets/ads/ Frame CDCD 1 KB
719 B 261ms
260ms Document
text/html 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/assets/ads/feed-ad.html

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/main.5d975ca5809890fb385d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5bced7cfcba7722dd7bfca3998078bc92098b1bc72a7c7d2802a4322e9972f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: gzip
content-length: 566
content-type: text/html; charset=utf-8
date: Wed, 29 Jun 2022 18:21:49 GMT
etag: "deb10e1b74a0e2f81ef013065d91cf6108b9deefddcf6a3dca3ebf71421dd075"
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 4
x-served-by: cache-hhn4075-HHN
x-timer: S1656526909.984967,VS0,VE204

GET
H2 200 feed-ad.html Show response
fir-auth.newswav.com/assets/ads/ Frame FB53 1 KB
694 B 257ms
257ms Document
text/html 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/assets/ads/feed-ad.html

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/main.5d975ca5809890fb385d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5bced7cfcba7722dd7bfca3998078bc92098b1bc72a7c7d2802a4322e9972f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: gzip
content-length: 566
content-type: text/html; charset=utf-8
date: Wed, 29 Jun 2022 18:21:49 GMT
etag: "deb10e1b74a0e2f81ef013065d91cf6108b9deefddcf6a3dca3ebf71421dd075"
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 4
x-served-by: cache-hhn4075-HHN
x-timer: S1656526909.988752,VS0,VE200

GET
H2 200 169.b151b42e69fa362d3bb1.js Show response
fir-auth.newswav.com/ 8 KB
2 KB 210ms
210ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/169.b151b42e69fa362d3bb1.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

801a28a2fb15564480848de77ff424cfba5dee4070b8cd12bc2fefd8cdcee195

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526909.997943,VS0,VE176
etag: "a07338aacc3e6a3fe2cd29d451bf202e28f261ea10aba1666b5d2e88b00dea72-br"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:49 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2152
x-cache-hits: 0

GET
H2 200 97.9a144add90f67f8be43e.js Show response
fir-auth.newswav.com/ 14 KB
3 KB 203ms
203ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/97.9a144add90f67f8be43e.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c3b9e70c20953bed2db6c6095a9dd457b8a81ac5f98929b1ccd4e19e6e70fd26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526909.997943,VS0,VE164
etag: "4232a171804521f65081f9056798a953c622bfef966cceabab0dfd1f3caabc64-br"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:49 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3321
x-cache-hits: 0

GET
H2 200 161.8bd21cb7fcc0edf2f108.js Show response
fir-auth.newswav.com/ 6 KB
2 KB 202ms
202ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/161.8bd21cb7fcc0edf2f108.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

68ace68b46fe3d02de31878f3d19be71c247853da41c4c6c557b986f73a29b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526909.997886,VS0,VE165
etag: "0bd4fa3d78c4534a739116c97ef7bfa7dc3b19220b39bbd02dbe9430da91821f-br"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:49 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1545
x-cache-hits: 0

GET
H2 200 131.be87b7ef11204e7eaf4d.js Show response
fir-auth.newswav.com/ 13 KB
2 KB 252ms
252ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/131.be87b7ef11204e7eaf4d.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

783cf392c0f98cb6c50dbe48fabe58afbb99fd5621e90e8182ff0123c4eaa38c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526909.997831,VS0,VE186
etag: "e8fc0adf04b4ad26d67690bdfd70710b157893e6ed5ee23f5477c3dfe1b396a9-br"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:49 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1736
x-cache-hits: 0

GET
H2 200 29.45a2f0ea8a6030d1b41f.js Show response
fir-auth.newswav.com/ 31 KB
5 KB 209ms
208ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/29.45a2f0ea8a6030d1b41f.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3bd94075a8b9e90ec9fce3c6fbc47e869ae24db4d3c2504c7552b712a754cf18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526909.000331,VS0,VE180
etag: "9b020e267ddd0c46a36f8ecd8908e2d97c84e48eb2f4607ee839e05f8fd9405f"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:49 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5425
x-cache-hits: 0

GET
H2 200 67.d4950f5e7fb0586c7475.js Show response
fir-auth.newswav.com/ 2 KB
800 B 211ms
211ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/67.d4950f5e7fb0586c7475.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6caec3b4850b1a71fdc759f1bcddc25b43a1f43782ed0510acb724d1b0fcf0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526909.000372,VS0,VE183
etag: "714ae5aa2b3b6abfbc80e6715d863570a66313c1f64b5883f13eeb7a40615735-br"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:49 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 687
x-cache-hits: 0

GET
H2 200 logo_small.svg
fir-auth.newswav.com/assets/icon/ 4 KB
2 KB 387ms
386ms Image
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fir-auth.newswav.com/assets/icon/logo_small.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f50d56ff90c7ce106275e5363b42044fffba923d91d08e9e9eb8f4c0d4600dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526909.012163,VS0,VE362
etag: "9b30fe36d1d7dfdafc0604b1c9f9d357f3bc13632826b193d00546f55e0ea52d"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:49 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1564
x-cache-hits: 0

GET
H2 200 bookmark.svg
fir-auth.newswav.com/assets/icon/ 791 B
561 B 254ms
252ms Image
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fir-auth.newswav.com/assets/icon/bookmark.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3f6ef185aae929aaeb137183dcf2551930316cebb277c11482d87d54e287bc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526909.012651,VS0,VE220
etag: "e01f02137c5b569a80dc85e0ac5c439dfaaaacca8324c7efed90dac9ec5f5420"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:49 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 451
x-cache-hits: 0

GET
H2 200 share.svg
fir-auth.newswav.com/assets/icon/ 2 KB
941 B 192ms
191ms Image
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fir-auth.newswav.com/assets/icon/share.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

226152fd9e2835f5d10d2423953d3f0ddead01b28662b4eb483fafea0404c17f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526909.012630,VS0,VE165
etag: "deaf3e4389e7e0ee154e32028ba8c5f4a7f6679f57719582f29e7f38ed17a4ff"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:49 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 830
x-cache-hits: 0

GET
H2 200 views.svg
fir-auth.newswav.com/assets/icon/ 14 KB
2 KB 182ms
182ms Image
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fir-auth.newswav.com/assets/icon/views.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e1262552394c168a15a41bc5e428e43ad4bbaf91828f8ac1934ab5094de93fde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526909.012592,VS0,VE154
etag: "f2f5d99ae459a227c050b9aebe458c72a9321548fcb32f479b58dacae84c5db9"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:49 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1818
x-cache-hits: 0

GET
H2 200 cry.svg
fir-auth.newswav.com/assets/icon/emojis/ 7 KB
2 KB 232ms
232ms Image
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fir-auth.newswav.com/assets/icon/emojis/cry.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8fd26bab0949e6aad72babc677691563589ec954663e24807d16a014458c8031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526909.014761,VS0,VE175
etag: "a223e82718d8be92aaf931a4cd6a6b9232b7fef7bb265f1e642df1f610f0605a"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:49 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2098
x-cache-hits: 0

GET
H2 200 like.svg
fir-auth.newswav.com/assets/icon/emojis/ 4 KB
2 KB 431ms
431ms Image
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fir-auth.newswav.com/assets/icon/emojis/like.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c4ac91e6d46e9327aea91dff81f7ef27f9a4e5d47c1130042c7f66af9a78c842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526909.014755,VS0,VE407
etag: "f58756301eb267572e9f45eb0d7622444c1afc2e4ba6271c59fd18289fb2e8f5"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:49 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1425
x-cache-hits: 0

GET
H2 200 laughing.svg
fir-auth.newswav.com/assets/icon/emojis/ 11 KB
3 KB 235ms
234ms Image
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fir-auth.newswav.com/assets/icon/emojis/laughing.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d48eebfbc8c2d7c35b6c06f24e66bcb07a7228c102325ae04f42131958b50878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526909.014885,VS0,VE181
etag: "d2eb71ccafaaab2b876e06afabfd61625fa6394c993d8609c8eef6889efe4d26"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:49 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2629
x-cache-hits: 0

GET
H2 200 md-arrow-dropdown.svg Show response
fir-auth.newswav.com/svg/ 105 B
221 B 185ms
185ms Fetch
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/svg/md-arrow-dropdown.svg

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/polyfills.0c0ce2c23a80372a114a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

250ea5e63162f410c9ee06c53e4f0916477b6e2e843cb8f40e6c94ceac2ffaa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526909.248527,VS0,VE149
etag: "417ee90f6f0534624b18f4c7a2cac26a4521b305d139f4d53c77d3956ee087b4-br"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:49 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 104
x-cache-hits: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 35D4 164 KB
55 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/assets/ads/feed-ad.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e9fd014bb22935420bd724e06d949b3b6892c9078c930990894e1ce66bceba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56450
x-xss-protection: 0
server: cafe
etag: 5060698489997762917
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 18:21:49 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CDCD 164 KB
55 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/assets/ads/feed-ad.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35b8f7c855242ccb9f3e0ef9f148ea39c9e9674e7efb848b34506b0c638e65f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56401
x-xss-protection: 0
server: cafe
etag: 13519694662641175587
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 18:21:49 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7267 164 KB
55 KB 113ms
113ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/assets/ads/feed-ad.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd60450b168cfea7871dd07cbaa47f6ec33830aa5fe01e6591d40ed88d298458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56450
x-xss-protection: 0
server: cafe
etag: 7213752105658435633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 18:21:49 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 35D4 164 KB
55 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/assets/ads/feed-ad.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

561a06bdb7c77b1d54b01115fdd7e4c62134eb2856ced105f8bc6e6fbdd9b829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56449
x-xss-protection: 0
server: cafe
etag: 16001860591007378546
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 18:21:49 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FB53 164 KB
55 KB 113ms
113ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/assets/ads/feed-ad.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92240c11a75611d9c0e62f6eb71ed0ad1466ef663b94979ac236bcf77bea6f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56454
x-xss-protection: 0
server: cafe
etag: 16978812542454041277
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 18:21:49 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5B84 164 KB
55 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/assets/ads/feed-ad.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7898bbf1f10b6db0587536150337eedf982d4f410412a205b3799955fd02f76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56453
x-xss-protection: 0
server: cafe
etag: 14367315078656873058
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 18:21:49 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CDCD 164 KB
55 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/assets/ads/feed-ad.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

487d67c123086d8b247595caee5d78140886b50005d03ee1b6f0fd2aaa1be0e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56401
x-xss-protection: 0
server: cafe
etag: 2632962712309194199
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 18:21:49 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7267 164 KB
55 KB 118ms
118ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/assets/ads/feed-ad.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6314bc23252df740e63c1fee4b360d9b6d9ec09614063cd275ce2b4f8118e0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56450
x-xss-protection: 0
server: cafe
etag: 13689638468693857294
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 18:21:49 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FB53 164 KB
55 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/assets/ads/feed-ad.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cfadef495dc9f3cc7b7396920498267f7d07c0d5a8fe95d74480c1c0ff3b9fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56399
x-xss-protection: 0
server: cafe
etag: 15887321242481984682
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 18:21:49 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5B84 164 KB
55 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/assets/ads/feed-ad.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

850e0255c250229cce9b136e715de44b0764061f5d1eb4459a8c2f399cba1b3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56451
x-xss-protection: 0
server: cafe
etag: 3330074878360182484
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 18:21:49 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/ Frame 35D4 340 KB
120 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com&bust=31068232

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55817484731a0865fd597e3cfd8e82b34bd810298c124f5f93d88494c519a876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122508
x-xss-protection: 0
server: cafe
etag: 9705457543818765351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 18:21:49 GMT

GET
H2 200 corona-img-1656506885-165.png
cdn.newswav.com/corona/imgs/ 125 KB
126 KB 619ms
399ms Image
image/png 2606:4700:10::ac43:16dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newswav.com/corona/imgs/corona-img-1656506885-165.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:16dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f331af1fbc7267862d0cc0b22df5fb1430625579720fdfb6cc0eee465bc6ce92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:50 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycdtwScINF7peGjoyCID1E-tUR_wzShT-SPTVJqBElbjSuewJIU8uSq1yzzBBlS0k_I59AALe6sYTHTiB2x4nHaUorw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 128140
last-modified: Wed, 29 Jun 2022 12:48:05 GMT
server: cloudflare
etag: "f97e08be290be92eff85f5193935c081"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=gTu5HA==, md5=+X4IvikL6S7/hfUZOTXAgQ==
x-goog-generation: 1656506885728149
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin, Authorization, x-goog-resumable
cache-control: public, max-age=3600
x-goog-meta-cache-control: public, max-age=360000
x-goog-stored-content-length: 128140
accept-ranges: bytes
cf-ray: 7230af219b719019-FRA
expires: Wed, 29 Jun 2022 19:21:49 GMT

GET
H2 200 corona-img-1656506886-889.png
cdn.newswav.com/corona/imgs/ 96 KB
96 KB 646ms
427ms Image
image/png 2606:4700:10::ac43:16dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.newswav.com/corona/imgs/corona-img-1656506886-889.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:16dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 057888cea792ce3b4a158881fc2462c4d96053df258290a594669b091bf6ae07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:50 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycdu2qbm-bwvIlOsu3TqZeD-6yL8grwN4-ximX65JQa8DaqvdyjHLW-Kmok3gGzBcACDmTAzhDij0j4ywZwa1v4EI7Q
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 98117
last-modified: Wed, 29 Jun 2022 12:48:06 GMT
server: cloudflare
etag: "26be9ab4757725f7b0bdf41813555e9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=RQ/NtQ==, md5=Jr6atHV3JfewvfQYE1Vemg==
x-goog-generation: 1656506886421955
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin, Authorization, x-goog-resumable
cache-control: public, max-age=3600
x-goog-meta-cache-control: public, max-age=360000
x-goog-stored-content-length: 98117
accept-ranges: bytes
cf-ray: 7230af219b749019-FRA
expires: Wed, 29 Jun 2022 19:21:49 GMT

GET
H2 403 28543.jpg
www.malaymail.com/malaymail/uploads/images/2022/06/29/ 0
0 87ms
28ms Image
text/html 2606:4700:20::681a:733
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malaymail.com/malaymail/uploads/images/2022/06/29/28543.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:733 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 403 28446.JPG
www.malaymail.com/malaymail/uploads/images/2022/06/29/ 0
0 87ms
29ms Image
text/html 2606:4700:20::681a:733
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malaymail.com/malaymail/uploads/images/2022/06/29/28446.JPG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:733 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 403 28662.JPG
www.malaymail.com/malaymail/uploads/images/2022/06/29/ 0
0 92ms
34ms Image
text/html 2606:4700:20::681a:733
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.malaymail.com/malaymail/uploads/images/2022/06/29/28662.JPG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:733 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/ Frame 5B84 336 KB
118 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com&bust=31068268

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d41883853ba074631970e3eb27d806828af32a4770876b398a28d50402b7796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121080
x-xss-protection: 0
server: cafe
etag: 8168732908771073541
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 18:21:49 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/ Frame CDCD 339 KB
120 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3103fc26a8fb0cd3e5487c9c9f1e4742b688b1f6bb9c6b5939b54daa07269961

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122438
x-xss-protection: 0
server: cafe
etag: 13341010442181733668
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 18:21:49 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/ Frame FB53 336 KB
118 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com&bust=31068268

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd0992c43b3a49474189990b30b312a852efbc0ccc3550f41a107d248f8747d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121087
x-xss-protection: 0
server: cafe
etag: 5046993497302578530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 18:21:49 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/ Frame 7267 340 KB
120 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com&bust=31068232

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55817484731a0865fd597e3cfd8e82b34bd810298c124f5f93d88494c519a876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122508
x-xss-protection: 0
server: cafe
etag: 9705457543818765351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 18:21:49 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 35D4 12 B
53 B 115ms
66ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fir-auth.newswav.com&callback=_gfp_s_&client=ca-pub-7202249324250874&cookie=ID%3D5b3040fea4b2f5d5-228b8890c1cd0075%3AT%3D1656526905%3ART%3D1656526905%3AS%3DALNI_MZNDJjEs3ts4vjdZhwIj5UXFAKdGw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com&bust=31068232

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 35D4 107 B
122 B 147ms
96ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fir-auth.newswav.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 35D4 107 B
122 B 87ms
34ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fir-auth.newswav.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5C2B 0
20 B 123ms
123ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202249324250874&output=html&adk=1812271804&adf=3279755400&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffir-auth.newswav.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656526909436&bpp=3&bdt=202&idt=163&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&cookie=ID%3D5b3040fea4b2f5d5-228b8890c1cd0075%3AT%3D1656526905%3ART%3D1656526905%3AS%3DALNI_MZNDJjEs3ts4vjdZhwIj5UXFAKdGw&nras=1&correlator=7210730376657&frm=23&ife=1&pv=1&ga_vid=2141087478.1656526910&ga_sid=1656526910&ga_hid=575437887&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=150&ifk=3681673310&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068196%2C31068232%2C42531607&oid=2&pvsid=4168789358369152&tmod=950746876&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C150&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.fzsi48lyxyjd&btvi=1&fsb=1&dtd=183

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 18:21:49 GMT
expires: Wed, 29 Jun 2022 18:21:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 5B84 12 B
53 B 89ms
76ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com&bust=31068268

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5B84 107 B
122 B 94ms
77ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fir-auth.newswav.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com&bust=31068268

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5B84 107 B
122 B 63ms
43ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fir-auth.newswav.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com&bust=31068268

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 03EA 0
20 B 123ms
123ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202249324250874&output=html&adk=1812271804&adf=3279755398&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffir-auth.newswav.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656526909456&bpp=2&bdt=193&idt=179&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&cookie=ID%3D5b3040fea4b2f5d5-228b8890c1cd0075%3AT%3D1656526905%3ART%3D1656526905%3AS%3DALNI_MZNDJjEs3ts4vjdZhwIj5UXFAKdGw&nras=1&correlator=7210730376657&frm=23&ife=1&pv=1&ga_vid=8204812.1656526910&ga_sid=1656526910&ga_hid=747009698&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=150&ifk=3681673310&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44767166%2C31067983%2C31068196%2C31068268&oid=2&pvsid=2277195840211486&tmod=1778759675&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C150&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.x3nd53logicp&btvi=1&fsb=1&dtd=195

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com&bust=31068268

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 18:21:49 GMT
expires: Wed, 29 Jun 2022 18:21:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame CDCD 12 B
53 B 69ms
69ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame CDCD 107 B
122 B 96ms
96ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fir-auth.newswav.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame CDCD 107 B
122 B 45ms
45ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fir-auth.newswav.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8CF7 0
20 B 125ms
125ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202249324250874&output=html&adk=1812271804&adf=3279755403&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffir-auth.newswav.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656526909475&bpp=2&bdt=233&idt=189&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&cookie=ID%3D5b3040fea4b2f5d5-228b8890c1cd0075%3AT%3D1656526905%3ART%3D1656526905%3AS%3DALNI_MZNDJjEs3ts4vjdZhwIj5UXFAKdGw&nras=1&correlator=7210730376657&frm=23&ife=1&pv=1&ga_vid=1583487619.1656526910&ga_sid=1656526910&ga_hid=1298196583&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=150&ifk=3681673310&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31067528%2C42531606&oid=2&pvsid=2388316792800042&tmod=1742237075&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C150&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.vi0rtrcnpcpa&btvi=1&fsb=1&dtd=204

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 18:21:49 GMT
expires: Wed, 29 Jun 2022 18:21:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E3F 430 B
230 B 432ms
432ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202249324250874&output=html&h=694&slotname=2346212182&adk=275089449&adf=1507960141&pi=t.ma~as.2346212182&w=1200&rafmt=11&psa=0&format=1200x694&url=https%3A%2F%2Ffir-auth.newswav.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656526909458&bpp=1&bdt=195&idt=229&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&cookie=ID%3D5b3040fea4b2f5d5-228b8890c1cd0075%3AT%3D1656526905%3ART%3D1656526905%3AS%3DALNI_MZNDJjEs3ts4vjdZhwIj5UXFAKdGw&prev_fmts=0x0&nras=1&correlator=7210730376657&frm=23&ife=1&pv=1&ga_vid=8204812.1656526910&ga_sid=1656526910&ga_hid=747009698&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=1680&biw=1600&bih=1200&isw=1600&ish=150&ifk=3681673310&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44767166%2C31067983%2C31068196%2C31068268&oid=2&pvsid=2277195840211486&tmod=1778759675&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C150&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.tml4mzkyjjes&btvi=2&fsb=1&dtd=232

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com&bust=31068268

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

825ff05dfe00cf8cab36e1830c3e84fd884d10a757500426bff74cea41291ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 18:21:50 GMT
expires: Wed, 29 Jun 2022 18:21:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame FB53 12 B
53 B 34ms
34ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com&bust=31068268

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame FB53 107 B
122 B 59ms
58ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fir-auth.newswav.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com&bust=31068268

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame FB53 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fir-auth.newswav.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com&bust=31068268

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D51C 0
20 B 135ms
134ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202249324250874&output=html&adk=1812271804&adf=3279755402&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffir-auth.newswav.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656526909511&bpp=2&bdt=252&idt=189&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&cookie=ID%3D5b3040fea4b2f5d5-228b8890c1cd0075%3AT%3D1656526905%3ART%3D1656526905%3AS%3DALNI_MZNDJjEs3ts4vjdZhwIj5UXFAKdGw&nras=1&correlator=7210730376657&frm=23&ife=1&pv=1&ga_vid=1228925358.1656526910&ga_sid=1656526910&ga_hid=285847808&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=150&ifk=3681673310&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C31068260%2C31068268%2C42531607&oid=2&pvsid=3597987212034348&tmod=92799025&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C150&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.5m0s0o952exu&btvi=1&fsb=1&dtd=206

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com&bust=31068268

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 18:21:49 GMT
expires: Wed, 29 Jun 2022 18:21:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 7267 12 B
53 B 30ms
30ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7267 107 B
122 B 40ms
40ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fir-auth.newswav.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7267 107 B
122 B 31ms
31ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fir-auth.newswav.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E34E 0
20 B 119ms
118ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202249324250874&output=html&adk=1812271804&adf=3279755401&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffir-auth.newswav.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656526909525&bpp=2&bdt=276&idt=199&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&cookie=ID%3D5b3040fea4b2f5d5-228b8890c1cd0075%3AT%3D1656526905%3ART%3D1656526905%3AS%3DALNI_MZNDJjEs3ts4vjdZhwIj5UXFAKdGw&nras=1&correlator=7210730376657&frm=23&ife=1&pv=1&ga_vid=393263694.1656526910&ga_sid=1656526910&ga_hid=569434858&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=1600&ish=150&ifk=3681673310&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065545%2C31068232%2C42531605%2C42531607&oid=2&pvsid=3427228608702479&tmod=548608495&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C150&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.uo8u76eopdsc&btvi=1&fsb=1&dtd=207

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 18:21:49 GMT
expires: Wed, 29 Jun 2022 18:21:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2CFE 430 B
227 B 412ms
411ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7202249324250874&output=html&h=694&slotname=2346212182&adk=275089449&adf=1507960142&pi=t.ma~as.2346212182&w=1200&rafmt=11&psa=0&format=1200x694&url=https%3A%2F%2Ffir-auth.newswav.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656526909527&bpp=1&bdt=278&idt=215&shv=r20220623&mjsv=m202206270101&ptt=9&saldr=aa&cookie=ID%3D5b3040fea4b2f5d5-228b8890c1cd0075%3AT%3D1656526905%3ART%3D1656526905%3AS%3DALNI_MZNDJjEs3ts4vjdZhwIj5UXFAKdGw&prev_fmts=0x0&nras=1&correlator=7210730376657&frm=23&ife=1&pv=1&ga_vid=393263694.1656526910&ga_sid=1656526910&ga_hid=569434858&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=3184&biw=1600&bih=1200&isw=1600&ish=150&ifk=3681673310&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065545%2C31068232%2C42531605%2C42531607&oid=2&pvsid=3427228608702479&tmod=548608495&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C150&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=132&bc=31&ifi=2&uci=2.mq2plu3kt60x&btvi=2&fsb=1&dtd=218

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ea2ccec8f39cfc3b847f79355499c4caa82427021f05a4fed373ee95e0a7ec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 18:21:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 9.babcdc2f0f629a67e6e9.js Show response
fir-auth.newswav.com/ 90 KB
21 KB 214ms
214ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fir-auth.newswav.com/9.babcdc2f0f629a67e6e9.js

Requested by

Host: fir-auth.newswav.com
URL: https://fir-auth.newswav.com/runtime.a3a2043b38d0564b0ae4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

11db8352189d3ce042958a8c260815f704742f4477309e5bcdcee3ced22c0add

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Fri, 14 Feb 2020 13:40:16 GMT
x-timer: S1656526910.774300,VS0,VE189
etag: "a3cd15017322637f8fe1ff92eb531b2b49c45eed00c1dcb0808e498e1d4f219c-br"
x-served-by: cache-hhn4075-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Wed, 29 Jun 2022 18:21:49 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21028
x-cache-hits: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 35D4 14 KB
10 KB 39ms
39ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220623&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd7d376f3ed50c52afcb1984228818f8f12f918f57b814d59aec508a7a345f92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10526
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 35D4 17 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Jun 2022 18:21:49 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CDCD 14 KB
10 KB 38ms
37ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220623&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9119a99b6b49fcecdcb190b2a84260aed63826abdcd6b715205a368125a63ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10692
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A4EC 13 KB
5 KB 23ms
23ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7456
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 16:17:33 GMT
expires: Thu, 29 Jun 2023 16:17:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D7A0 783 B
534 B 78ms
31ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b755ed0d257f2056ea24e3ecab436bc396c7f6fdc2cbfdefad43ec2181f800c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RHzwdP-yb2rXgBoJzbMrXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-RHzwdP-yb2rXgBoJzbMrXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 18:21:49 GMT
expires: Wed, 29 Jun 2022 18:21:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CDCD 17 KB
6 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Jun 2022 18:21:49 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FB53 14 KB
10 KB 38ms
38ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220623&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com&bust=31068268

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

472bfb5937c104c4d1a6ed2a871f2fdd6bb237f6edccb4706ffdc1d9bd019dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10691
x-xss-protection: 0

GET
H3 200 dau_FpmLnjA1nZzZFDoTX4UbCPbIdSsT1MkkAohHNiI.js Show response
pagead2.googlesyndication.com/bg/ Frame A4EC 36 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dau_FpmLnjA1nZzZFDoTX4UbCPbIdSsT1MkkAohHNiI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75abbf16998b9e30359d9cd9143a135f851b08f6c8752b13d4c9240288473622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 12:39:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14011
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Jun 2023 12:39:56 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FB53 17 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com&bust=31068268

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Jun 2022 18:21:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1DB5 13 KB
5 KB 23ms
23ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7456
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 16:17:33 GMT
expires: Thu, 29 Jun 2023 16:17:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FA53 783 B
537 B 32ms
32ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

032251c3d1ad80a88817668f76e7c4ac20ccea05b030ab995b5da5af5e91c124

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CP00KGa3xcdxIFQ9B3X2JA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-CP00KGa3xcdxIFQ9B3X2JA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 18:21:49 GMT
expires: Wed, 29 Jun 2022 18:21:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D7A0 0
0 70ms
70ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220623&jk=4168789358369152&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CF56 13 KB
5 KB 23ms
23ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7456
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 16:17:33 GMT
expires: Thu, 29 Jun 2023 16:17:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CF93 783 B
535 B 41ms
40ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5bb6253bb7bbee9b7f51e390b8736fcfe7baf3b0fa9dc0d36ec3879863987b8b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Y3RqlMKpJZupML_yCdwN-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Y3RqlMKpJZupML_yCdwN-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 18:21:49 GMT
expires: Wed, 29 Jun 2022 18:21:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FA53 0
0 63ms
63ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220623&jk=2388316792800042&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 dau_FpmLnjA1nZzZFDoTX4UbCPbIdSsT1MkkAohHNiI.js Show response
pagead2.googlesyndication.com/bg/ Frame 1DB5 36 KB
14 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dau_FpmLnjA1nZzZFDoTX4UbCPbIdSsT1MkkAohHNiI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75abbf16998b9e30359d9cd9143a135f851b08f6c8752b13d4c9240288473622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 12:39:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14011
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Jun 2023 12:39:56 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A4EC 0
9 B 31ms
31ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HHJ0AA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CF93 0
0 88ms
87ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220623&jk=3597987212034348&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 dau_FpmLnjA1nZzZFDoTX4UbCPbIdSsT1MkkAohHNiI.js Show response
pagead2.googlesyndication.com/bg/ Frame CF56 36 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dau_FpmLnjA1nZzZFDoTX4UbCPbIdSsT1MkkAohHNiI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75abbf16998b9e30359d9cd9143a135f851b08f6c8752b13d4c9240288473622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 12:39:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14011
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Jun 2023 12:39:56 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1DB5 0
9 B 23ms
22ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JkfhMQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5B84 14 KB
10 KB 39ms
39ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220623&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com&bust=31068268

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f271ea93bf60fab2692033755d39395fbec23387ae706c8909fa5f7a5397d656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Jun 2022 18:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10539
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7267 14 KB
10 KB 40ms
39ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220623&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53586259c4846c6e72a20d56f048d9b1186a6d3e9c7f01d39ad149c93088ce21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Jun 2022 18:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10707
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5B84 17 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7202249324250874&plah=fir-auth.newswav.com&bust=31068268

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Jun 2022 18:21:50 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CF56 0
9 B 23ms
22ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jMGClw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7267 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Jun 2022 18:21:50 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F56D 13 KB
5 KB 23ms
23ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7457
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 16:17:33 GMT
expires: Thu, 29 Jun 2023 16:17:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6FE5 783 B
535 B 32ms
31ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

71efa1544e3df4305439bf073bde05d9847c02a3e542f775c3caf5a23153e0ed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-B8jU-39cNJZduupsZk1zyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-B8jU-39cNJZduupsZk1zyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 18:21:50 GMT
expires: Wed, 29 Jun 2022 18:21:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8998 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7457
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 16:17:33 GMT
expires: Thu, 29 Jun 2023 16:17:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CCC2 783 B
537 B 34ms
33ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ae7dc9c096b428f0d905fa1927d587a7aaa61e743e1f01f87dda6181c09b3918

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8wM1ARNSUK8wTZhk4FJ85w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fir-auth.newswav.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-8wM1ARNSUK8wTZhk4FJ85w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 18:21:50 GMT
expires: Wed, 29 Jun 2022 18:21:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 dau_FpmLnjA1nZzZFDoTX4UbCPbIdSsT1MkkAohHNiI.js Show response
pagead2.googlesyndication.com/bg/ Frame F56D 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dau_FpmLnjA1nZzZFDoTX4UbCPbIdSsT1MkkAohHNiI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75abbf16998b9e30359d9cd9143a135f851b08f6c8752b13d4c9240288473622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 12:39:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14011
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Jun 2023 12:39:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6FE5 0
0 70ms
70ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220623&jk=2277195840211486&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 dau_FpmLnjA1nZzZFDoTX4UbCPbIdSsT1MkkAohHNiI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8998 36 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/dau_FpmLnjA1nZzZFDoTX4UbCPbIdSsT1MkkAohHNiI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75abbf16998b9e30359d9cd9143a135f851b08f6c8752b13d4c9240288473622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 12:39:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14011
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Jun 2023 12:39:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CCC2 0
0 71ms
71ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220623&jk=3427228608702479&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F56D 0
9 B 23ms
23ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?K_Lk0g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8998 0
9 B 23ms
23ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?iJKh-g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 18:21:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 35D4 0
0 66ms
66ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220623&jk=4168789358369152&bg=!3t2l3ZnNAAa8IIBmnCA7ACkAdvg8WscoxEYqbWSw44TAbGmbvZZYedHXxqklUjsTrWZvS-5O1UshbgIAAAB4UgAAAAJoAQcKAKurpjatZcaTGLEoBIPnSNb-YZ_yzKXbzG4rHwuPyKVWVS3yv5bNjFLrt0TjNdOLCVyhBPO9o2ue88rrXbzLBum_7mVLwzlJrd7tbQpDIncWd0XSXjXxUI0xmU00nttQR9CWkk5zq4lSGsjowfsUoEoAfNjey-ej2UwdxUSiAZYrAVwaRRJchTBteAUmftB8U4CBDInDPnJdHj70qBRsWpOlCJgOPfSC7tFx5cKZAsMHc8K0dRMpzpZGX-XmEsUOWSHZYoTytIwqGjQc62it5qMo4__98ULkErdH59BRaxBrQzv2PuzqbbCnVzzayH-AD1HfoQGs-SLai9l9PphdXO2NPEjJp-j9y-u5BtMUNaLZewDOQtXb9vvHaLQhHn0N7vvXVx_zlKc1MOTf2MbGwv4KiVZSQ_erdwbhO3F28WtgLm6eWt6UVmKxKvxPgBcx5LEkdMOZauWlpWFXe-HEcqpUXClSAPpsR5kuDF_Q3dkdzLN5NCkHpnaZV5lmGhj6YpoecrcjSc5_51z-DeB_Y7fAR4RIuTrVX4mjtV40s6pAvhZkGj9FtAHA9RXgXbft7AY-4WnZ2sfyPuhg69ZUwoSIRyutHfiqVe1tajJY_Q4ZTIK5yBMRiAas3I3zy5M177mMYS1MEZvUP770pNju4yy_gjnwA6U4urAjNk1rkuv-JeeSVogPBHcF7GjjKKfxLb7LjDvmkpU96CN5czjYcmJ-uv7qs-Xin2f2AZlTtobT1j_zI0HKoOe7jq6RAedUWGXJ-odMpsUtNOhD4bap37FoIVThFNVY71JrXzuo0k8qh_UNjPz3v7M6aX_X67A0KxgzUK-6rCXPFBtZ1qO1nwkxj2qxE90mzGMwrDzUwtcp01NkVvYaH2KQ0Y1P2osBGZ2-oeyIy9PK_sN91tlBsmiiHzvt5_ybKD3wl3q6YodAXDg2St7PQMzYZxe1_2p1L3xTjqTLVwN3z_ezvTnDvwb4TfuFQEyjwpJxZHWntANfGa2GRuREVziKAdHy8ADnDhM5ylsxFt_FlBBVCr_MRqFB8fah7eQG3KCoM2PRNArI9t59bMIeTtX-G9KIPnBRxDw3SBzqr1MaJt72veK09BB_9UhC6c5jo8ulX5_1Hiz21im_9q7lG5Kq_aAD0u21dtR3U37PRqU1US5WLaUqJ7lFmQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fir-auth.newswav.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

204 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.newswav.com/	1970-01-20 13:30:22	Name: __gads Value: ID=5b3040fea4b2f5d5-228b8890c1cd0075:T=1656526905:RT=1656526905:S=ALNI_MZNDJjEs3ts4vjdZhwIj5UXFAKdGw
			.doubleclick.net/	1970-01-20 13:30:22	Name: IDE Value: AHWqTUlX-HA8KpKvk08ofKieJkKpgYntBP6yCBYx41chUFxdKof9gc3KDg-14xttc9k

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.malaymail.com/malaymail/uploads/images/2022/06/29/28543.jpg Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.malaymail.com/malaymail/uploads/images/2022/06/29/28446.JPG Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.malaymail.com/malaymail/uploads/images/2022/06/29/28662.JPG Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.newswav.com
connect.facebook.net
fir-auth.newswav.com
googleads.g.doubleclick.net
newswav.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.googleapis.com
www.malaymail.com
172.217.18.2
199.36.158.100
2606:4700:10::ac43:16dc
2606:4700:20::681a:733
2a00:1450:4001:800::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a03:2880:f02d:100:face:b00c:0:3
032251c3d1ad80a88817668f76e7c4ac20ccea05b030ab995b5da5af5e91c124
057888cea792ce3b4a158881fc2462c4d96053df258290a594669b091bf6ae07
0e2de299e67f1ef4c49de03c0a2427b8a0ba13f86babdadb43f223a29af30c58
0e4e06cef14614c2ebf5f5428588dcd76e6b072d7b3b1b9667408cd3fd776ad3
0f4481f296ade836c067bb78ed0e3f1c681ad717e731c1f47c056615ef2718c7
11db8352189d3ce042958a8c260815f704742f4477309e5bcdcee3ced22c0add
12fe116ec4d6b8f6345cba9c5433e1fe1dbdeadc9e2853eb215a9ebff3038014
19a05a47dffce3df5434625e6056d89db277530299cfeb4b6d15a29a67a0e000
19c71649a369516dd319aea5ce96539e1e679d29cca0c8691f1f907482ce3fe0
1c70589854612719289b42f74f079bb27f00679b22ba1bdd5488d4b886a0a35f
1e9fd014bb22935420bd724e06d949b3b6892c9078c930990894e1ce66bceba5
205a92bbf0bcaf1eaf34c5f9dee67981754eff2a17d66a4fcadc9c640ad38642
226152fd9e2835f5d10d2423953d3f0ddead01b28662b4eb483fafea0404c17f
23ab8489c351dd8728a025de884b0821afe3acec246dd6b93ccc724a058ae5ce
250ea5e63162f410c9ee06c53e4f0916477b6e2e843cb8f40e6c94ceac2ffaa0
2c0ce4beaef66899d3756b7e173ff56ec855115de45b4d12f14fb8c25e61557d
2ea2ccec8f39cfc3b847f79355499c4caa82427021f05a4fed373ee95e0a7ec8
3103fc26a8fb0cd3e5487c9c9f1e4742b688b1f6bb9c6b5939b54daa07269961
35b8f7c855242ccb9f3e0ef9f148ea39c9e9674e7efb848b34506b0c638e65f0
3bd94075a8b9e90ec9fce3c6fbc47e869ae24db4d3c2504c7552b712a754cf18
3d11109fff0c1fd3bbef3753ce993b9c729d04397181566bbcb7aea78fc684a5
4028169746f17c94f6e5955d64a8fc877506efe2b3a4722f5ba5ccab0fa6c20e
45c1061e48e271d529c1c55be8ea7ff12ed5815738b12e17d1755a34cac6a078
461b50045f113d9b3739fe0875e3b7b5b1194dd5945ea56f9a03573e51fedf33
472bfb5937c104c4d1a6ed2a871f2fdd6bb237f6edccb4706ffdc1d9bd019dfe
4864b5b2acbc8a730913cc44c7f5de42b17d48fb439e1d719a40242a96a3c5cb
487d67c123086d8b247595caee5d78140886b50005d03ee1b6f0fd2aaa1be0e1
4cfadef495dc9f3cc7b7396920498267f7d07c0d5a8fe95d74480c1c0ff3b9fe
53586259c4846c6e72a20d56f048d9b1186a6d3e9c7f01d39ad149c93088ce21
55817484731a0865fd597e3cfd8e82b34bd810298c124f5f93d88494c519a876
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561a06bdb7c77b1d54b01115fdd7e4c62134eb2856ced105f8bc6e6fbdd9b829
5bb6253bb7bbee9b7f51e390b8736fcfe7baf3b0fa9dc0d36ec3879863987b8b
5bced7cfcba7722dd7bfca3998078bc92098b1bc72a7c7d2802a4322e9972f5f
61a38617334c075ae97d15d388b381c4e28bbcfd8ab7d88060f4822fd2a91359
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6314bc23252df740e63c1fee4b360d9b6d9ec09614063cd275ce2b4f8118e0f7
642b3d011836539d5a36a8149a040ec4c55a6d8fbbcd9dfd9c524a6bebcb0cbd
68ace68b46fe3d02de31878f3d19be71c247853da41c4c6c557b986f73a29b58
695a899dfd6dacd57e93bf933a78c443b326deb052ade92fa323ec742787c182
6caec3b4850b1a71fdc759f1bcddc25b43a1f43782ed0510acb724d1b0fcf0d4
71efa1544e3df4305439bf073bde05d9847c02a3e542f775c3caf5a23153e0ed
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
75abbf16998b9e30359d9cd9143a135f851b08f6c8752b13d4c9240288473622
783cf392c0f98cb6c50dbe48fabe58afbb99fd5621e90e8182ff0123c4eaa38c
7b5411df8558b24f221207d02a17de3de47d186336c51c2508af58aa3cc93dd8
801a28a2fb15564480848de77ff424cfba5dee4070b8cd12bc2fefd8cdcee195
825ff05dfe00cf8cab36e1830c3e84fd884d10a757500426bff74cea41291ee3
837cfed2af13a02703b41caf5ceb4a558f3170b81a5038556ba20dd39db7f0b5
850e0255c250229cce9b136e715de44b0764061f5d1eb4459a8c2f399cba1b3e
8557aa7cb2cc1a0747e99974092e0eb652a23d24d33eb9ca0cd8f4a6147389f9
8729bb401307e75394b05afdc79d19cff5c86d030e137c2d7193c35b1d75df04
8d41883853ba074631970e3eb27d806828af32a4770876b398a28d50402b7796
8fd26bab0949e6aad72babc677691563589ec954663e24807d16a014458c8031
92240c11a75611d9c0e62f6eb71ed0ad1466ef663b94979ac236bcf77bea6f68
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4dfe278a6adb1b1717bc739adbd90a6a7bd40e8131e95a177e4d69baf7aa1dd
a859922477c704154c3b35ecea76a9cdcc31c5d86e9e4fc952387188d66bf323
ae7dc9c096b428f0d905fa1927d587a7aaa61e743e1f01f87dda6181c09b3918
af8f110119c05434f02b15a09b70b4f942004d43d575d524a7cb098ab4a8a164
b755ed0d257f2056ea24e3ecab436bc396c7f6fdc2cbfdefad43ec2181f800c9
bf02ec9a43080a2e565be7e6bf3148a461b4a43450fe88badb7d056aca336ae3
c05ed0dc9a85bbe49d6d8277ea394f309a495e1cd4cfa7c0b26ae77f8d96e4b1
c3b9e70c20953bed2db6c6095a9dd457b8a81ac5f98929b1ccd4e19e6e70fd26
c3c142e398bba95469b7cf331c59ffeaa41e5802c84b7222fe2fe48733e2c2ad
c4ac91e6d46e9327aea91dff81f7ef27f9a4e5d47c1130042c7f66af9a78c842
cd0992c43b3a49474189990b30b312a852efbc0ccc3550f41a107d248f8747d2
cd7d376f3ed50c52afcb1984228818f8f12f918f57b814d59aec508a7a345f92
d4479c880f0bcfb89615033c0ba805b0a49a1b7fa2392c274bd7127271dc5e0b
d48eebfbc8c2d7c35b6c06f24e66bcb07a7228c102325ae04f42131958b50878
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
e030bf142f137e2317d41ba0ec10fcdb26d2691e477e90eb4350c51eebe0ce91
e1262552394c168a15a41bc5e428e43ad4bbaf91828f8ac1934ab5094de93fde
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f6ef185aae929aaeb137183dcf2551930316cebb277c11482d87d54e287bc2
e7898bbf1f10b6db0587536150337eedf982d4f410412a205b3799955fd02f76
e9119a99b6b49fcecdcb190b2a84260aed63826abdcd6b715205a368125a63ca
ed75cb6eee15799e4fcf9d03f2a42376c372e1c1d2379a4a84664cbf4ccf1a80
f1cb435b893a3ddf3e78b51b509374133939217e1dedd1b56deaac22eff254a5
f271ea93bf60fab2692033755d39395fbec23387ae706c8909fa5f7a5397d656
f30c29c70c373ce3873b1fa9a14d31490a1e60ea9704c27b86204ec571c0ed9c
f331af1fbc7267862d0cc0b22df5fb1430625579720fdfb6cc0eee465bc6ce92
f3dda2180e5f083ffb39775656ef79199b63efb33bf250a87b4bbfe99a3056fc
f50d56ff90c7ce106275e5363b42044fffba923d91d08e9e9eb8f4c0d4600dec
fd22cfa807c6228637925a35e4e515b74d1c3b44aed2d6aab8887a5aa08e5c69
fd60450b168cfea7871dd07cbaa47f6ec33830aa5fe01e6591d40ed88d298458

fir-auth.newswav.com Open in urlscan Pro 199.36.158.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

147 Requests

70 %HTTPS

83 %IPv6

9 Domains

13 Subdomains

13 IPs

2 Countries

2293 kBTransfer

6485 kBSize

2 Cookies

0 Outgoing links

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fir-auth.newswav.com Open in urlscan Pro
199.36.158.100 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

70 %
HTTPS

83 %
IPv6

9
Domains

13
Subdomains

13
IPs

2
Countries

2293 kB
Transfer

6485 kB
Size

2
Cookies

147 HTTP transactions
1 data transactions