ipsnews.net Open in urlscan Pro
67.43.4.144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/%C2%A0
Effective URL:
https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Submission Tags: falconsandbox
Submission: On February 20 via api (February 20th 2023, 10:19:29 am UTC) from US — Scanned from DE

Summary HTTP 126 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 36 IPs in 8 countries across 33 domains to perform 126 HTTP transactions. The main IP is 67.43.4.144, located in Lansing, United States and belongs to LIQUIDWEB, US. The main domain is ipsnews.net. The Cisco Umbrella rank of the primary domain is 519333.
TLS certificate: Issued by R3 on January 6th 2023. Valid for: 3 months.

This is the only time ipsnews.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	67.43.4.144 67.43.4.144	32244 (LIQUIDWEB) (LIQUIDWEB)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.158.98.109 18.158.98.109	16509 (AMAZON-02) (AMAZON-02)
3	104.238.96.173 104.238.96.173	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
16	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
10	45.76.86.183 45.76.86.183	20473 (AS-CHOOPA) (AS-CHOOPA)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	108.61.221.118 108.61.221.118	20473 (AS-CHOOPA) (AS-CHOOPA)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	185.29.134.249 185.29.134.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
7	78.46.90.238 78.46.90.238	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	18.170.235.198 18.170.235.198	16509 (AMAZON-02) (AMAZON-02)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.231.97 35.186.231.97	15169 (GOOGLE) (GOOGLE)
1	65.9.66.65 65.9.66.65	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	52.29.201.72 52.29.201.72	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:211... 2600:9000:211e:9600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	65.9.66.92 65.9.66.92	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.59 18.66.147.59	16509 (AMAZON-02) (AMAZON-02)
2	35.178.57.200 35.178.57.200	16509 (AMAZON-02) (AMAZON-02)
126	36

20 67.43.4.144 (Lansing, United States) 1 redirects

ASN32244 (LIQUIDWEB, US)
PTR: host.ipsnews.net

ipsnews.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.98.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com

ipsnoticias.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.238.96.173 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 173.96.238.104.host.secureserver.net

submission.icrowdmarketing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 45.76.86.183 (Frankfurt am Main, Germany)

ASN20473 (AS-CHOOPA, US)
PTR: 45.76.86.183.vultrusercontent.com

w.ad.style	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widgets.ad.style	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.61.221.118 (London, United Kingdom)

ASN20473 (AS-CHOOPA, US)
PTR: 108.61.221.118.vultrusercontent.com

pubtagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 78.46.90.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hal900019.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.170.235.198 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-235-198.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.231.97 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com

impfr.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-65.fra56.r.cloudfront.net

img.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.201.72 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-201-72.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:9600:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.244 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-92.fra56.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-59.fra60.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.178.57.200 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-178-57-200.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 137	338 KB
20	ipsnews.net 1 redirects ipsnews.net — Cisco Umbrella Rank: 519333	453 KB
14	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	70 KB
10	ad.style w.ad.style — Cisco Umbrella Rank: 84459 widgets.ad.style — Cisco Umbrella Rank: 104330	240 KB
7	redintelligence.net hal9000.redintelligence.net — Cisco Umbrella Rank: 35511 hal900019.redintelligence.net — Cisco Umbrella Rank: 253037	272 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	2 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	67 KB
4	mathtag.com tags.mathtag.com — Cisco Umbrella Rank: 3974 pixel.mathtag.com — Cisco Umbrella Rank: 972	3 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6232 adservice.google.de — Cisco Umbrella Rank: 9006	1 KB
4	media.net contextual.media.net — Cisco Umbrella Rank: 539 lg3.media.net — Cisco Umbrella Rank: 4679	2 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	3 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18339 api.webgains.io — Cisco Umbrella Rank: 49968	31 KB
3	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 47069 medialead.de — Cisco Umbrella Rank: 46770	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
3	icrowdmarketing.com submission.icrowdmarketing.com	105 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 385	2 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 714	2 KB
2	tradedoubler.com 1 redirects impfr.tradedoubler.com — Cisco Umbrella Rank: 86375 img.tradedoubler.com — Cisco Umbrella Rank: 84864	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	96 KB
2	pubtagmanager.com pubtagmanager.com — Cisco Umbrella Rank: 88859	574 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	83 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 46505	437 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 709	440 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 4534	554 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1379	586 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	265 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2745	104 B
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 103929	312 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 38654	2 KB
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 47853	606 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 122344	931 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	602 B
1	ipsnoticias.net ipsnoticias.net
126	33

	Domain	Requested by
20	ipsnews.net	1 redirects ipsnews.net
13	pagead2.googlesyndication.com	ipsnews.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
10	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	w.ad.style	ipsnews.net widgets.ad.style
6	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	hal9000.redintelligence.net	ipsnews.net hal900019.redintelligence.net
4	fonts.googleapis.com	ipsnews.net googleads.g.doubleclick.net hal900019.redintelligence.net
3	hal900019.redintelligence.net	hal9000.redintelligence.net hal900019.redintelligence.net
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	www.google.com	ipsnews.net googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.gstatic.com	fonts.googleapis.com
3	submission.icrowdmarketing.com	ipsnews.net
2	api.webgains.io	analytics.webgains.io
2	secure.adnxs.com	2 redirects
2	pm.w55c.net	2 redirects
2	pv.medialead.de	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	pubtagmanager.com	ipsnews.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	lg3.media.net	ipsnews.net
2	contextual.media.net	ipsnews.net
2	www.googletagmanager.com	ipsnews.net adv.office-partner.de
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	s.ad.smaato.net	1 redirects
1	ads.travelaudience.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	img.tradedoubler.com	googleads.g.doubleclick.net
1	impfr.tradedoubler.com	1 redirects
1	ad-server.eu	googleads.g.doubleclick.net
1	medialead.de	1 redirects
1	track.webgains.com	ipsnews.net
1	pb.media01.eu	hal900019.redintelligence.net
1	adv.office-partner.de	hal900019.redintelligence.net
1	pixel.mathtag.com	tags.mathtag.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	ipsnews.net
1	widgets.ad.style	ipsnews.net
1	ipsnoticias.net	ipsnews.net
126	46

This site contains links to these domains. Also see Links.

Domain
ad.style
www.ipsnoticias.net
www.ipsinternational.org
www.ipsnews.net
ipsnews.be
twitter.com
facebook.com
www.get-access.com
icrowdnewswire.com
w.ad.style

Subject Issuer	Validity	Valid
ipsnews.net R3	`2023-01-06` - `2023-04-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
ipsnoticias.net R3	`2023-01-18` - `2023-04-18`	3 months	crt.sh
submission.icrowdmarketing.com R3	`2022-12-28` - `2023-03-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
w.ad.style Sectigo RSA Domain Validation Secure Server CA	`2022-11-14` - `2023-12-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
widgets.ad.style Sectigo RSA Domain Validation Secure Server CA	`2022-11-14` - `2023-12-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
pubtagmanager.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-14` - `2023-12-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-04-25`	a year	crt.sh
redintelligence.net R3	`2023-02-08` - `2023-05-09`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
adv.office-partner.de R3	`2023-01-01` - `2023-04-01`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-20` - `2023-05-21`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Frame ID: B767BEB2D02C5EEFF2677EE84EA45E97
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/zrt_lookup.html
Frame ID: 4D876D681ED2600FE68FDF875927F5E1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&adk=1812271804&adf=3025194257&lmt=1676888363&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F02%2F18%2Fskincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676888363284&bpp=8&bdt=956&idt=491&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6060893907471&frm=20&pv=2&ga_vid=1560866945.1676888363&ga_sid=1676888364&ga_hid=694000192&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C31071755%2C44784142&oid=2&pvsid=4086973035108688&tmod=1314617865&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=513
Frame ID: 5EB13B2A0813E335F3B66539C2DA283D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=280&adk=1859842940&adf=3178583274&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1676888363&rafmt=1&to=qs&pwprc=2587445467&format=1200x280&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F02%2F18%2Fskincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676888363292&bpp=2&bdt=964&idt=510&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6060893907471&frm=20&pv=1&ga_vid=1560866945.1676888363&ga_sid=1676888364&ga_hid=694000192&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C31071755%2C44784142&oid=2&pvsid=4086973035108688&tmod=1314617865&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5nljVeOczJ&p=https%3A//ipsnews.net&dtd=513
Frame ID: 67F760B4FDF15C3220C5E7B79641BC8A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=600&adk=1179306731&adf=1549132715&pi=t.aa~a.1596287903~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1676888364&rafmt=1&to=qs&pwprc=2587445467&format=300x600&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F02%2F18%2Fskincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676888364667&bpp=1&bdt=2339&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5460bd5c3bda2a78-221d83ad9adc00cf%3AT%3D1676888363%3ART%3D1676888363%3AS%3DALNI_MaZLMxprwRiZhhZk5X87cTRlARTqg&gpic=UID%3D00000bb946387853%3AT%3D1676888363%3ART%3D1676888363%3AS%3DALNI_MaL2MWypYb11FvhjfzgqGk5W_k9yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6060893907471&frm=20&pv=1&ga_vid=1560866945.1676888363&ga_sid=1676888364&ga_hid=694000192&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=1806&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C31071755%2C44784142&oid=2&pvsid=4086973035108688&tmod=1314617865&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=uxHKYaOSbe&p=https%3A//ipsnews.net&dtd=6
Frame ID: ABEA307650276D59F398F8226C4A23BA
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1
Frame ID: D130CE1C6E0F93EC319ECE811A4E5AF8
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 7A77DF1000E1FE76FBAC8AB044B430F6
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js
Frame ID: 6C13E2251D48CBD8A90ABD4F373CEF82
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: B38E2A7B094A4BCCF1414602B6FD7845
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72195800052981400951401012241019&actionid=981741&produktid=&dt_url=
Frame ID: FE45ED148103DBA43E041BA79D98BA7D
Requests: 1 HTTP requests in this frame

Frame: https://hal900019.redintelligence.net/request_content.php?s=72195800052981400951401012241019&a=56c94a80
Frame ID: 670CE26EF80E8E7B6EB7C873715C7C65
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BE91D5C535EE837A3279F44295AAD4B1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5E7D41884E76AADC3E08ACC23B35441E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6FB07AFF7620B2709E9972C898906331
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Skincell Advanced Reviews: Works on Moles & Skin Tags Anywhere on Your Body! - IPS Inter Press Service BusinessSkincell Advanced Reviews: Works on Moles & Skin Tags Anywhere on Your Body! - IPS Inter Press Service Business

Page URL History Show full URLs

https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywh... HTTP 301
https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywh... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

126
Requests

94 %
HTTPS

40 %
IPv6

33
Domains

46
Subdomains

36
IPs

8
Countries

1791 kB
Transfer

3018 kB
Size

20
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://ad.style/

Search URL Search Domain Scan URL

URL: http://www.ipsnoticias.net/
Title: ESPAÑOL

Search URL Search Domain Scan URL

URL: http://www.ipsinternational.org/arabic
Title: ARABIC

Search URL Search Domain Scan URL

URL: http://www.ipsnews.net/deutsch/
Title: DEUTSCH

Search URL Search Domain Scan URL

URL: http://www.ipsnews.net/italiano/
Title: ITALIANO

Search URL Search Domain Scan URL

URL: http://ipsnews.be/
Title: NEDERLANDS

Search URL Search Domain Scan URL

URL: http://www.ipsnoticias.net/portugues/
Title: PORTUGUÊS

Search URL Search Domain Scan URL

URL: http://www.ipsnews.net/svenska/
Title: SVENSKA

Search URL Search Domain Scan URL

URL: http://twitter.com/ipsnews

Search URL Search Domain Scan URL

URL: http://facebook.com/ipsnews

Search URL Search Domain Scan URL

URL: http://www.ipsnews.net/feed/

Search URL Search Domain Scan URL

URL: https://www.get-access.com/recommends/skincell-advanced/
Title: Click Here to Buy Skincell Advanced Skin Tag Remover at Discounted Prices Today

Search URL Search Domain Scan URL

URL: https://icrowdnewswire.com/tag/373164/

Search URL Search Domain Scan URL

URL: https://icrowdnewswire.com/category/no-pr/
Title: No PR

Search URL Search Domain Scan URL

URL: https://icrowdnewswire.com/category/ips/
Title: IPS

Search URL Search Domain Scan URL

URL: https://icrowdnewswire.com/category/news-category/wire/
Title: Wire

Search URL Search Domain Scan URL

URL: https://icrowdnewswire.com/category/language/english/
Title: English

Search URL Search Domain Scan URL

URL: https://w.ad.style/click?&d2k%3D=MjgyOA%3D%3D&aWQ%3D=MTE0NjA%3D&cHg%3D=MjAw&cG9z=MA%3D%3D&d2Jj=MQ%3D%3D&anNk=MA%3D%3D&ZW5k=MA%3D%3D&Y2Vm=MA%3D%3D&d2Vi=MA%3D%3D&Y2hy=MQ%3D%3D&YXdl=MA%3D%3D&cGhh=MA%3D%3D&bm9k=MA%3D%3D&eHVs=MA%3D%3D&cmVz=MTYwMHgxMjAw&djg%3D=MQ%3D%3D&c20%3D=MA%3D%3D&aWU%3D=MA%3D%3D&cmg%3D=MA%3D%3D&anNj=MA%3D%3D&Y2hj=MA%3D%3D&d2Jr=MA%3D%3D&Ymxu=MQ%3D%3D&bXNo=MA%3D%3D&Z2Vj=MA%3D%3D&ZWRn=MA%3D%3D&bW9i=MA%3D%3D&aWV2=MA%3D%3D&ZG1l=MQ%3D%3D&bmV3=MQ%3D%3D
Title: "Höhle der Löwen"-Schock: Carsten Maschmeyer ließ diese ...

Search URL Search Domain Scan URL

URL: https://w.ad.style/click?&d2k%3D=MjgyOA%3D%3D&aWQ%3D=MTE0NDA%3D&cHg%3D=MjAw&cG9z=MQ%3D%3D&d2Jj=MQ%3D%3D&anNk=MA%3D%3D&ZW5k=MA%3D%3D&Y2Vm=MA%3D%3D&d2Vi=MA%3D%3D&Y2hy=MQ%3D%3D&YXdl=MA%3D%3D&cGhh=MA%3D%3D&bm9k=MA%3D%3D&eHVs=MA%3D%3D&cmVz=MTYwMHgxMjAw&djg%3D=MQ%3D%3D&c20%3D=MA%3D%3D&aWU%3D=MA%3D%3D&cmg%3D=MA%3D%3D&anNj=MA%3D%3D&Y2hj=MA%3D%3D&d2Jr=MA%3D%3D&Ymxu=MQ%3D%3D&bXNo=MA%3D%3D&Z2Vj=MA%3D%3D&ZWRn=MA%3D%3D&bW9i=MA%3D%3D&aWV2=MA%3D%3D&ZG1l=MQ%3D%3D&bmV3=MQ%3D%3D
Title: EILMEDUNG - Gerhard Schröder hat alle belogen

Search URL Search Domain Scan URL

URL: https://w.ad.style/click?&d2k%3D=MjgyOA%3D%3D&aWQ%3D=MjI5NTI%3D&cHg%3D=MjAw&cG9z=Mg%3D%3D&d2Jj=MQ%3D%3D&anNk=MA%3D%3D&ZW5k=MA%3D%3D&Y2Vm=MA%3D%3D&d2Vi=MA%3D%3D&Y2hy=MQ%3D%3D&YXdl=MA%3D%3D&cGhh=MA%3D%3D&bm9k=MA%3D%3D&eHVs=MA%3D%3D&cmVz=MTYwMHgxMjAw&djg%3D=MQ%3D%3D&c20%3D=MA%3D%3D&aWU%3D=MA%3D%3D&cmg%3D=MA%3D%3D&anNj=MA%3D%3D&Y2hj=MA%3D%3D&d2Jr=MA%3D%3D&Ymxu=MQ%3D%3D&bXNo=MA%3D%3D&Z2Vj=MA%3D%3D&ZWRn=MA%3D%3D&bW9i=MA%3D%3D&aWV2=MA%3D%3D&ZG1l=MQ%3D%3D&bmV3=MQ%3D%3D
Title: TV-Star und Investor Thelen verliert alles

Search URL Search Domain Scan URL

URL: https://w.ad.style/click?&d2k%3D=MjgyOA%3D%3D&aWQ%3D=MTE0NDc%3D&cHg%3D=MjAw&cG9z=Mw%3D%3D&d2Jj=MQ%3D%3D&anNk=MA%3D%3D&ZW5k=MA%3D%3D&Y2Vm=MA%3D%3D&d2Vi=MA%3D%3D&Y2hy=MQ%3D%3D&YXdl=MA%3D%3D&cGhh=MA%3D%3D&bm9k=MA%3D%3D&eHVs=MA%3D%3D&cmVz=MTYwMHgxMjAw&djg%3D=MQ%3D%3D&c20%3D=MA%3D%3D&aWU%3D=MA%3D%3D&cmg%3D=MA%3D%3D&anNj=MA%3D%3D&Y2hj=MA%3D%3D&d2Jr=MA%3D%3D&Ymxu=MQ%3D%3D&bXNo=MA%3D%3D&Z2Vj=MA%3D%3D&ZWRn=MA%3D%3D&bW9i=MA%3D%3D&aWV2=MA%3D%3D&ZG1l=MQ%3D%3D&bmV3=MQ%3D%3D
Title: Robert Geiss: Neues Video sorgt für Ekel bei den Fans

Search URL Search Domain Scan URL

URL: http://www.ipsnews.net/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: http://www.ipsnews.net/about-us/
Title: About Us

Search URL Search Domain Scan URL

URL: http://www.ipsnews.net/our-team/
Title: Our Team

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/%C2%A0 HTTP 301
https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=72195800052981400951401012241019&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72195800052981400951401012241019&actionid=981741&produktid=&dt_url=

Request Chain 92

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=72195800052981400951401012241019 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=72195800052981400951401012241019 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 93

https://impfr.tradedoubler.com/imp?type(inv)g(24495172)a(1565155)epi(72195800052981400951401012241019)468512780 HTTP 302
https://img.tradedoubler.com/images/inv.gif

Request Chain 101

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK2F1_eA6WV9zAx6OnzlGB0&google_cver=1&google_push=Aa02lx8V3XQpmZe4WLcjbhYWTvudMEqrwEcG_kHAFSeqI7NQqpit9DrMhzJuN_juA9Qn0FsBKJLEZ4YYGr8NVQopPad35C6cGmRO-5c HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK2F1_eA6WV9zAx6OnzlGB0&google_cver=1&google_push=Aa02lx8V3XQpmZe4WLcjbhYWTvudMEqrwEcG_kHAFSeqI7NQqpit9DrMhzJuN_juA9Qn0FsBKJLEZ4YYGr8NVQopPad35C6cGmRO-5c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MnJWWlVuSlAxUHUzZ3k1&google_gid=CAESEK2F1_eA6WV9zAx6OnzlGB0&google_cver=1&google_push=Aa02lx8V3XQpmZe4WLcjbhYWTvudMEqrwEcG_kHAFSeqI7NQqpit9DrMhzJuN_juA9Qn0FsBKJLEZ4YYGr8NVQopPad35C6cGmRO-5c

Request Chain 103

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECiKOkC3y5ON0dJ3-Z2wNGo&google_cver=1&google_push=Aa02lx9PhJKCi-wYoFS_TqwK3LvyyiLt3210o9VtJmKLZia6ao-kCuobxvvdizAZCWOAyCobJJe04geaC_TVGtkXaNtRzYcW3Fvxag HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMjE4MDY5MTAyMjUxMDIxOQ%3D%3D&google_push=Aa02lx9PhJKCi-wYoFS_TqwK3LvyyiLt3210o9VtJmKLZia6ao-kCuobxvvdizAZCWOAyCobJJe04geaC_TVGtkXaNtRzYcW3Fvxag

Request Chain 104

https://ads.travelaudience.com/google_pixel?google_gid=CAESENT6otq3toHUlyxsZ9PlLr4&google_cver=1&google_push=Aa02lx8bXpFqzSOQRd6Mzq6sjatT507DG_OiCEVAQvP8OSs8F5h-DUpeJZtAQe3hp_aKl3asF8BtxFBxdOr0neFmZbj_nkXhzYLI2FU HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=tYWmIIhnRdGmSN49q4OODw2&google_push=Aa02lx8bXpFqzSOQRd6Mzq6sjatT507DG_OiCEVAQvP8OSs8F5h-DUpeJZtAQe3hp_aKl3asF8BtxFBxdOr0neFmZbj_nkXhzYLI2FU

Request Chain 105

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEE9WWEUlU82BfV2T-aCgU7c&google_cver=1&google_push=Aa02lx-Kcu5d_kQh95t5YsFA_lxnKW5p2BOAypZXamCVaUCzIKFaKlToSm4zcGeLXReS36h4mVo7QDZJhrij7pZ5J6WN5IDeJyaR-tI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx-Kcu5d_kQh95t5YsFA_lxnKW5p2BOAypZXamCVaUCzIKFaKlToSm4zcGeLXReS36h4mVo7QDZJhrij7pZ5J6WN5IDeJyaR-tI

Request Chain 106

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBrzoxINA_LAAJwyDqHBXzg&google_cver=1&google_push=Aa02lx_ePqLhqMM_5fGPcMQrEYfGNiSveMb9WWv20-zAu13az260N4WmnTDPXZeCdpt5_FULA_Ji3ABkvtZSMaEj9XHIP7T5itQ_Qukc HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEBrzoxINA_LAAJwyDqHBXzg%26google_cver%3D1%26google_push%3DAa02lx_ePqLhqMM_5fGPcMQrEYfGNiSveMb9WWv20-zAu13az260N4WmnTDPXZeCdpt5_FULA_Ji3ABkvtZSMaEj9XHIP7T5itQ_Qukc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjMyMzYyNTgwMzc4NDg1MzM2NQ%3D%3D&google_gid=CAESEBrzoxINA_LAAJwyDqHBXzg&google_cver=1&google_push=Aa02lx_ePqLhqMM_5fGPcMQrEYfGNiSveMb9WWv20-zAu13az260N4WmnTDPXZeCdpt5_FULA_Ji3ABkvtZSMaEj9XHIP7T5itQ_Qukc

126 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Redirect Chain

https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/%C2%A0
https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/

52 KB
52 KB

922ms
861ms

Document
text/html

67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 / PHP/5.6.40
Resource Hash: 9df561e7918c0e768da049563e04ea3889250ce203da97390c5a481a831a3cdd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 20 Feb 2023 10:19:21 GMT
Keep-Alive: timeout=5, max=199
Link: <https://ipsnews.net/business/wp-json/>; rel="https://api.w.org/", <https://ipsnews.net/business/wp-json/wp/v2/posts/230607>; rel="alternate"; type="application/json", <https://ipsnews.net/business/?p=230607>; rel=shortlink
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40

Redirect headers

Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 20 Feb 2023 10:19:20 GMT
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Keep-Alive: timeout=5, max=200
Location: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40
X-Redirect-By: WordPress

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
ipsnews.net/business/wp-includes/js/ 18 KB
18 KB 117ms
117ms Script
application/javascript 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:22 GMT
Last-Modified: Wed, 26 Jan 2022 13:33:21 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: application/javascript
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 18181
Expires: max-age=A10368000, public

GET
H/1.1 200
OK style.min.css
ipsnews.net/business/wp-includes/css/dist/block-library/ 81 KB
82 KB 219ms
118ms Stylesheet
text/css 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:22 GMT
Last-Modified: Wed, 06 Apr 2022 04:59:53 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: text/css
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=198
Content-Length: 83419
Expires: max-age=A10368000, public

GET
H2 200 css
fonts.googleapis.com/ 5 KB
981 B 43ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&ver=5.9.5

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7354479cec3ad5dacddddeed5147dacfccf3a12c38432f12c98996bf6b3df1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ipsnews.net/
Origin: https://ipsnews.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 10:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 09:05:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Feb 2023 10:19:22 GMT

GET
H/1.1 200
OK athemes-symbols.css
ipsnews.net/business/wp-content/themes/fashionistas/css/ 2 KB
3 KB 348ms
117ms Stylesheet
text/css 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-content/themes/fashionistas/css/athemes-symbols.css?ver=5.9.5
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: 05ae69a564e36859e369678d38487fce694d028307f0c8005094d52167299bf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:22 GMT
Last-Modified: Thu, 02 May 2019 14:00:52 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: text/css
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 2474
Expires: max-age=A10368000, public

GET
H/1.1 200
OK bootstrap.min.css
ipsnews.net/business/wp-content/themes/fashionistas/css/ 104 KB
104 KB 348ms
117ms Stylesheet
text/css 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-content/themes/fashionistas/css/bootstrap.min.css?ver=5.9.5
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: 186c40d06fc13830497a7b9f42bc14538c1b7fa0b98560c7911e6e1a935f769d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:22 GMT
Last-Modified: Thu, 02 May 2019 14:00:52 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: text/css
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 106015
Expires: max-age=A10368000, public

GET
H/1.1 200
OK style.css
ipsnews.net/business/wp-content/themes/fashionistas/ 26 KB
26 KB 349ms
117ms Stylesheet
text/css 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-content/themes/fashionistas/style.css?ver=5.9.5
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: 2ba1f5e940f91cda0982499c2a45bae9a7b1f467d3080602cd4cfa788cc9ab23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:22 GMT
Last-Modified: Thu, 19 Nov 2020 13:09:17 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: text/css
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 26452
Expires: max-age=A10368000, public

GET
H/1.1 200
OK medianetAdInjector.js Show response
ipsnews.net/business/wp-content/plugins/media-net-ads-manager/js/ 562 B
963 B 356ms
120ms Script
application/javascript 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-content/plugins/media-net-ads-manager/js/medianetAdInjector.js?ver=2.10.13
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: 37d925559381e9d5388c4a096fe1383570546b7b11548d7d6a7e560adcc24e5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:22 GMT
Last-Modified: Wed, 26 Jan 2022 13:34:12 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: application/javascript
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 562
Expires: max-age=A10368000, public

GET
H/1.1 200
OK jquery.min.js Show response
ipsnews.net/business/wp-includes/js/jquery/ 87 KB
88 KB 353ms
117ms Script
application/javascript 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:22 GMT
Last-Modified: Wed, 26 Jan 2022 13:33:22 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: application/javascript
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=200
Content-Length: 89521
Expires: max-age=A10368000, public

GET
H/1.1 200
OK jquery-migrate.min.js Show response
ipsnews.net/business/wp-includes/js/jquery/ 11 KB
11 KB 452ms
117ms Script
application/javascript 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:22 GMT
Last-Modified: Wed, 26 Jan 2022 13:33:22 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: application/javascript
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=197
Content-Length: 11224
Expires: max-age=A10368000, public

GET
H/1.1 200
OK bootstrap.min.js Show response
ipsnews.net/business/wp-content/themes/fashionistas/js/ 28 KB
28 KB 463ms
115ms Script
application/javascript 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-content/themes/fashionistas/js/bootstrap.min.js?ver=5.9.5
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: b260d056edb6c39eeeed00ffc7bccded9160bb9c1f03c62d77a99181ae88a08b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:22 GMT
Last-Modified: Thu, 02 May 2019 14:00:52 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: application/javascript
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 28631
Expires: max-age=A10368000, public

GET
H/1.1 200
OK hoverIntent.js Show response
ipsnews.net/business/wp-content/themes/fashionistas/js/ 5 KB
5 KB 473ms
117ms Script
application/javascript 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-content/themes/fashionistas/js/hoverIntent.js?ver=5.9.5
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: 740cb53532e536c1c7a90cbb037a9a002d2126b34bed1d6d3722b52d2bfe11b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:22 GMT
Last-Modified: Thu, 02 May 2019 14:00:52 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: application/javascript
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 4938
Expires: max-age=A10368000, public

GET
H/1.1 200
OK superfish.js Show response
ipsnews.net/business/wp-content/themes/fashionistas/js/ 7 KB
8 KB 569ms
117ms Script
application/javascript 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-content/themes/fashionistas/js/superfish.js?ver=5.9.5
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: db5d34266f8c9536b72268057df2c6b249ab732eaa471579b19df531704b9450

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:22 GMT
Last-Modified: Thu, 02 May 2019 14:00:52 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: application/javascript
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=196
Content-Length: 7481
Expires: max-age=A10368000, public

GET
H/1.1 200
OK settings.js Show response
ipsnews.net/business/wp-content/themes/fashionistas/js/ 174 B
575 B 580ms
118ms Script
application/javascript 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-content/themes/fashionistas/js/settings.js?ver=5.9.5
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: cdc2d5f13b61543ed19e2b453894fbcc857f171ca074ddb7bff40b6ad4d8ea0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:22 GMT
Last-Modified: Thu, 02 May 2019 14:00:52 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: application/javascript
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=198
Content-Length: 174
Expires: max-age=A10368000, public

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 114ms
48ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-361073-1

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6fde76d30ab103f378ab38f8ec06c0d4d0482c14037fdf28c0dabdc3d30acd8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44075
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Feb 2023 10:19:23 GMT

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 368 B
551 B 81ms
54ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CU3E02MG

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f622ffe277936d272b6550fdc08ff27b9a3d6def08d334662c102e1b0a0b9021

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-mnt-h: 22-pmnp
strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 10:19:23 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
content-length: 368
expires: Mon, 20 Feb 2023 10:24:23 GMT

GET
H2 404 tria.png
ipsnoticias.net/wp-content/themes/ips-spa/images/ 0
0 2172ms
2131ms Image
text/html 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipsnoticias.net/wp-content/themes/ips-spa/images/tria.png
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-98-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H/1.1 200
OK social-tw.png
ipsnews.net/wp-content/themes/ipsnews/images/ 1 KB
2 KB 118ms
117ms Image
image/png 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipsnews.net/wp-content/themes/ipsnews/images/social-tw.png
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: 6f782c13509bdd9c6786af7b42d09e54aee58f59244d04ceb478793805bc6bd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:23 GMT
Last-Modified: Sun, 05 Jan 2014 16:37:57 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: image/png
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 1233
Expires: max-age=A10368000, public

GET
H/1.1 200
OK social-fb.png
ipsnews.net/wp-content/themes/ipsnews/images/ 1 KB
1 KB 118ms
117ms Image
image/png 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipsnews.net/wp-content/themes/ipsnews/images/social-fb.png
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: e423e7e6b9e3e8ee687307722bff9b8998886d106f8d951f116f1bac5eef85af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:23 GMT
Last-Modified: Sun, 05 Jan 2014 16:37:54 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: image/png
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=199
Content-Length: 1097
Expires: max-age=A10368000, public

GET
H/1.1 200
OK feed.png
ipsnews.net/wp-content/themes/ipsnews/images/ 1 KB
2 KB 119ms
117ms Image
image/png 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipsnews.net/wp-content/themes/ipsnews/images/feed.png
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: c4b061664ceb42372c8cfc5af699a6b2a81a698115b41ea72c0b1a70419954eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:23 GMT
Last-Modified: Sun, 05 Jan 2014 16:37:09 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: image/png
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=197
Content-Length: 1354
Expires: max-age=A10368000, public

GET
H/1.1 200
OK logo-IPS.png
ipsnews.net/business/wp-content/uploads/2020/11/ 6 KB
7 KB 118ms
117ms Image
image/png 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipsnews.net/business/wp-content/uploads/2020/11/logo-IPS.png
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: bab73ae419115b088718ddb96163e9d3020362ecc8d140cf357dbcccb72969d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:23 GMT
Last-Modified: Mon, 16 Nov 2020 22:57:06 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: image/png
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=198
Content-Length: 6621
Expires: max-age=A10368000, public

GET
H/1.1 200
OK 48a2d9cfff8e811e26fbfd9f36fff6c2.jpg
submission.icrowdmarketing.com/assets/source/users/1839/ 20 KB
21 KB 547ms
178ms Image
image/jpeg 104.238.96.173
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://submission.icrowdmarketing.com/assets/source/users/1839/48a2d9cfff8e811e26fbfd9f36fff6c2.jpg?1645157791710
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.96.173 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 173.96.238.104.host.secureserver.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 /
Resource Hash: 26fd070a5d778fe1c492d47816820e18ae9231a1d3dfbb6ff0a3cfdbc8d6050b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Feb 2022 04:16:04 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 20741
Expires: Wed, 22 Mar 2023 10:19:23 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 85ms
57ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6412117467229435

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f2394a0836ddf343367655f956e01ae7bbb6a943b0a00f5d40048d2abc1b75e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsnews.net/
Origin: https://ipsnews.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49600
x-xss-protection: 0
server: cafe
etag: 9751903815204173829
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 10:19:23 GMT

GET
H2 200 aslogo.svg
w.ad.style/img/ 5 KB
5 KB 40ms
10ms Image
image/svg+xml 45.76.86.183
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ad.style/img/aslogo.svg
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.76.86.183 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.86.183.vultrusercontent.com
Software: nginx/1.22.0 (Ubuntu) /
Resource Hash: 0ead49ad1520351760f2ec83f11a4c74bc9195507839d0424f57d93c46108a30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:23 GMT
last-modified: Sun, 23 Oct 2022 10:54:18 GMT
server: nginx/1.22.0 (Ubuntu)
etag: "63551d5a-12ca"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4810
expires: Tue, 20 Feb 2024 10:19:23 GMT

GET
H/1.1 200
OK header-bg.png
ipsnews.net/svenska/wp-content/uploads/2020/11/ 7 KB
7 KB 123ms
123ms Image
image/png 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipsnews.net/svenska/wp-content/uploads/2020/11/header-bg.png
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: 8fa341d3a7ec203a98bf18581f1a15b31b9921cdeb0b520dfb57e0af6ac0ac84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:23 GMT
Last-Modified: Mon, 16 Nov 2020 20:50:03 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: image/png
Cache-Control: max-age=10368000
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=195
Content-Length: 6793
Expires: max-age=A10368000, public

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 25 KB
25 KB 34ms
9ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&ver=5.9.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ipsnews.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 08:58:53 GMT
x-content-type-options: nosniff
age: 436830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 08:58:53 GMT

GET
H2 200 native.js Show response
widgets.ad.style/ 98 KB
98 KB 98ms
10ms Script
application/javascript 45.76.86.183
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.ad.style/native.js
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.76.86.183 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.86.183.vultrusercontent.com
Software: nginx/1.22.0 (Ubuntu) /
Resource Hash: 92980b57eb031cfd51ca910c4d21d80f43a662661817cd21909451a897ff8fb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:23 GMT
last-modified: Thu, 15 Dec 2022 04:24:54 GMT
server: nginx/1.22.0 (Ubuntu)
etag: "639aa196-18765"
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 100197
expires: Mon, 27 Feb 2023 10:19:23 GMT

GET
H/1.1 200
OK afonts.woff
ipsnews.net/business/wp-content/themes/fashionistas/fonts/ 6 KB
6 KB 121ms
121ms Font
font/woff 67.43.4.144
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://ipsnews.net/business/wp-content/themes/fashionistas/fonts/afonts.woff?94519643
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/wp-content/themes/fashionistas/css/athemes-symbols.css?ver=5.9.5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 67.43.4.144 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.ipsnews.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash: a66979b4409926b6924397ba18c5f9aae035c63afd3540beca4d343dee2750e3

Request headers

Referer: https://ipsnews.net/business/wp-content/themes/fashionistas/css/athemes-symbols.css?ver=5.9.5
Origin: https://ipsnews.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:23 GMT
Last-Modified: Thu, 02 May 2019 14:00:52 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 mod_fcgid/2.3.9
Content-Type: font/woff
Cache-Control: max-age=0
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=198
Content-Length: 6264
Expires: max-age=A10368000, public

GET
H/1.1 200
OK 87cca7041a777185aa33f76a0157dcb8.png
submission.icrowdmarketing.com/assets/source/users/1839/ 61 KB
62 KB 515ms
176ms Image
image/png 104.238.96.173
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://submission.icrowdmarketing.com/assets/source/users/1839/87cca7041a777185aa33f76a0157dcb8.png?1645157926412
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.96.173 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 173.96.238.104.host.secureserver.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 /
Resource Hash: 6e7e189ebe37d04aee011760c4f4a7616c0d0d75e6759c4e4131210e7ba87d98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Feb 2022 04:16:04 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 62753
Expires: Wed, 22 Mar 2023 10:19:23 GMT

GET
H/1.1 200
OK unnamed%20(8).png
submission.icrowdmarketing.com/assets/source/users/1839/ 22 KB
22 KB 505ms
167ms Image
image/png 104.238.96.173
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://submission.icrowdmarketing.com/assets/source/users/1839/unnamed%20(8).png?1645157970104
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.238.96.173 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 173.96.238.104.host.secureserver.net
Software: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4 /
Resource Hash: ab33f09b12a7477e8d5a19fbf9d77f172c14a4e31b4a41fbb76764b2944d27c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Jul 2021 09:13:32 GMT
Server: Apache/2.4.55 (cPanel) OpenSSL/1.1.1t mod_bwlimited/1.4
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 22521
Expires: Wed, 22 Mar 2023 10:19:23 GMT

GET
H/1.1 200
OK flping.php
lg3.media.net/ 35 B
338 B 76ms
16ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/flping.php?reason=0&action=16&pid=8PO189A13&gdpr=1&cid=8CU3E02MG&crid=

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Mon, 20 Feb 2023 10:19:23 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Mon, 20 Feb 2023 10:19:23 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 366 KB
121 KB 341ms
75ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6412117467229435&plah=ipsnews.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6412117467229435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f13e29f46354f69526cc2e8c236253dccc816dc614b25610449470c99a27bbbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122949
x-xss-protection: 0
server: cafe
etag: 8191001917337790004
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 10:19:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/ Frame 4D87 10 KB
5 KB 43ms
9ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6412117467229435

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsnews.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48630
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 20:48:53 GMT
etag: 10353107486223812946
expires: Sun, 05 Mar 2023 20:48:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 38ms
12ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-361073-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 20 Feb 2023 10:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 273
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 20 Feb 2023 12:14:50 GMT

GET
H2 200 get Show response
w.ad.style/ 2 KB
966 B 102ms
100ms XHR
application/json 45.76.86.183
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ad.style/get?wi=2828&s=direct
Requested by: Host: widgets.ad.style
URL: https://widgets.ad.style/native.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.76.86.183 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.86.183.vultrusercontent.com
Software: nginx/1.22.0 (Ubuntu) / Express
Resource Hash: c715ef2fb6809b2cdc66809f96d702f21e34b29e152108c88bd068f644d32d29

Request headers

asloc: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Referer: https://ipsnews.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Feb 2023 10:19:24 GMT
content-encoding: gzip
server: nginx/1.22.0 (Ubuntu)
x-powered-by: Express
etag: W/"784-ej/zZvd8F3D/qmj8wDciwxs10cM"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ipsnews.net
access-control-allow-credentials: true

OPTIONS
H2 204 get
w.ad.style/ Frame 0
0 727ms
701ms Preflight 45.76.86.183
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ad.style/get?wi=2828&s=direct
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.76.86.183 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.86.183.vultrusercontent.com
Software: nginx/1.22.0 (Ubuntu) / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: asloc
Access-Control-Request-Method: GET
Origin: https://ipsnews.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: asloc
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://ipsnews.net
date: Mon, 20 Feb 2023 10:19:24 GMT
server: nginx/1.22.0 (Ubuntu)
vary: Origin, Access-Control-Request-Headers
x-powered-by: Express

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
204 B 17ms
16ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=694000192&t=pageview&_s=1&dl=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F02%2F18%2Fskincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body%2F&ul=en-us&de=UTF-8&dt=Skincell%20Advanced%20Reviews%3A%20Works%20on%20Moles%20%26%20Skin%20Tags%20Anywhere%20on%20Your%20Body!%20-%20IPS%20Inter%20Press%20Service%20Business&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1095995769&gjid=1962012473&cid=1560866945.1676888363&tid=UA-361073-1&_gid=1412850094.1676888363&_r=1&gtm=457e32f0&z=1862506868

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ipsnews.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 10:19:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ipsnews.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
346 B 80ms
24ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-361073-1&cid=1560866945.1676888363&jid=1095995769&gjid=1962012473&_gid=1412850094.1676888363&_u=YEBAAUAAAAAAACAAI~&z=715729982

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ipsnews.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 20 Feb 2023 10:19:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ipsnews.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 70ms
39ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-361073-1&cid=1560866945.1676888363&jid=1095995769&_u=YEBAAUAAAAAAACAAI~&z=2034538829

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 10:19:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 67ms
38ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-361073-1&cid=1560866945.1676888363&jid=1095995769&_u=YEBAAUAAAAAAACAAI~&z=2034538829

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 10:19:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
602 B 48ms
18ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ipsnews.net&callback=_gfp_s_&client=ca-pub-6412117467229435

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6412117467229435&plah=ipsnews.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

549061b138386092a937ee711d1177b298830092e29c5b744861474c9de52804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 65ms
19ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ipsnews.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 47ms
18ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ipsnews.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5EB1 174 KB
47 KB 734ms
733ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&adk=1812271804&adf=3025194257&lmt=1676888363&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F02%2F18%2Fskincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676888363284&bpp=8&bdt=956&idt=491&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6060893907471&frm=20&pv=2&ga_vid=1560866945.1676888363&ga_sid=1676888364&ga_hid=694000192&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C31071755%2C44784142&oid=2&pvsid=4086973035108688&tmod=1314617865&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=513

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6cd8a308ebb12d22ac932b76b2c83be0d40f3ab13a8f2277cad57fd7a9179fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsnews.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 10:19:24 GMT
expires: Mon, 20 Feb 2023 10:19:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 67F7 436 B
413 B 661ms
661ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=280&adk=1859842940&adf=3178583274&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1676888363&rafmt=1&to=qs&pwprc=2587445467&format=1200x280&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F02%2F18%2Fskincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676888363292&bpp=2&bdt=964&idt=510&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6060893907471&frm=20&pv=1&ga_vid=1560866945.1676888363&ga_sid=1676888364&ga_hid=694000192&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=215&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C31071755%2C44784142&oid=2&pvsid=4086973035108688&tmod=1314617865&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5nljVeOczJ&p=https%3A//ipsnews.net&dtd=513

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2df02a02250e96554e49afca1304697dd268807ba584ee38985f2ddaebfd3c68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsnews.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 214
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 10:19:24 GMT
expires: Mon, 20 Feb 2023 10:19:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 19ms
19ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=694000192&t=pageview&_s=1&dl=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F02%2F18%2Fskincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body%2F&dp=ipsnews.net&ul=en-us&de=UTF-8&dt=Skincell%20Advanced%20Reviews%3A%20Works%20on%20Moles%20%26%20Skin%20Tags%20Anywhere%20on%20Your%20Body!%20-%20IPS%20Inter%20Press%20Service%20Business&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=1122637183&gjid=291289398&cid=1560866945.1676888363&tid=UA-88489310-1&_gid=1412850094.1676888363&_r=1&_slc=1&z=747246700

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ipsnews.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 10:19:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ipsnews.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK i.gif
pubtagmanager.com/ 35 B
287 B 76ms
25ms Image
image/gif 108.61.221.118
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubtagmanager.com/i.gif
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 108.61.221.118 London, United Kingdom, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 108.61.221.118.vultrusercontent.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:24 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
Transfer-Encoding: chunked
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 /
w.ad.style/image/ 29 KB
30 KB 14ms
13ms Image
image/jpeg 45.76.86.183
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ad.style/image/?w=360&h=240&url=http%3A%2F%2Fimages.ad.style%2F2b12ccd1987ffda5837cbc414.jpg
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.76.86.183 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.86.183.vultrusercontent.com
Software: nginx/1.22.0 (Ubuntu) /
Resource Hash: 0c2b745987b327b9046eb8d6702bebe53b15faa259d1b204081eaa50f17dcf67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:24 GMT
last-modified: Sun, 19 Feb 2023 12:02:33 GMT
server: nginx/1.22.0 (Ubuntu)
etag: "63f20fd9-7540"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30016
expires: Tue, 20 Feb 2024 10:19:24 GMT

GET
H2 200 /
w.ad.style/image/ 36 KB
36 KB 22ms
21ms Image
image/jpeg 45.76.86.183
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ad.style/image/?w=360&h=240&url=http%3A%2F%2Fimages.ad.style%2F119d34d9e9da6016ffd4aa7d5.jpg
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.76.86.183 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.86.183.vultrusercontent.com
Software: nginx/1.22.0 (Ubuntu) /
Resource Hash: b0357d741a09a372e5c765f1d6a80ee4e74f41e90ae4f41c746d1ea23464bd34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:24 GMT
last-modified: Sat, 18 Feb 2023 14:15:52 GMT
server: nginx/1.22.0 (Ubuntu)
etag: "63f0dd98-8fd0"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 36816
expires: Tue, 20 Feb 2024 10:19:24 GMT

GET
H2 200 /
w.ad.style/image/ 30 KB
31 KB 30ms
29ms Image
image/jpeg 45.76.86.183
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ad.style/image/?w=360&h=240&url=http%3A%2F%2Fimages.ad.style%2F9d28198575bcb76ac5d8b4ba8.jpg
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.76.86.183 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.86.183.vultrusercontent.com
Software: nginx/1.22.0 (Ubuntu) /
Resource Hash: e530a837dd1f7cdef4f0662bd9bf2bcb4ebb6e13d633932bf1bb1b04304092cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:24 GMT
last-modified: Sat, 18 Feb 2023 14:15:52 GMT
server: nginx/1.22.0 (Ubuntu)
etag: "63f0dd98-793f"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 31039
expires: Tue, 20 Feb 2024 10:19:24 GMT

GET
H2 200 /
w.ad.style/image/ 39 KB
39 KB 31ms
31ms Image
image/jpeg 45.76.86.183
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ad.style/image/?w=360&h=240&url=http%3A%2F%2Fimages.ad.style%2F85467aea98a714a41e55805e5.jpg
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.76.86.183 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.86.183.vultrusercontent.com
Software: nginx/1.22.0 (Ubuntu) /
Resource Hash: 13c8cd3ee3731639ce2a7bd6781092f966284d3b56d33e6004a746d624f3ba17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:24 GMT
last-modified: Sun, 19 Feb 2023 11:47:33 GMT
server: nginx/1.22.0 (Ubuntu)
etag: "63f20c55-9bc4"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 39876
expires: Tue, 20 Feb 2024 10:19:24 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 24ms
23ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-88489310-1&cid=1560866945.1676888363&jid=1122637183&gjid=291289398&_gid=1412850094.1676888363&_u=aEDAAUABAAAAACAAI~&z=2073351503

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ipsnews.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 20 Feb 2023 10:19:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ipsnews.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 150 KB
51 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53cafeaf21e6e7669677f12db699d1c7b4119d56343424f4759b1d53eaae5a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52064
x-xss-protection: 0
server: cafe
etag: 8807204965671456336
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 10:19:24 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8&c=ca-pub-6412117467229435&eid=44773810%2C44759842%2C44759875%2C44759926%2C31071755%2C44784142

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 10:19:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 87 KB
30 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6412117467229435

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a91586ae4581c86dbb39bfe483016cf70ee6f3a4eb550ece030b0201afb337a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30575
x-xss-protection: 0
server: cafe
etag: 389729257366585754
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Feb 2023 10:19:24 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 19ms
18ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ipsnews.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 19ms
19ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ipsnews.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ABEA 27 KB
12 KB 1395ms
1395ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=600&adk=1179306731&adf=1549132715&pi=t.aa~a.1596287903~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1676888364&rafmt=1&to=qs&pwprc=2587445467&format=300x600&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F02%2F18%2Fskincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676888364667&bpp=1&bdt=2339&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5460bd5c3bda2a78-221d83ad9adc00cf%3AT%3D1676888363%3ART%3D1676888363%3AS%3DALNI_MaZLMxprwRiZhhZk5X87cTRlARTqg&gpic=UID%3D00000bb946387853%3AT%3D1676888363%3ART%3D1676888363%3AS%3DALNI_MaL2MWypYb11FvhjfzgqGk5W_k9yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6060893907471&frm=20&pv=1&ga_vid=1560866945.1676888363&ga_sid=1676888364&ga_hid=694000192&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=1806&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C31071755%2C44784142&oid=2&pvsid=4086973035108688&tmod=1314617865&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=uxHKYaOSbe&p=https%3A//ipsnews.net&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2375469f1fed94d6462d91196ee40bb1bbe0be545bad7c39af459c73d542736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsnews.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12505
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 10:19:26 GMT
expires: Mon, 20 Feb 2023 10:19:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=2&wpc=ca-pub-6412117467229435&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20230215_093955&sat=1676771346283&afm=0&as_count=0&d_count=0&ng_count=0&am_count=2&atf_count=1&mdns=0&alldns=0.164&allp=13&fd=(0%2C8%2C1)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=5374&abl=false&rr=n&su=ipsnews.net&pvc=4086973035108688&r=0.1&eid=44773810%2C44759842%2C44759875%2C44759926%2C31071755%2C44784142

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 10:19:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8&c=ca-pub-6412117467229435&eid=44773810%2C44759842%2C44759875%2C44759926%2C31071755%2C44784142

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 10:19:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ipsnews.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ipsnews.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/ Frame D130 10 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsnews.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48628
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 20:48:56 GMT
etag: 10353107486223812946
expires: Sun, 05 Mar 2023 20:48:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame D130 4 KB
636 B 38ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 10:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 08:39:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Feb 2023 10:19:24 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D130 205 B
650 B 35ms
9ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:12:50 GMT
x-content-type-options: nosniff
age: 11194
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 20 Feb 2024 07:12:50 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D130 604 B
694 B 36ms
10ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 09:24:04 GMT
x-content-type-options: nosniff
age: 3320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 20 Feb 2024 09:24:04 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/elements/html/ Frame D130 19 KB
8 KB 40ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e14ff3e75a1030bfcc4f49ce62a2036c3f239b81339024d1745b581ca4e76b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 02:22:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28585
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8251
x-xss-protection: 0
server: cafe
etag: 12882883664474914621
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 02:22:59 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7A77 8 KB
895 B 21ms
21ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 10:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 09:44:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Feb 2023 10:19:24 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 7A77 2 KB
846 B 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 20:27:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49925
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Mar 2023 20:27:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/ Frame 7A77 22 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 20:27:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49926
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Mar 2023 20:27:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 7A77 3 KB
1 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 09:37:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 09:37:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 7A77 20 KB
8 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 20:27:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49926
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Mar 2023 20:27:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A77 156 KB
48 KB 58ms
23ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 10:19:24 GMT

GET
H2 200 3fa5291869997d20adf47a02a7a75d04.js Show response
www.gstatic.com/mysidia/ Frame 7A77 34 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 20:26:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Tue, 14 Feb 2023 00:07:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 15 May 2023 20:26:58 GMT

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C13 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 21:08:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 220281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 21:08:03 GMT

GET
H/1.1 200
OK v.gif
pubtagmanager.com/ 35 B
287 B 21ms
21ms Image
image/gif 108.61.221.118
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubtagmanager.com/v.gif
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 108.61.221.118 London, United Kingdom, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 108.61.221.118.vultrusercontent.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:25 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: Express
Transfer-Encoding: chunked
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Credentials: true
Connection: keep-alive

POST
H2 200 / Show response
w.ad.style/views/1676888364198/ 0
301 B 11ms
11ms XHR
text/html 45.76.86.183
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ad.style/views/1676888364198/?s=direct
Requested by: Host: widgets.ad.style
URL: https://widgets.ad.style/native.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.76.86.183 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.86.183.vultrusercontent.com
Software: nginx/1.22.0 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

asloc: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Referer: https://ipsnews.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Feb 2023 10:19:25 GMT
server: nginx/1.22.0 (Ubuntu)
x-powered-by: Express
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ipsnews.net
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 204 /
w.ad.style/views/1676888364198/ Frame 0
0 10ms
10ms Preflight 45.76.86.183
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ad.style/views/1676888364198/?s=direct
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.76.86.183 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.76.86.183.vultrusercontent.com
Software: nginx/1.22.0 (Ubuntu) / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: asloc
Access-Control-Request-Method: POST
Origin: https://ipsnews.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: asloc
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://ipsnews.net
date: Mon, 20 Feb 2023 10:19:25 GMT
server: nginx/1.22.0 (Ubuntu)
vary: Origin, Access-Control-Request-Headers
x-powered-by: Express

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame ABEA 3 KB
2 KB 55ms
16ms Script
application/x-javascript 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWldSbVltWmlNVEF0Wm1VeE5DMDFPVEV6TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUyMzkzOTA4MDAyNzcxMjg5NzAvNjYyMjMyNy80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3QjdQcWpteEtfUkhBV1Y0MC10NHlDby8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81MjM5MzkwODAwMjc3MTI4OTcwL2Ftcy8wLzIwNC80Ny85OTkvMzIyLzJhMDE6NGEwOjVhOjovMC4wMDAvMTY3Njg4ODM2NC8xNjc2OTAwOTY0LzQvcHViLTY0MTIxMTc0NjcyMjk0MzUv/Cpn6JwD8h10h_lWfzBkQXTzMhjA&nodeid=4030&group=cdg&auctionid=5239390800277128970&pbs_auctionid=5239390800277128970&shardkey=5239390800277128970&sid=4562306&cid=6622327&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.229&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCex-ELEnzY8yOK5GKwuIP_6i5sAXPh46bXMCG2YLGAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTHAk_QHh6__LlzLDCh0j8JgY3_uHe69fB20GOCOgnjKL0gYYYm4WcpyIdZvLiBxwhqPw5MyAVN_pB23wM7Zu5obpeRliWtR_WzT8L7v1Ok9zua76xUgHKrYpAlmDK8XERKg3vG9K5wbupmAgJgpScqvj1q6vQL165R0ZaILJ6cGympTTbq3FoImmFEB_ClJ9mUO5XNA_i-v6PrC_debp0UsC8G0eNBrQFQeFls5On260MNL6FTsXIfbqmyxtTKwmlTbHhNC3LQASRQ34Ezxw6FAkBeDoLAPrv5xni28tPyNdjG4mcT7jF0IUYllTjNkfSwptUY3Ee_JnxTVRxWdkmoLRlHwfa8NnP9jEV0ajHfJ_pGtMUqD6nkDva9imbdCj6Sjpq_DMlnZQOMYl6KNnH-0XJZI2xsm6aoKFEnf_tf5XhEX3iCYQwtmoAGs-n1-N_MwLi5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2DBy4aTVxWYPxZFD_EpaOxpwIb9A%26client%3Dca-pub-6412117467229435%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=600&adk=1179306731&adf=1549132715&pi=t.aa~a.1596287903~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1676888364&rafmt=1&to=qs&pwprc=2587445467&format=300x600&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F02%2F18%2Fskincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676888364667&bpp=1&bdt=2339&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5460bd5c3bda2a78-221d83ad9adc00cf%3AT%3D1676888363%3ART%3D1676888363%3AS%3DALNI_MaZLMxprwRiZhhZk5X87cTRlARTqg&gpic=UID%3D00000bb946387853%3AT%3D1676888363%3ART%3D1676888363%3AS%3DALNI_MaL2MWypYb11FvhjfzgqGk5W_k9yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6060893907471&frm=20&pv=1&ga_vid=1560866945.1676888363&ga_sid=1676888364&ga_hid=694000192&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=1806&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C31071755%2C44784142&oid=2&pvsid=4086973035108688&tmod=1314617865&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=uxHKYaOSbe&p=https%3A//ipsnews.net&dtd=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.380.1 /
Resource Hash: a26726de7e10c625f170259a3a8516eecb07abf6ec74fb79331a39a9992e0d50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:26 GMT
x-mm-nodeid: 4030
Content-Encoding: gzip
x-mm-bid-request-time: 1676888364
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Mon, 20 Feb 2023 10:19:24 GMT
Server: MMBD/3.380.1
x-mm-latency: 1 (1)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: cdg-router-x44, cdg-bidder-x176
x-mm-lag: 2
Expires: Mon, 20 Feb 2023 10:19:25 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame ABEA 3 KB
1 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=600&adk=1179306731&adf=1549132715&pi=t.aa~a.1596287903~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1676888364&rafmt=1&to=qs&pwprc=2587445467&format=300x600&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F02%2F18%2Fskincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676888364667&bpp=1&bdt=2339&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5460bd5c3bda2a78-221d83ad9adc00cf%3AT%3D1676888363%3ART%3D1676888363%3AS%3DALNI_MaZLMxprwRiZhhZk5X87cTRlARTqg&gpic=UID%3D00000bb946387853%3AT%3D1676888363%3ART%3D1676888363%3AS%3DALNI_MaL2MWypYb11FvhjfzgqGk5W_k9yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6060893907471&frm=20&pv=1&ga_vid=1560866945.1676888363&ga_sid=1676888364&ga_hid=694000192&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=1806&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C31071755%2C44784142&oid=2&pvsid=4086973035108688&tmod=1314617865&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=uxHKYaOSbe&p=https%3A//ipsnews.net&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 09:37:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 09:37:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame ABEA 20 KB
8 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 20:27:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49928
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Mar 2023 20:27:18 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame ABEA 0
0 21ms
20ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ0Sc5nu8fPa_0rXzjQQr_8BZ80j-4dHC7EwbOQwpcrO16hodgJY45ctMbRaw6cpATpTyq_CQ9WseblGVqDdE35xNKyPQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=600&adk=1179306731&adf=1549132715&pi=t.aa~a.1596287903~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1676888364&rafmt=1&to=qs&pwprc=2587445467&format=300x600&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F02%2F18%2Fskincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676888364667&bpp=1&bdt=2339&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5460bd5c3bda2a78-221d83ad9adc00cf%3AT%3D1676888363%3ART%3D1676888363%3AS%3DALNI_MaZLMxprwRiZhhZk5X87cTRlARTqg&gpic=UID%3D00000bb946387853%3AT%3D1676888363%3ART%3D1676888363%3AS%3DALNI_MaL2MWypYb11FvhjfzgqGk5W_k9yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6060893907471&frm=20&pv=1&ga_vid=1560866945.1676888363&ga_sid=1676888364&ga_hid=694000192&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=1806&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C31071755%2C44784142&oid=2&pvsid=4086973035108688&tmod=1314617865&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=uxHKYaOSbe&p=https%3A//ipsnews.net&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ABEA 156 KB
48 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 10:19:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ABEA 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTa23LEnzY8yOK5GKwuIP_6i5sAXPh46bXMCG2YLGAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTEAk_QHh6__LlzLDCh0j8JgY3_uHe69fB20GOCOgnjKL0gYYYm4WcpyIdZvLiBxwhqPw5MyAVN_pB23wM7Zu5obpeRliWtR_WzT8L7v1Ok9zua76xUgHKrYpAlmDK8XERKg3vG9K5wbupmAgJgpScqvj1q6vQL165R0ZaILJ6cGympTTbq3FoImmFEB_ClJ9mUO5XNA_i-v6PrC_debp0UsC8G0eNBrQFQeFls5On260MNL6FTsXIfbqmyxtTKwmlTbHhNC3LQASRQ34Ezxw6FAkBeDoLAPrv5xni28tPyNdjG4mcT7jF0IUYllTjNkfSwptUY3Ee_JnxTVRxWdkmoLRlHwfa8NnP9jEV0ajHfJ_pGtMUqD6nkDva9imbdCj7QjLstoHXDYo4oKvVSdt4OzGZTn2ZCg0cV6BGIhVpByWDqxsSF7IAGs-n1-N_MwLi5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjQxMjExNzQ2NzIyOTQzNRgA&sigh=2R9zKTxX8aY&uach_m=[UACH]&cid=CAQSOwDUE5ymI0A7jUkD2oNuUKeI76AaXS4-f00oF8m4UngYTysk0SQP1vSjPAupcSY7YePo99RENJRqTKJbGAE&tpd=AGWhJmvzMRAO-N7YF9wf3MXAiILXCn5ohASisT4P0nR9UTbNCOcXB3rgJ8vXDUzf_zZL_xI-xW4c94p-4YCtAB8i2puo1vGjl1jDa6slwQCsoDzTIFSxaYiIMf_4y8lnzJY3N1-K0GDrxetJtV7yUN-Ofmv0OmHqFCgA0-6K71jYoE8sxrkpaXIOupx2Q542rqroRCDe6gI9VQKKRwZ4zV1R2OcovHcfrGONUweqJSYigz86VoPP5qmTrJx036Smdgz9Q-_MnUryV0ZnaTseVjvCAj2AgoPapyeEvEafoFikLgwRxXD24wGnvYuUB-AX1tzrT47Bmw9lfbRtKS3OJDXlDbvwD8drTdYi_kohI8KoYV5NT_f4jB6hO4f_HiONH4Ay2BZoj5aHbqJFzm9G14L4YF7nNS1E99o7FhxgQxb3_3DYTx7bv3_nVoDoXrpxUcGwN3jBAAPu-liHIxWrG8_99F-06t9VmmS9ncl1uATrri3gJp5o8BYR6ZpeLxyJNhpBgCDDnioX_49gu3cFD8p3fuKui0V7j8a_mZd5-n-xsF3ViC_DgYfIGiTp7lddmxvWjnocOkZ2uKKQpbgRMDa5I_Qr_tN5dnxFFv9-nOy3jW6XXYDYjXGeujP4WWahJWMMmKSr99pBE9fyu92Dxrg9t_kBk-ZINO0v2GN9rMSUbxBhDXHZEPpbqODPAa-EizeIh8rGPiGd_ny_A6jeBbHug87paMcYAafQNeYL4HPUjETXQk-T_8C_G_kfBvAnCikc1OlfIUaII7XFVIoM849skeQ51jqckEGRlWu-7KvivEiRo5rh2GxZqfHy9YzRMeJtpE2PXIX-t_hh7ajiN5bj4OGrPUAVO3l2rU5rQL9bbN53lgu12QbybVE9sk5O3rANQvavCpU176ZASmy-ialFwGHqSib0uhVJUq3Zpy7654teZOw4HPkSxYQz7ptgq216WLFA5-q-eUCRznhtg67dvo6Hkb_2hw1EG5S9z8oCJfV_Ivedtw9w8Jo--jKUWUaQc2YUmI9jIYRoQ3JDZBoce7FuiM7bRrCyCPIsl7i6d-8jaDA-NiEXn7hE6-dRh2s9yk6hrGghKHHjFZ8BbF9M88_5DuuVRD3JaB9S25B_LWviPc1OHQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=600&adk=1179306731&adf=1549132715&pi=t.aa~a.1596287903~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1676888364&rafmt=1&to=qs&pwprc=2587445467&format=300x600&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F02%2F18%2Fskincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676888364667&bpp=1&bdt=2339&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5460bd5c3bda2a78-221d83ad9adc00cf%3AT%3D1676888363%3ART%3D1676888363%3AS%3DALNI_MaZLMxprwRiZhhZk5X87cTRlARTqg&gpic=UID%3D00000bb946387853%3AT%3D1676888363%3ART%3D1676888363%3AS%3DALNI_MaL2MWypYb11FvhjfzgqGk5W_k9yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6060893907471&frm=20&pv=1&ga_vid=1560866945.1676888363&ga_sid=1676888364&ga_hid=694000192&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=1806&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C31071755%2C44784142&oid=2&pvsid=4086973035108688&tmod=1314617865&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=uxHKYaOSbe&p=https%3A//ipsnews.net&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Feb 2023 10:19:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK yrsa821xsiee Show response
hal9000.redintelligence.net/zone/ Frame ABEA 10 KB
4 KB 34ms
9ms Script
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/yrsa821xsiee?subid=&gdpr=1&gdpr_consent=li&rnd=5239390800277128970&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4AvAIeTf_CaTm67IZnXbGg%26exch_seat%3D20035004448%26mt_aid%3D5239390800277128970%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da75763f3-492e-4301-8692-bdfe8e857453%26mt_cid%3Da75763f3-492e-4301-8692-bdfe8e857453%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCex-ELEnzY8yOK5GKwuIP_6i5sAXPh46bXMCG2YLGAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTHAk_QHh6__LlzLDCh0j8JgY3_uHe69fB20GOCOgnjKL0gYYYm4WcpyIdZvLiBxwhqPw5MyAVN_pB23wM7Zu5obpeRliWtR_WzT8L7v1Ok9zua76xUgHKrYpAlmDK8XERKg3vG9K5wbupmAgJgpScqvj1q6vQL165R0ZaILJ6cGympTTbq3FoImmFEB_ClJ9mUO5XNA_i-v6PrC_debp0UsC8G0eNBrQFQeFls5On260MNL6FTsXIfbqmyxtTKwmlTbHhNC3LQASRQ34Ezxw6FAkBeDoLAPrv5xni28tPyNdjG4mcT7jF0IUYllTjNkfSwptUY3Ee_JnxTVRxWdkmoLRlHwfa8NnP9jEV0ajHfJ_pGtMUqD6nkDva9imbdCj6Sjpq_DMlnZQOMYl6KNnH-0XJZI2xsm6aoKFEnf_tf5XhEX3iCYQwtmoAGs-n1-N_MwLi5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2DBy4aTVxWYPxZFD_EpaOxpwIb9A%2526client%253Dca-pub-6412117467229435%2526adurl%253D%26redirect%3D
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 2dea5814e424918a690c6444c8a9f56c9235a70410b2737ba72cbc1c525a6799

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3487
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame ABEA 49 B
330 B 45ms
15ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=5239390800277128970&node_id=4030&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWldSbVltWmlNVEF0Wm1VeE5DMDFPVEV6TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUyMzkzOTA4MDAyNzcxMjg5NzAvNjYyMjMyNy80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3QjdQcWpteEtfUkhBV1Y0MC10NHlDby8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81MjM5MzkwODAwMjc3MTI4OTcwL2Ftcy8wLzIwNC80Ny85OTkvMzIyLzJhMDE6NGEwOjVhOjovMC4wMDAvMTY3Njg4ODM2NC8xNjc2OTAwOTY0LzQvcHViLTY0MTIxMTc0NjcyMjk0MzUv/Cpn6JwD8h10h_lWfzBkQXTzMhjA&nodeid=4030&group=cdg&auctionid=5239390800277128970&pbs_auctionid=5239390800277128970&shardkey=5239390800277128970&sid=4562306&cid=6622327&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.229&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCex-ELEnzY8yOK5GKwuIP_6i5sAXPh46bXMCG2YLGAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTHAk_QHh6__LlzLDCh0j8JgY3_uHe69fB20GOCOgnjKL0gYYYm4WcpyIdZvLiBxwhqPw5MyAVN_pB23wM7Zu5obpeRliWtR_WzT8L7v1Ok9zua76xUgHKrYpAlmDK8XERKg3vG9K5wbupmAgJgpScqvj1q6vQL165R0ZaILJ6cGympTTbq3FoImmFEB_ClJ9mUO5XNA_i-v6PrC_debp0UsC8G0eNBrQFQeFls5On260MNL6FTsXIfbqmyxtTKwmlTbHhNC3LQASRQ34Ezxw6FAkBeDoLAPrv5xni28tPyNdjG4mcT7jF0IUYllTjNkfSwptUY3Ee_JnxTVRxWdkmoLRlHwfa8NnP9jEV0ajHfJ_pGtMUqD6nkDva9imbdCj6Sjpq_DMlnZQOMYl6KNnH-0XJZI2xsm6aoKFEnf_tf5XhEX3iCYQwtmoAGs-n1-N_MwLi5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2DBy4aTVxWYPxZFD_EpaOxpwIb9A%26client%3Dca-pub-6412117467229435%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.380.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:26 GMT
Server: MMBD/3.380.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x95, cdg-bidder-x176
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 20 Feb 2023 10:19:25 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame ABEA 43 B
404 B 55ms
19ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=5239390800277128970&v3=651871&v4=4562306&v5=6622327&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWldSbVltWmlNVEF0Wm1VeE5DMDFPVEV6TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUyMzkzOTA4MDAyNzcxMjg5NzAvNjYyMjMyNy80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3QjdQcWpteEtfUkhBV1Y0MC10NHlDby8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81MjM5MzkwODAwMjc3MTI4OTcwL2Ftcy8wLzIwNC80Ny85OTkvMzIyLzJhMDE6NGEwOjVhOjovMC4wMDAvMTY3Njg4ODM2NC8xNjc2OTAwOTY0LzQvcHViLTY0MTIxMTc0NjcyMjk0MzUv/Cpn6JwD8h10h_lWfzBkQXTzMhjA&nodeid=4030&group=cdg&auctionid=5239390800277128970&pbs_auctionid=5239390800277128970&shardkey=5239390800277128970&sid=4562306&cid=6622327&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.229&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCex-ELEnzY8yOK5GKwuIP_6i5sAXPh46bXMCG2YLGAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTHAk_QHh6__LlzLDCh0j8JgY3_uHe69fB20GOCOgnjKL0gYYYm4WcpyIdZvLiBxwhqPw5MyAVN_pB23wM7Zu5obpeRliWtR_WzT8L7v1Ok9zua76xUgHKrYpAlmDK8XERKg3vG9K5wbupmAgJgpScqvj1q6vQL165R0ZaILJ6cGympTTbq3FoImmFEB_ClJ9mUO5XNA_i-v6PrC_debp0UsC8G0eNBrQFQeFls5On260MNL6FTsXIfbqmyxtTKwmlTbHhNC3LQASRQ34Ezxw6FAkBeDoLAPrv5xni28tPyNdjG4mcT7jF0IUYllTjNkfSwptUY3Ee_JnxTVRxWdkmoLRlHwfa8NnP9jEV0ajHfJ_pGtMUqD6nkDva9imbdCj6Sjpq_DMlnZQOMYl6KNnH-0XJZI2xsm6aoKFEnf_tf5XhEX3iCYQwtmoAGs-n1-N_MwLi5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2DBy4aTVxWYPxZFD_EpaOxpwIb9A%26client%3Dca-pub-6412117467229435%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 475 4bd2ccd master zrh-pixel-x12 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:26 GMT
Server: MT3 475 4bd2ccd master zrh-pixel-x12 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Mon, 20 Feb 2023 10:19:25 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame ABEA 49 B
330 B 52ms
21ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=5239390800277128970&st=4562306&time=1676888366&nodeid=4030
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWldSbVltWmlNVEF0Wm1VeE5DMDFPVEV6TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUyMzkzOTA4MDAyNzcxMjg5NzAvNjYyMjMyNy80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3QjdQcWpteEtfUkhBV1Y0MC10NHlDby8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81MjM5MzkwODAwMjc3MTI4OTcwL2Ftcy8wLzIwNC80Ny85OTkvMzIyLzJhMDE6NGEwOjVhOjovMC4wMDAvMTY3Njg4ODM2NC8xNjc2OTAwOTY0LzQvcHViLTY0MTIxMTc0NjcyMjk0MzUv/Cpn6JwD8h10h_lWfzBkQXTzMhjA&nodeid=4030&group=cdg&auctionid=5239390800277128970&pbs_auctionid=5239390800277128970&shardkey=5239390800277128970&sid=4562306&cid=6622327&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.134.229&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCex-ELEnzY8yOK5GKwuIP_6i5sAXPh46bXMCG2YLGAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTHAk_QHh6__LlzLDCh0j8JgY3_uHe69fB20GOCOgnjKL0gYYYm4WcpyIdZvLiBxwhqPw5MyAVN_pB23wM7Zu5obpeRliWtR_WzT8L7v1Ok9zua76xUgHKrYpAlmDK8XERKg3vG9K5wbupmAgJgpScqvj1q6vQL165R0ZaILJ6cGympTTbq3FoImmFEB_ClJ9mUO5XNA_i-v6PrC_debp0UsC8G0eNBrQFQeFls5On260MNL6FTsXIfbqmyxtTKwmlTbHhNC3LQASRQ34Ezxw6FAkBeDoLAPrv5xni28tPyNdjG4mcT7jF0IUYllTjNkfSwptUY3Ee_JnxTVRxWdkmoLRlHwfa8NnP9jEV0ajHfJ_pGtMUqD6nkDva9imbdCj6Sjpq_DMlnZQOMYl6KNnH-0XJZI2xsm6aoKFEnf_tf5XhEX3iCYQwtmoAGs-n1-N_MwLi5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2DBy4aTVxWYPxZFD_EpaOxpwIb9A%26client%3Dca-pub-6412117467229435%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.380.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:26 GMT
Server: MMBD/3.380.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x54, cdg-bidder-x176
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 20 Feb 2023 10:19:25 GMT

GET
H/1.1 200
OK request.php Show response
hal900019.redintelligence.net/ Frame ABEA 3 KB
2 KB 97ms
72ms Script
application/x-javascript 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900019.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=d9a54e15a4&subid=&uid=d480d40c688e5a65&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4AvAIeTf_CaTm67IZnXbGg%26exch_seat%3D20035004448%26mt_aid%3D5239390800277128970%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da75763f3-492e-4301-8692-bdfe8e857453%26mt_cid%3Da75763f3-492e-4301-8692-bdfe8e857453%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCex-ELEnzY8yOK5GKwuIP_6i5sAXPh46bXMCG2YLGAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTHAk_QHh6__LlzLDCh0j8JgY3_uHe69fB20GOCOgnjKL0gYYYm4WcpyIdZvLiBxwhqPw5MyAVN_pB23wM7Zu5obpeRliWtR_WzT8L7v1Ok9zua76xUgHKrYpAlmDK8XERKg3vG9K5wbupmAgJgpScqvj1q6vQL165R0ZaILJ6cGympTTbq3FoImmFEB_ClJ9mUO5XNA_i-v6PrC_debp0UsC8G0eNBrQFQeFls5On260MNL6FTsXIfbqmyxtTKwmlTbHhNC3LQASRQ34Ezxw6FAkBeDoLAPrv5xni28tPyNdjG4mcT7jF0IUYllTjNkfSwptUY3Ee_JnxTVRxWdkmoLRlHwfa8NnP9jEV0ajHfJ_pGtMUqD6nkDva9imbdCj6Sjpq_DMlnZQOMYl6KNnH-0XJZI2xsm6aoKFEnf_tf5XhEX3iCYQwtmoAGs-n1-N_MwLi5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2DBy4aTVxWYPxZFD_EpaOxpwIb9A%2526client%253Dca-pub-6412117467229435%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6412117467229435%26output%3Dhtml%26h%3D600%26adk%3D1179306731%26adf%3D1549132715%26pi%3Dt.aa~a.1596287903~rp.4%26w%3D300%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1676888364%26rafmt%3D1%26to%3Dqs%26pwprc%3D2587445467%26format%3D300x600%26url%3Dhttps%253A%252F%252Fipsnews.net%252Fbusiness%252F2022%252F02%252F18%252Fskincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1676888364667%26bpp%3D1%26bdt%3D2339%26idt%3D1%26shv%3Dr20230215%26mjsv%3Dm202302130101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D5460bd5c3bda2a78-221d83ad9adc00cf%253AT%253D1676888363%253ART%253D1676888363%253AS%253DALNI_MaZLMxprwRiZhhZk5X87cTRlARTqg%26gpic%3DUID%253D00000bb946387853%253AT%253D1676888363%253ART%253D1676888363%253AS%253DALNI_MaL2MWypYb11FvhjfzgqGk5W_k9yA%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D6060893907471%26frm%3D20%26pv%3D1%26ga_vid%3D1560866945.1676888363%26ga_sid%3D1676888364%26ga_hid%3D694000192%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D990%26ady%3D1806%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44773810%252C44759842%252C44759875%252C44759926%252C31071755%252C44784142%26oid%3D2%26pvsid%3D4086973035108688%26tmod%3D1314617865%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26xpc%3DuxHKYaOSbe%26p%3Dhttps%253A%2F%2Fipsnews.net%26dtd%3D6&ancestorOrigins=null&random=8495327138074&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/yrsa821xsiee?subid=&gdpr=1&gdpr_consent=li&rnd=5239390800277128970&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4AvAIeTf_CaTm67IZnXbGg%26exch_seat%3D20035004448%26mt_aid%3D5239390800277128970%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da75763f3-492e-4301-8692-bdfe8e857453%26mt_cid%3Da75763f3-492e-4301-8692-bdfe8e857453%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCex-ELEnzY8yOK5GKwuIP_6i5sAXPh46bXMCG2YLGAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTHAk_QHh6__LlzLDCh0j8JgY3_uHe69fB20GOCOgnjKL0gYYYm4WcpyIdZvLiBxwhqPw5MyAVN_pB23wM7Zu5obpeRliWtR_WzT8L7v1Ok9zua76xUgHKrYpAlmDK8XERKg3vG9K5wbupmAgJgpScqvj1q6vQL165R0ZaILJ6cGympTTbq3FoImmFEB_ClJ9mUO5XNA_i-v6PrC_debp0UsC8G0eNBrQFQeFls5On260MNL6FTsXIfbqmyxtTKwmlTbHhNC3LQASRQ34Ezxw6FAkBeDoLAPrv5xni28tPyNdjG4mcT7jF0IUYllTjNkfSwptUY3Ee_JnxTVRxWdkmoLRlHwfa8NnP9jEV0ajHfJ_pGtMUqD6nkDva9imbdCj6Sjpq_DMlnZQOMYl6KNnH-0XJZI2xsm6aoKFEnf_tf5XhEX3iCYQwtmoAGs-n1-N_MwLi5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2DBy4aTVxWYPxZFD_EpaOxpwIb9A%2526client%253Dca-pub-6412117467229435%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 886fb2df93f19ef5677309f81c29eec12883fb35013a1e02bffac0dfa93778c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Feb 2023 10:19:26 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 72195800052981400951401012241019
Connection: close
Content-Length: 1142
Expires: Mon, 20 Feb 2023 10:19:26 +0100

GET
H2 200 / Show response
adv.office-partner.de/ Frame B38E 930 B
931 B 53ms
11ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=d9a54e15a4&subid=&uid=d480d40c688e5a65&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4AvAIeTf_CaTm67IZnXbGg%26exch_seat%3D20035004448%26mt_aid%3D5239390800277128970%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da75763f3-492e-4301-8692-bdfe8e857453%26mt_cid%3Da75763f3-492e-4301-8692-bdfe8e857453%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCex-ELEnzY8yOK5GKwuIP_6i5sAXPh46bXMCG2YLGAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTHAk_QHh6__LlzLDCh0j8JgY3_uHe69fB20GOCOgnjKL0gYYYm4WcpyIdZvLiBxwhqPw5MyAVN_pB23wM7Zu5obpeRliWtR_WzT8L7v1Ok9zua76xUgHKrYpAlmDK8XERKg3vG9K5wbupmAgJgpScqvj1q6vQL165R0ZaILJ6cGympTTbq3FoImmFEB_ClJ9mUO5XNA_i-v6PrC_debp0UsC8G0eNBrQFQeFls5On260MNL6FTsXIfbqmyxtTKwmlTbHhNC3LQASRQ34Ezxw6FAkBeDoLAPrv5xni28tPyNdjG4mcT7jF0IUYllTjNkfSwptUY3Ee_JnxTVRxWdkmoLRlHwfa8NnP9jEV0ajHfJ_pGtMUqD6nkDva9imbdCj6Sjpq_DMlnZQOMYl6KNnH-0XJZI2xsm6aoKFEnf_tf5XhEX3iCYQwtmoAGs-n1-N_MwLi5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2DBy4aTVxWYPxZFD_EpaOxpwIb9A%2526client%253Dca-pub-6412117467229435%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6412117467229435%26output%3Dhtml%26h%3D600%26adk%3D1179306731%26adf%3D1549132715%26pi%3Dt.aa~a.1596287903~rp.4%26w%3D300%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1676888364%26rafmt%3D1%26to%3Dqs%26pwprc%3D2587445467%26format%3D300x600%26url%3Dhttps%253A%252F%252Fipsnews.net%252Fbusiness%252F2022%252F02%252F18%252Fskincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1676888364667%26bpp%3D1%26bdt%3D2339%26idt%3D1%26shv%3Dr20230215%26mjsv%3Dm202302130101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D5460bd5c3bda2a78-221d83ad9adc00cf%253AT%253D1676888363%253ART%253D1676888363%253AS%253DALNI_MaZLMxprwRiZhhZk5X87cTRlARTqg%26gpic%3DUID%253D00000bb946387853%253AT%253D1676888363%253ART%253D1676888363%253AS%253DALNI_MaL2MWypYb11FvhjfzgqGk5W_k9yA%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D6060893907471%26frm%3D20%26pv%3D1%26ga_vid%3D1560866945.1676888363%26ga_sid%3D1676888364%26ga_hid%3D694000192%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D990%26ady%3D1806%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44773810%252C44759842%252C44759875%252C44759926%252C31071755%252C44784142%26oid%3D2%26pvsid%3D4086973035108688%26tmod%3D1314617865%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26xpc%3DuxHKYaOSbe%26p%3Dhttps%253A%2F%2Fipsnews.net%26dtd%3D6&ancestorOrigins=null&random=8495327138074&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Mon, 20 Feb 2023 10:19:26 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Mon, 27 Feb 2023 10:19:26 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame FE45
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=72195800052981400951401012241019&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72195800052981400951401012241019&actionid=981741&produktid=&dt_url=

0
606 B

82ms
47ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72195800052981400951401012241019&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=d9a54e15a4&subid=&uid=d480d40c688e5a65&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4AvAIeTf_CaTm67IZnXbGg%26exch_seat%3D20035004448%26mt_aid%3D5239390800277128970%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da75763f3-492e-4301-8692-bdfe8e857453%26mt_cid%3Da75763f3-492e-4301-8692-bdfe8e857453%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCex-ELEnzY8yOK5GKwuIP_6i5sAXPh46bXMCG2YLGAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTHAk_QHh6__LlzLDCh0j8JgY3_uHe69fB20GOCOgnjKL0gYYYm4WcpyIdZvLiBxwhqPw5MyAVN_pB23wM7Zu5obpeRliWtR_WzT8L7v1Ok9zua76xUgHKrYpAlmDK8XERKg3vG9K5wbupmAgJgpScqvj1q6vQL165R0ZaILJ6cGympTTbq3FoImmFEB_ClJ9mUO5XNA_i-v6PrC_debp0UsC8G0eNBrQFQeFls5On260MNL6FTsXIfbqmyxtTKwmlTbHhNC3LQASRQ34Ezxw6FAkBeDoLAPrv5xni28tPyNdjG4mcT7jF0IUYllTjNkfSwptUY3Ee_JnxTVRxWdkmoLRlHwfa8NnP9jEV0ajHfJ_pGtMUqD6nkDva9imbdCj6Sjpq_DMlnZQOMYl6KNnH-0XJZI2xsm6aoKFEnf_tf5XhEX3iCYQwtmoAGs-n1-N_MwLi5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2DBy4aTVxWYPxZFD_EpaOxpwIb9A%2526client%253Dca-pub-6412117467229435%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6412117467229435%26output%3Dhtml%26h%3D600%26adk%3D1179306731%26adf%3D1549132715%26pi%3Dt.aa~a.1596287903~rp.4%26w%3D300%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1676888364%26rafmt%3D1%26to%3Dqs%26pwprc%3D2587445467%26format%3D300x600%26url%3Dhttps%253A%252F%252Fipsnews.net%252Fbusiness%252F2022%252F02%252F18%252Fskincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1676888364667%26bpp%3D1%26bdt%3D2339%26idt%3D1%26shv%3Dr20230215%26mjsv%3Dm202302130101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D5460bd5c3bda2a78-221d83ad9adc00cf%253AT%253D1676888363%253ART%253D1676888363%253AS%253DALNI_MaZLMxprwRiZhhZk5X87cTRlARTqg%26gpic%3DUID%253D00000bb946387853%253AT%253D1676888363%253ART%253D1676888363%253AS%253DALNI_MaL2MWypYb11FvhjfzgqGk5W_k9yA%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D6060893907471%26frm%3D20%26pv%3D1%26ga_vid%3D1560866945.1676888363%26ga_sid%3D1676888364%26ga_hid%3D694000192%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D990%26ady%3D1806%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44773810%252C44759842%252C44759875%252C44759926%252C31071755%252C44784142%26oid%3D2%26pvsid%3D4086973035108688%26tmod%3D1314617865%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26xpc%3DuxHKYaOSbe%26p%3Dhttps%253A%2F%2Fipsnews.net%26dtd%3D6&ancestorOrigins=null&random=8495327138074&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 20 Feb 2023 10:19:26 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 20 Feb 2023 11:19:26 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Mon, 20 Feb 2023 10:19:26 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=72195800052981400951401012241019&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028
X-IPLB-Request-ID: 50FF0ACA:D5C0_91EFC182:01BB_63F3492E_2C24B0B:C02B

GET
H2 200 link.html Show response
track.webgains.com/ Frame ABEA 2 KB
2 KB 175ms
107ms Script
text/html 18.170.235.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=72195800052981400951401012241019&nw=1
Requested by: Host: ipsnews.net
URL: https://ipsnews.net/business/2022/02/18/skincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.170.235.198 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-170-235-198.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 2035793997a6f598ed64c2a9c8ee6c24815e0a0d9c03312a34b478f3604c4292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:26 GMT
last-modified: Mon, 20 Feb 2023 10:19:26 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 20 Feb 2023 10:20:26 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900019.redintelligence.net/ Frame 670C 7 KB
2 KB 31ms
11ms Document
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900019.redintelligence.net/request_content.php?s=72195800052981400951401012241019&a=56c94a80
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=yrsa821xsiee&nw=20&renderingType=javascript&namespace=d9a54e15a4&subid=&uid=d480d40c688e5a65&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D4AvAIeTf_CaTm67IZnXbGg%26exch_seat%3D20035004448%26mt_aid%3D5239390800277128970%26mt_id%3D6622327%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Da75763f3-492e-4301-8692-bdfe8e857453%26mt_cid%3Da75763f3-492e-4301-8692-bdfe8e857453%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCex-ELEnzY8yOK5GKwuIP_6i5sAXPh46bXMCG2YLGAsCNtwEQASAAYJWqn4KwB4IBF2NhLXB1Yi02NDEyMTE3NDY3MjI5NDM1yAEJqAMBqgTHAk_QHh6__LlzLDCh0j8JgY3_uHe69fB20GOCOgnjKL0gYYYm4WcpyIdZvLiBxwhqPw5MyAVN_pB23wM7Zu5obpeRliWtR_WzT8L7v1Ok9zua76xUgHKrYpAlmDK8XERKg3vG9K5wbupmAgJgpScqvj1q6vQL165R0ZaILJ6cGympTTbq3FoImmFEB_ClJ9mUO5XNA_i-v6PrC_debp0UsC8G0eNBrQFQeFls5On260MNL6FTsXIfbqmyxtTKwmlTbHhNC3LQASRQ34Ezxw6FAkBeDoLAPrv5xni28tPyNdjG4mcT7jF0IUYllTjNkfSwptUY3Ee_JnxTVRxWdkmoLRlHwfa8NnP9jEV0ajHfJ_pGtMUqD6nkDva9imbdCj6Sjpq_DMlnZQOMYl6KNnH-0XJZI2xsm6aoKFEnf_tf5XhEX3iCYQwtmoAGs-n1-N_MwLi5AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2DBy4aTVxWYPxZFD_EpaOxpwIb9A%2526client%253Dca-pub-6412117467229435%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6412117467229435%26output%3Dhtml%26h%3D600%26adk%3D1179306731%26adf%3D1549132715%26pi%3Dt.aa~a.1596287903~rp.4%26w%3D300%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1676888364%26rafmt%3D1%26to%3Dqs%26pwprc%3D2587445467%26format%3D300x600%26url%3Dhttps%253A%252F%252Fipsnews.net%252Fbusiness%252F2022%252F02%252F18%252Fskincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1676888364667%26bpp%3D1%26bdt%3D2339%26idt%3D1%26shv%3Dr20230215%26mjsv%3Dm202302130101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D5460bd5c3bda2a78-221d83ad9adc00cf%253AT%253D1676888363%253ART%253D1676888363%253AS%253DALNI_MaZLMxprwRiZhhZk5X87cTRlARTqg%26gpic%3DUID%253D00000bb946387853%253AT%253D1676888363%253ART%253D1676888363%253AS%253DALNI_MaL2MWypYb11FvhjfzgqGk5W_k9yA%26prev_fmts%3D0x0%252C1200x280%26nras%3D3%26correlator%3D6060893907471%26frm%3D20%26pv%3D1%26ga_vid%3D1560866945.1676888363%26ga_sid%3D1676888364%26ga_hid%3D694000192%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D990%26ady%3D1806%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44773810%252C44759842%252C44759875%252C44759926%252C31071755%252C44784142%26oid%3D2%26pvsid%3D4086973035108688%26tmod%3D1314617865%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26xpc%3DuxHKYaOSbe%26p%3Dhttps%253A%2F%2Fipsnews.net%26dtd%3D6&ancestorOrigins=null&random=8495327138074&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 9481440d9c6d03e260022481a803388276eb8d43d49ad25b00b328280d9c5f49

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2043
Content-Type: text/html; charset=utf-8
Date: Mon, 20 Feb 2023 10:19:26 GMT
Expires: Mon, 20 Feb 2023 10:19:26 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame ABEA
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=72195800052981400951401012241019
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=72195800052981400951401012241019
https://ad-server.eu/wm/pb/native.png

68 B
312 B

174ms
32ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=600&adk=1179306731&adf=1549132715&pi=t.aa~a.1596287903~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1676888364&rafmt=1&to=qs&pwprc=2587445467&format=300x600&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F02%2F18%2Fskincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676888364667&bpp=1&bdt=2339&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5460bd5c3bda2a78-221d83ad9adc00cf%3AT%3D1676888363%3ART%3D1676888363%3AS%3DALNI_MaZLMxprwRiZhhZk5X87cTRlARTqg&gpic=UID%3D00000bb946387853%3AT%3D1676888363%3ART%3D1676888363%3AS%3DALNI_MaL2MWypYb11FvhjfzgqGk5W_k9yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6060893907471&frm=20&pv=1&ga_vid=1560866945.1676888363&ga_sid=1676888364&ga_hid=694000192&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=1806&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C31071755%2C44784142&oid=2&pvsid=4086973035108688&tmod=1314617865&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=uxHKYaOSbe&p=https%3A//ipsnews.net&dtd=6
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:22:11 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Mon, 20 Feb 2023 10:19:26 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 50FF0ACA:D5C0_91EFC182:01BB_63F3492E_2C24B1E:C02B
X-IPLB-Instance: 40028
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1

200
OK

inv.gif
img.tradedoubler.com/images/ Frame ABEA
Redirect Chain

https://impfr.tradedoubler.com/imp?type(inv)g(24495172)a(1565155)epi(72195800052981400951401012241019)468512780
https://img.tradedoubler.com/images/inv.gif

43 B
693 B

63ms
12ms

Image
image/gif

65.9.66.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.tradedoubler.com/images/inv.gif

Requested by

Protocol

HTTP/1.1

Server

65.9.66.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-65.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15552000; includeSubDomains
Date: Sat, 18 Feb 2023 14:37:14 GMT
Via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA56-C1
Age: 157333
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 19 Nov 2004 15:35:04 GMT
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Accept-Ranges: bytes
X-Amz-Cf-Id: WbHidXAn2X9L-jc66hNBPbFEakES8d2oZvvTvdAfyhsnzxC6-LO7_Q==

Redirect headers

pragma: no-cache
date: Mon, 20 Feb 2023 10:19:26 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
location: https://img.tradedoubler.com/images/inv.gif
access-control-allow-origin: *
content-type: text/html; charset=ISO-8859-1
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BE91 1 KB
643 B 11ms
10ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 46488
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Feb 2023 21:24:38 GMT
etag: 48472445140208031
expires: Mon, 20 Feb 2023 21:24:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame ABEA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1669f7eb7834b64e396fc8fac7706d192b69f5ac0a839139e006e931aa98b43

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 670C 4 KB
651 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=72195800052981400951401012241019&a=56c94a80

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 10:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 08:24:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Feb 2023 10:19:26 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 670C 83 KB
83 KB 38ms
15ms Image
image/png 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/23333/creativesup/WW-Native-1200x627.jpeg
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=72195800052981400951401012241019&a=56c94a80
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b7d1db95e2e74f47d60292d02472a20cb2b42d706bc997a50eeb677c1a1260

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 670C 81 KB
81 KB 37ms
14ms Image
image/png 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=72195800052981400951401012241019&a=56c94a80
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: c93aa9d35fbd377dc918fabac47f34928131a940e443b94a837af143ebd5acb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 670C 100 KB
100 KB 37ms
14ms Image
image/png 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=72195800052981400951401012241019&a=56c94a80
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 35c516b3252460dd6cd7df377c27f60e2f9a3534c27fd623fd074191f0f254db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame BE91 0
104 B 375ms
276ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFsuzWUdpeeRVIx2uW_k--I&google_cver=1&google_push=Aa02lx-CQnhRjBB41IA7gooesD1CqpLzh76_K7210F0wRYMGJdsDG8EdlSEYNrFTZ-b3HTGv0nH6tVWkQ8-Q0xADGToclZf4fxtTwyk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=600&adk=1179306731&adf=1549132715&pi=t.aa~a.1596287903~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1676888364&rafmt=1&to=qs&pwprc=2587445467&format=300x600&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F02%2F18%2Fskincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676888364667&bpp=1&bdt=2339&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5460bd5c3bda2a78-221d83ad9adc00cf%3AT%3D1676888363%3ART%3D1676888363%3AS%3DALNI_MaZLMxprwRiZhhZk5X87cTRlARTqg&gpic=UID%3D00000bb946387853%3AT%3D1676888363%3ART%3D1676888363%3AS%3DALNI_MaL2MWypYb11FvhjfzgqGk5W_k9yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6060893907471&frm=20&pv=1&ga_vid=1560866945.1676888363&ga_sid=1676888364&ga_hid=694000192&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=1806&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C31071755%2C44784142&oid=2&pvsid=4086973035108688&tmod=1314617865&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=uxHKYaOSbe&p=https%3A//ipsnews.net&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 10:19:26 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BE91
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK2F1_eA6WV9zAx6OnzlGB0&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEK2F1_eA6WV9zAx6OnzlGB0&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MnJWWlVuSlAxUHUzZ3k1&google_gid=CAESEK2F1_eA6WV9zAx6OnzlGB0&google_cver=1&google_push=Aa02lx8V3XQpmZe4WLcjbhYWTvudMEqrwEcG_kHAFSeqI7N...

170 B
232 B

23ms
22ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MnJWWlVuSlAxUHUzZ3k1&google_gid=CAESEK2F1_eA6WV9zAx6OnzlGB0&google_cver=1&google_push=Aa02lx8V3XQpmZe4WLcjbhYWTvudMEqrwEcG_kHAFSeqI7NQqpit9DrMhzJuN_juA9Qn0FsBKJLEZ4YYGr8NVQopPad35C6cGmRO-5c

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 10:19:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 20 Feb 2023 10:19:26 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/d601d38#rel-ec2-master i-05a89a035fd5ddeba@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MnJWWlVuSlAxUHUzZ3k1&google_gid=CAESEK2F1_eA6WV9zAx6OnzlGB0&google_cver=1&google_push=Aa02lx8V3XQpmZe4WLcjbhYWTvudMEqrwEcG_kHAFSeqI7NQqpit9DrMhzJuN_juA9Qn0FsBKJLEZ4YYGr8NVQopPad35C6cGmRO-5c
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame BE91 70 B
265 B 126ms
43ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAIy4WjRSIJjHY3857TkgOI&google_cver=1&google_push=Aa02lx-QlbYmoKRqO877E8bcRjnwHXUF_z2tQxnX7bq2QZJFChqZ8mE3kyc9l0tZg-4B7kgL9PsAeRkwQaJ0YuE7nQKXY6fKc88K0Ls
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=600&adk=1179306731&adf=1549132715&pi=t.aa~a.1596287903~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1676888364&rafmt=1&to=qs&pwprc=2587445467&format=300x600&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F02%2F18%2Fskincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676888364667&bpp=1&bdt=2339&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5460bd5c3bda2a78-221d83ad9adc00cf%3AT%3D1676888363%3ART%3D1676888363%3AS%3DALNI_MaZLMxprwRiZhhZk5X87cTRlARTqg&gpic=UID%3D00000bb946387853%3AT%3D1676888363%3ART%3D1676888363%3AS%3DALNI_MaL2MWypYb11FvhjfzgqGk5W_k9yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6060893907471&frm=20&pv=1&ga_vid=1560866945.1676888363&ga_sid=1676888364&ga_hid=694000192&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=1806&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C31071755%2C44784142&oid=2&pvsid=4086973035108688&tmod=1314617865&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=uxHKYaOSbe&p=https%3A//ipsnews.net&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 20 Feb 2023 10:19:26 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BE91
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECiKOkC3y5ON0dJ3-Z2wNGo&google_cver=1&google_push=Aa02lx9PhJKCi-wYoFS_TqwK3LvyyiLt3210o9VtJmKLZia6ao-kCuobxvvdizAZCWOAyCobJJe04geaC_TVGt...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMjE4MDY5MTAyMjUxMDIxOQ%3D%3D&google_push=Aa02lx9PhJKCi-wYoFS_TqwK3LvyyiLt3210o9VtJmKLZia6ao-kCuobxvvdizAZCWOAyCobJJe04geaC_TVGtkXaN...

170 B
232 B

22ms
22ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMjE4MDY5MTAyMjUxMDIxOQ%3D%3D&google_push=Aa02lx9PhJKCi-wYoFS_TqwK3LvyyiLt3210o9VtJmKLZia6ao-kCuobxvvdizAZCWOAyCobJJe04geaC_TVGtkXaNtRzYcW3Fvxag

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 10:19:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIwMjE4MDY5MTAyMjUxMDIxOQ%3D%3D&google_push=Aa02lx9PhJKCi-wYoFS_TqwK3LvyyiLt3210o9VtJmKLZia6ao-kCuobxvvdizAZCWOAyCobJJe04geaC_TVGtkXaNtRzYcW3Fvxag
Date: Mon, 20 Feb 2023 10:19:26 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BE91
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESENT6otq3toHUlyxsZ9PlLr4&google_cver=1&google_push=Aa02lx8bXpFqzSOQRd6Mzq6sjatT507DG_OiCEVAQvP8OSs8F5h-DUpeJZtAQe3hp_aKl3asF8BtxFBxdOr0neFm...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=tYWmIIhnRdGmSN49q4OODw2&google_push=Aa02lx8bXpFqzSOQRd6Mzq6sjatT507DG_OiCEVAQvP8OSs8F5h-DUpeJZtAQe3hp_aKl3asF8BtxFBxdOr0neFmZbj_nkXhzYLI2FU

170 B
329 B

22ms
21ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=tYWmIIhnRdGmSN49q4OODw2&google_push=Aa02lx8bXpFqzSOQRd6Mzq6sjatT507DG_OiCEVAQvP8OSs8F5h-DUpeJZtAQe3hp_aKl3asF8BtxFBxdOr0neFmZbj_nkXhzYLI2FU

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 10:19:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 20 Feb 2023 10:19:26 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=tYWmIIhnRdGmSN49q4OODw2&google_push=Aa02lx8bXpFqzSOQRd6Mzq6sjatT507DG_OiCEVAQvP8OSs8F5h-DUpeJZtAQe3hp_aKl3asF8BtxFBxdOr0neFmZbj_nkXhzYLI2FU
x-host: tde-deliveryengine-production-cdcfc8b9-df559
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BE91
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEE9WWEUlU82BfV2T-aCgU7c&google_cver=1&google_push=Aa02lx-Kcu5d_kQh95t5YsFA_lxnKW5p2BOAypZXamCVaUCzIKFaKlToSm4zcGeLXReS36h4mVo7QDZJhrij7pZ5...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx-Kcu5d_kQh95t5YsFA_lxnKW5p2BOAypZXamCVaUCzIKFaKlToSm4zcGeLXReS36h4mVo7QDZJhrij7pZ5J6WN5IDeJyaR-tI

170 B
232 B

21ms
21ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx-Kcu5d_kQh95t5YsFA_lxnKW5p2BOAypZXamCVaUCzIKFaKlToSm4zcGeLXReS36h4mVo7QDZJhrij7pZ5J6WN5IDeJyaR-tI

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 10:19:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 20 Feb 2023 10:19:26 GMT
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: GeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx-Kcu5d_kQh95t5YsFA_lxnKW5p2BOAypZXamCVaUCzIKFaKlToSm4zcGeLXReS36h4mVo7QDZJhrij7pZ5J6WN5IDeJyaR-tI
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: vq9CuHYXNKazID4KMxfKPMUoMWiIECQxnpkDefjXpGzXC1XlpDAI0Q==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BE91
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBrzoxINA_LAAJwyDqHBXzg&google_cver=1&google_push=Aa02lx_ePqLhqMM_5...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEBrzoxINA_LAAJwyDqHBXzg%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjMyMzYyNTgwMzc4NDg1MzM2NQ%3D%3D&google_gid=CAESEBrzoxINA_LAAJwyDqHBXzg&google_cver=1&google_push=Aa02lx_ePqLhqMM_5fGPcMQrEYfGNiSveM...

170 B
232 B

20ms
20ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjMyMzYyNTgwMzc4NDg1MzM2NQ%3D%3D&google_gid=CAESEBrzoxINA_LAAJwyDqHBXzg&google_cver=1&google_push=Aa02lx_ePqLhqMM_5fGPcMQrEYfGNiSveMb9WWv20-zAu13az260N4WmnTDPXZeCdpt5_FULA_Ji3ABkvtZSMaEj9XHIP7T5itQ_Qukc

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Feb 2023 10:19:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 20 Feb 2023 10:19:26 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.10.202; 80.255.10.202; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 0ee7f9e5-27db-4995-8387-fab035e22ad3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjMyMzYyNTgwMzc4NDg1MzM2NQ%3D%3D&google_gid=CAESEBrzoxINA_LAAJwyDqHBXzg&google_cver=1&google_push=Aa02lx_ePqLhqMM_5fGPcMQrEYfGNiSveMb9WWv20-zAu13az260N4WmnTDPXZeCdpt5_FULA_Ji3ABkvtZSMaEj9XHIP7T5itQ_Qukc
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame BE91 0
130 B 71ms
20ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IScoosmn37jIaZ8USEonS8OVfDdb5iE_jEobRA1xvmBWR1aYl8PyiSLMD-NzK7ilcI6pPRNw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame B38E 103 KB
40 KB 56ms
56ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95edea5a12f3a6a46a2ae6f6f2223eb289c9323375732ada340ffc8ca600916d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40781
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Feb 2023 10:19:26 GMT

GET
H/1.1 200
OK viewability Show response
hal900019.redintelligence.net/ Frame 670C 0
150 B 39ms
14ms Script
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900019.redintelligence.net/viewability?s=72195800052981400951401012241019&a=1e892525&vb=m
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=72195800052981400951401012241019&a=56c94a80
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/request_content.php?s=72195800052981400951401012241019&a=56c94a80
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Mon, 20 Feb 2023 10:19:26 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 670C 13 KB
13 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900019.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 15:41:23 GMT
x-content-type-options: nosniff
age: 326283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 15:41:23 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 670C 13 KB
13 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900019.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 00:28:56 GMT
x-content-type-options: nosniff
age: 381030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 00:28:56 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame ABEA 85 KB
31 KB 58ms
11ms Script
application/javascript 65.9.66.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=72195800052981400951401012241019&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-92.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:03:05 GMT
content-encoding: gzip
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 11782
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: xago0FWGI0cjcpduf3xYInjkwVKzYMZZI8bYfPbVNLgIdYBTX1Vbpw==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame ABEA 85 B
437 B 48ms
10ms Image
image/gif 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1676888666&Signature=ZJrFj6k7Nia5IzAhwI955iTuQv6uKBsW6XEVbnAJ8LmWw9Tq-233Oi5wE28aSe4SyChQydLOM570IYyW5TKqhP57czuo8ZnycLJqyRMKmEN74N1mv6pMMHZHz0xl-3Lg9CPVNDHeRx4jx3WWnf5zfEoTXaqT4B67WrFvFsCxGWtnpwty0DJiqcJawejpy5t-8rupaHJH-YuHSskhr1MdiE16PbkZHMhh7MsjY1E6QqMDxpMp9TwU4u2kfXz2NW5eebpeY~SUrOtNjCnnGq4nahKf0RNhmdqritOBaEjToiH37UgMqPKbCstQ4LVjPITCeguOFIDWVarpuR8EGkvp-Q__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6412117467229435&output=html&h=600&adk=1179306731&adf=1549132715&pi=t.aa~a.1596287903~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1676888364&rafmt=1&to=qs&pwprc=2587445467&format=300x600&url=https%3A%2F%2Fipsnews.net%2Fbusiness%2F2022%2F02%2F18%2Fskincell-advanced-reviews-works-on-moles-skin-tags-anywhere-on-your-body%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676888364667&bpp=1&bdt=2339&idt=1&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5460bd5c3bda2a78-221d83ad9adc00cf%3AT%3D1676888363%3ART%3D1676888363%3AS%3DALNI_MaZLMxprwRiZhhZk5X87cTRlARTqg&gpic=UID%3D00000bb946387853%3AT%3D1676888363%3ART%3D1676888363%3AS%3DALNI_MaL2MWypYb11FvhjfzgqGk5W_k9yA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6060893907471&frm=20&pv=1&ga_vid=1560866945.1676888363&ga_sid=1676888364&ga_hid=694000192&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=990&ady=1806&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C31071755%2C44784142&oid=2&pvsid=4086973035108688&tmod=1314617865&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=uxHKYaOSbe&p=https%3A//ipsnews.net&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-59.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 20 Feb 2023 10:10:31 GMT
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 536
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: PjQVfdoIT-QB3nbkRRC2JlK7rwk8QgYX8ALeqw88tTbk56h0WRj03A==

GET
H2 200 dmedianet.js Show response
contextual.media.net/ 368 B
551 B 26ms
26ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/dmedianet.js?cid=8CU3E02MG

Requested by

Host: ipsnews.net
URL: https://ipsnews.net/business/wp-content/plugins/media-net-ads-manager/js/medianetAdInjector.js?ver=2.10.13

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

f622ffe277936d272b6550fdc08ff27b9a3d6def08d334662c102e1b0a0b9021

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-mnt-h: 22-pmnp
strict-transport-security: max-age=31536000
date: Mon, 20 Feb 2023 10:19:26 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
content-length: 368
expires: Mon, 20 Feb 2023 10:24:26 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 59ms
59ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230215&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3a661f48d302b55bf0ca0e979d4b51a5d9f2a6c6585ddba997e94e990502134

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11239
x-xss-protection: 0

GET
H/1.1 200
OK flping.php
lg3.media.net/ 35 B
338 B 226ms
226ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/flping.php?reason=0&action=16&pid=8PO189A13&gdpr=1&cid=8CU3E02MG&crid=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=21600
Date: Mon, 20 Feb 2023 10:19:26 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Mon, 20 Feb 2023 10:19:26 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 10:19:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5E7D 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ipsnews.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 10:05:32 GMT
expires: Tue, 20 Feb 2024 10:05:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6FB0 783 B
535 B 20ms
20ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

71ed2aba0f5706a05de204b21aca91c81a10c1e42674a6bbc3a4b0d3099179fe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ry8AIA6sWICKJpbX1l5E8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ipsnews.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Ry8AIA6sWICKJpbX1l5E8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 10:19:26 GMT
expires: Mon, 20 Feb 2023 10:19:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E7D 36 KB
14 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 21:08:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 220283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 21:08:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6FB0 0
0 47ms
47ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230215&jk=4086973035108688&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5E7D 0
10 B 9ms
9ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jRtmcA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 10:19:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame ABEA 16 B
232 B 79ms
78ms Fetch
application/json 35.178.57.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.178.57.200 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-178-57-200.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Feb 2023 10:19:27 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 98ms
26ms Preflight 35.178.57.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.178.57.200 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-178-57-200.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 20 Feb 2023 10:19:27 GMT
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
46ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230215&jk=4086973035108688&bg=!JiWlJXHNAAZYlHKzeJQ7ADkAdvg8WlUJ7s1azvyXcrtY-lG-wlD4_mXFPWLTzAdnnwdiNW6_oZaSjssQfFoS1YyLSu_0FYIEBeECAAAAP1IAAAACaAEHmQKRdX8HFrSotbv4XvecOa8WtpnwXRVUDlTjOv33q-0ZMwxjQCvIp4waey_w3hnpx8G-x9q5XkO-EMktT_fsY_Eck_ibkMcxO4PuM537EmzuUztXU1dawEEunViqYARKDyLLWxxeQHTGrDrKAV9U0QjsJDNjxwJPb1zvU20B_dkOtrQ3Lny3XgYYwVxee9NIwB_w-cVjQKCnLyEjJ2SOsUsELP9Ww2vmI70capex5W95BHl5vEeyuQHqtX3C3HH4sEvLydJNbHF35gRGQz8o2-wu0uMnC6yN4Q4QFVrY3D1YB26_lwplXVEUZFX_miKV7Vh2Da4BYti4z5BfmBdKHd4Rd2-u2FZFiVQJLZXw7gVEYJjXIbhVIAYTm5NlSv3Rtjej4u53s_9bIBHmZCDCt5WOUfVahb6j4E-7yo_24FhkXv2uQKGoAAcRVFwmdDrUguLtXTAWmMWiznwcJVEFdY-GT3KLQ3xrt13jr-2cA_iOpoHpzAq2-qC6e4agW4AK5mg0SvjrO1Q00sbpzKrxsVFd_andp9SxKVuR33o900TWWbhfI0rPmH1nXdpUlvTqc1TfcjaGfMUA9UWq2Si997V2jcZEpNVZEbkDKW19xq0yhATCNRJksbyzF_C7ROU25W54K-1XZt6rZI6U0Z2DNW27IBRX7YINpGp_GuJC-IQ9AfAj8CJz71UHDbdWQeVgrPYJHm7Gf4Wt3mBKyO_rRzEv5gPNmHcRLvf9bqC5lKQnhqNznSxSTmDkdxU7yGbwkbyL_fM-cqPYJZaEXVI1DlgxHBLSWu7p0C08PfeysRig4nlvKajzViJAT5oeglitrwkKl-3DgxDKN8fWefxF1s7cTBUmpBlqCYDDhB3BRqtTvoRS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ipsnews.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ipsnews.net/	1970-01-20 19:24:08	Name: _ga Value: GA1.2.1560866945.1676888363
.ipsnews.net/	1970-01-20 09:49:34	Name: _gid Value: GA1.2.1412850094.1676888363
.ipsnews.net/	1970-01-20 09:48:08	Name: _gat_gtag_UA_361073_1 Value: 1
.ipsnews.net/	1970-01-20 19:09:44	Name: __gads Value: ID=5460bd5c3bda2a78-221d83ad9adc00cf:T=1676888363:RT=1676888363:S=ALNI_MaZLMxprwRiZhhZk5X87cTRlARTqg
.ipsnews.net/	1970-01-20 19:09:44	Name: __gpi Value: UID=00000bb946387853:T=1676888363:RT=1676888363:S=ALNI_MaL2MWypYb11FvhjfzgqGk5W_k9yA
.w.ad.style/	1970-01-20 18:33:44	Name: __session Value: 92d743a4-9a59-4372-936c-bbf7aeda6abf
.ipsnews.net/	1970-01-20 09:48:08	Name: _gat_asTrack Value: 1
.w.ad.style/	1970-01-20 18:33:44	Name: __vid Value: [11460,11440]
.doubleclick.net/	1970-01-20 19:09:44	Name: IDE Value: AHWqTUnC7lG1gjj-BmhYDGQGgdK95mul1pls2gEuOMRnIGDiX9ZsKSkIGJn6TfQGaKQ
.mathtag.com/	1970-01-20 18:33:44	Name: uuid Value: a75763f3-492e-4301-8692-bdfe8e857453
.tradedoubler.com/	1970-01-20 18:33:44	Name: BT Value: 1z11zzygz1LSB70zdiWFE3KzzGx1y2x1yIx1y3x1yJx1yKx1y5x1y6x1y8x1yAx1yBx1yDx1z9ydiWFE3K
.tradedoubler.com/	1970-01-20 18:33:44	Name: PI Value: 1z11z1zygz2V05T0z7ab3y1y21FmOy1FRDyyy7WPTyvUky2KMo2gyyEm3TL%7aqddiU_qSpqgQ3OtRCXZSKFqEHS8AdTgMMimf.G1tsOW09Xg6IDy
.tradedoubler.com/	1970-01-20 18:33:44	Name: UI Value: 1z11zzygz2FuEVxztbDyOHlJ
.travelaudience.com/	1970-01-20 19:15:29	Name: _tracker Value: %7B%22UUID%22%3A%22B585A620-8867-45D1-A648-DE3DAB838E0F%22%7D
.adfarm1.adition.com/	1970-01-20 11:57:44	Name: UserID1 Value: 7202180691022510219
.adnxs.com/	1970-01-20 11:57:44	Name: uuid2 Value: 6323625803784853365
.w55c.net/	1970-01-20 19:15:29	Name: wfivefivec Value: 2rVZUnJP1Pu3gy5
.w55c.net/	1970-01-20 10:31:20	Name: matchgoogle Value: 5
.office-partner.de/	1970-01-20 19:24:08	Name: source Value: {"webgains_webgains":{"timestamp":1676888366416,"clickCookie":false}}
pb.media01.eu/	1970-01-20 19:24:08	Name: DTU Value: B6633D51AAFFE3227D854F9629DAEE35

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://widgets.ad.style/native.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network	error	URL: https://ipsnoticias.net/wp-content/themes/ips-spa/images/tria.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-server.eu
ads.travelaudience.com
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
api.webgains.io
cdn.track.production.webgains.team
cm.g.doubleclick.net
contextual.media.net
dclk-match.dotomi.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900019.redintelligence.net
img.tradedoubler.com
impfr.tradedoubler.com
ipsnews.net
ipsnoticias.net
lg3.media.net
match.adsrvr.org
medialead.de
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pixel.mathtag.com
pm.w55c.net
pubtagmanager.com
pv.medialead.de
s.ad.smaato.net
secure.adnxs.com
stats.g.doubleclick.net
submission.icrowdmarketing.com
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
w.ad.style
widgets.ad.style
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.238.96.173
108.61.221.118
142.250.185.194
145.239.193.130
15.197.193.217
18.158.98.109
18.170.235.198
18.66.147.59
185.29.134.249
185.89.210.244
2.18.233.201
2.18.235.93
23.35.228.23
2600:9000:211e:9600:1b:5138:8a40:93a1
2a00:1450:4001:801::200e
2a00:1450:4001:806::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2004
2a00:1450:4001:813::2001
2a00:1450:4001:813::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9d
2a00:1450:400d:80e::2008
2a02:fa8:8806:16::1400
2a0b:4d07:101::1
35.178.57.200
35.186.231.97
35.190.0.66
45.76.86.183
52.29.201.72
54.76.176.197
65.9.66.65
65.9.66.92
67.43.4.144
78.46.90.238
85.114.159.93
88.198.250.30
94.23.99.218
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05ae69a564e36859e369678d38487fce694d028307f0c8005094d52167299bf2
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0a91586ae4581c86dbb39bfe483016cf70ee6f3a4eb550ece030b0201afb337a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2b745987b327b9046eb8d6702bebe53b15faa259d1b204081eaa50f17dcf67
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
0ead49ad1520351760f2ec83f11a4c74bc9195507839d0424f57d93c46108a30
13c8cd3ee3731639ce2a7bd6781092f966284d3b56d33e6004a746d624f3ba17
186c40d06fc13830497a7b9f42bc14538c1b7fa0b98560c7911e6e1a935f769d
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
2035793997a6f598ed64c2a9c8ee6c24815e0a0d9c03312a34b478f3604c4292
26fd070a5d778fe1c492d47816820e18ae9231a1d3dfbb6ff0a3cfdbc8d6050b
2ba1f5e940f91cda0982499c2a45bae9a7b1f467d3080602cd4cfa788cc9ab23
2dea5814e424918a690c6444c8a9f56c9235a70410b2737ba72cbc1c525a6799
2df02a02250e96554e49afca1304697dd268807ba584ee38985f2ddaebfd3c68
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35c516b3252460dd6cd7df377c27f60e2f9a3534c27fd623fd074191f0f254db
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
37d925559381e9d5388c4a096fe1383570546b7b11548d7d6a7e560adcc24e5d
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
53cafeaf21e6e7669677f12db699d1c7b4119d56343424f4759b1d53eaae5a7a
549061b138386092a937ee711d1177b298830092e29c5b744861474c9de52804
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cd8a308ebb12d22ac932b76b2c83be0d40f3ab13a8f2277cad57fd7a9179fc4
6e7e189ebe37d04aee011760c4f4a7616c0d0d75e6759c4e4131210e7ba87d98
6f782c13509bdd9c6786af7b42d09e54aee58f59244d04ceb478793805bc6bd2
6fde76d30ab103f378ab38f8ec06c0d4d0482c14037fdf28c0dabdc3d30acd8f
71ed2aba0f5706a05de204b21aca91c81a10c1e42674a6bbc3a4b0d3099179fe
7354479cec3ad5dacddddeed5147dacfccf3a12c38432f12c98996bf6b3df1f4
740cb53532e536c1c7a90cbb037a9a002d2126b34bed1d6d3722b52d2bfe11b7
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
886fb2df93f19ef5677309f81c29eec12883fb35013a1e02bffac0dfa93778c7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f2394a0836ddf343367655f956e01ae7bbb6a943b0a00f5d40048d2abc1b75e
8fa341d3a7ec203a98bf18581f1a15b31b9921cdeb0b520dfb57e0af6ac0ac84
92980b57eb031cfd51ca910c4d21d80f43a662661817cd21909451a897ff8fb5
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
9481440d9c6d03e260022481a803388276eb8d43d49ad25b00b328280d9c5f49
95edea5a12f3a6a46a2ae6f6f2223eb289c9323375732ada340ffc8ca600916d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9df561e7918c0e768da049563e04ea3889250ce203da97390c5a481a831a3cdd
a1669f7eb7834b64e396fc8fac7706d192b69f5ac0a839139e006e931aa98b43
a26726de7e10c625f170259a3a8516eecb07abf6ec74fb79331a39a9992e0d50
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a66979b4409926b6924397ba18c5f9aae035c63afd3540beca4d343dee2750e3
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
ab33f09b12a7477e8d5a19fbf9d77f172c14a4e31b4a41fbb76764b2944d27c0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0357d741a09a372e5c765f1d6a80ee4e74f41e90ae4f41c746d1ea23464bd34
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2375469f1fed94d6462d91196ee40bb1bbe0be545bad7c39af459c73d542736
b260d056edb6c39eeeed00ffc7bccded9160bb9c1f03c62d77a99181ae88a08b
bab73ae419115b088718ddb96163e9d3020362ecc8d140cf357dbcccb72969d6
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c4b061664ceb42372c8cfc5af699a6b2a81a698115b41ea72c0b1a70419954eb
c715ef2fb6809b2cdc66809f96d702f21e34b29e152108c88bd068f644d32d29
c93aa9d35fbd377dc918fabac47f34928131a940e443b94a837af143ebd5acb8
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cdc2d5f13b61543ed19e2b453894fbcc857f171ca074ddb7bff40b6ad4d8ea0c
db5d34266f8c9536b72268057df2c6b249ab732eaa471579b19df531704b9450
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e14ff3e75a1030bfcc4f49ce62a2036c3f239b81339024d1745b581ca4e76b35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b7d1db95e2e74f47d60292d02472a20cb2b42d706bc997a50eeb677c1a1260
e423e7e6b9e3e8ee687307722bff9b8998886d106f8d951f116f1bac5eef85af
e530a837dd1f7cdef4f0662bd9bf2bcb4ebb6e13d633932bf1bb1b04304092cf
ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f13e29f46354f69526cc2e8c236253dccc816dc614b25610449470c99a27bbbc
f3a661f48d302b55bf0ca0e979d4b51a5d9f2a6c6585ddba997e94e990502134
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f622ffe277936d272b6550fdc08ff27b9a3d6def08d334662c102e1b0a0b9021

ipsnews.net Open in urlscan Pro 67.43.4.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

94 %HTTPS

40 %IPv6

33 Domains

46 Subdomains

36 IPs

8 Countries

1791 kBTransfer

3018 kBSize

20 Cookies

24 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ipsnews.net Open in urlscan Pro
67.43.4.144 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

94 %
HTTPS

40 %
IPv6

33
Domains

46
Subdomains

36
IPs

8
Countries

1791 kB
Transfer

3018 kB
Size

20
Cookies

126 HTTP transactions
1 data transactions