www.sunnewsonline.com Open in urlscan Pro
2606:4700:3038::6815:ea95 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.sunnewsonline.com/
Effective URL:
https://www.sunnewsonline.com/
Submission: On December 13 via api (December 13th 2021, 7:08:10 pm UTC) from US — Scanned from DE

Summary HTTP 1196 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 86 IPs in 14 countries across 84 domains to perform 1196 HTTP transactions. The main IP is 2606:4700:3038::6815:ea95, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.sunnewsonline.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 29th 2021. Valid for: a year.

This is the only time www.sunnewsonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
48 151	2606:4700:303... 2606:4700:3038::6815:ea95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	3.129.250.65 3.129.250.65	16509 (AMAZON-02) (AMAZON-02)
50	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700:20:... 2606:4700:20::681a:17e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
10	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:7c60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
68	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1 110	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
7	2606:4700:303... 2606:4700:3033::ac43:de92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3031::ac43:b662	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
54	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
16	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
18 62	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
16	54.39.16.115 54.39.16.115	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
19	146.20.132.68 146.20.132.68	27357 (RACKSPACE) (RACKSPACE)
37	146.20.132.112 146.20.132.112	27357 (RACKSPACE) (RACKSPACE)
8 8	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
5	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2 47	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
76	146.20.132.63 146.20.132.63	27357 (RACKSPACE) (RACKSPACE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2 2	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
2	3.122.131.186 3.122.131.186	16509 (AMAZON-02) (AMAZON-02)
7 7	18.197.219.57 18.197.219.57	16509 (AMAZON-02) (AMAZON-02)
2 2	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	99.83.189.147 99.83.189.147	16509 (AMAZON-02) (AMAZON-02)
1	222.230.178.131 222.230.178.131	2519 (VECTANT A...) (VECTANT ARTERIA Networks Corporation)
3 7	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
63	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
12	37.157.2.239 37.157.2.239	198622 (ADFORM) (ADFORM)
96	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
22	35.157.205.242 35.157.205.242	16509 (AMAZON-02) (AMAZON-02)
8 58	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 14	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	51.77.119.11 51.77.119.11	16276 (OVH) (OVH)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
10	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4 6	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
6	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
8 13	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6 6	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2a05:d01c:1d8... 2a05:d01c:1d8:8101:fca3:6f47:214a:2d54	16509 (AMAZON-02) (AMAZON-02)
4 4	217.182.200.29 217.182.200.29	16276 (OVH) (OVH)
6 9	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
3	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
19	185.64.190.75 185.64.190.75	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
3 3	213.155.156.165 213.155.156.165	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
4	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
12	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 4	169.50.137.182 169.50.137.182	36351 (SOFTLAYER) (SOFTLAYER)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
2 2	72.251.244.141 72.251.244.141	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
5 5	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
12	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
3 3	54.73.238.193 54.73.238.193	16509 (AMAZON-02) (AMAZON-02)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	18.196.159.27 18.196.159.27	16509 (AMAZON-02) (AMAZON-02)
1	82.113.101.236 82.113.101.236	6805 (TDDE-ASN1) (TDDE-ASN1)
6	52.46.154.242 52.46.154.242	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:21c... 2600:9000:21c7:2400:15:6f6c:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.190.87 185.64.190.87	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 2	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a05:d018:d29... 2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6	16509 (AMAZON-02) (AMAZON-02)
2 2	52.214.235.66 52.214.235.66	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	23.88.75.189 23.88.75.189	24940 (HETZNER-AS) (HETZNER-AS)
1 1	34.194.7.56 34.194.7.56	14618 (AMAZON-AES) (AMAZON-AES)
1 1	87.98.228.78 87.98.228.78	16276 (OVH) (OVH)
1	173.231.180.197 173.231.180.197	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	2606:4700:303... 2606:4700:3039::6815:c087	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
1 1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
1	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2 2	35.227.208.19 35.227.208.19	15169 (GOOGLE) (GOOGLE)
1	35.201.81.244 35.201.81.244	15169 (GOOGLE) (GOOGLE)
1 1	178.62.202.251 178.62.202.251	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.102.253.54 34.102.253.54	15169 (GOOGLE) (GOOGLE)
1 1	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.251.173.19 34.251.173.19	16509 (AMAZON-02) (AMAZON-02)
6	3.20.211.8 3.20.211.8	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
2 3	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	38.91.45.7 38.91.45.7	398989 (DEEPINTENT) (DEEPINTENT)
1 1	18.196.197.61 18.196.197.61	16509 (AMAZON-02) (AMAZON-02)
1	38.27.122.126 38.27.122.126	174 (COGENT-174) (COGENT-174)
1 1	3.227.93.166 3.227.93.166	14618 (AMAZON-AES) (AMAZON-AES)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
10	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 1	188.34.152.202 188.34.152.202	24940 (HETZNER-AS) (HETZNER-AS)
1 1	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	35.244.210.213 35.244.210.213	15169 (GOOGLE) (GOOGLE)
1196	86

151 2606:4700:3038::6815:ea95 (United States) 48 redirects

ASN13335 (CLOUDFLARENET, US)

www.sunnewsonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sunnewsonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:17e (United States)

ASN13335 (CLOUDFLARENET, US)

increaserev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secureads.increaserev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

tpcf.feedify.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.feedify.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7c60 (United States)

ASN13335 (CLOUDFLARENET, US)

www.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

68 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

110 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3033::ac43:de92 (United States)

ASN13335 (CLOUDFLARENET, US)

a.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
banner.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:b662 (United States)

ASN13335 (CLOUDFLARENET, US)

feedify.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

ad.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 2.18.234.233 (Frankfurt am Main, Germany) 18 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 54.39.16.115 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns555277.ip-54-39-16.net

analytics.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 146.20.132.68 (United States)

ASN27357 (RACKSPACE, US)

v.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 146.20.132.112 (United States)

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:112:f002:bbbb::21 (United States) 8 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

76 146.20.132.63 (United States)

ASN27357 (RACKSPACE, US)

t.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.149 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.131.186 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-131-186.eu-central-1.compute.amazonaws.com

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.197.219.57 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-219-57.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.244 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.189.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae6a0aaac8071ff4b.awsglobalaccelerator.com

stg.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 222.230.178.131 (Obihiro, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)

js.genieessp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

63 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

96 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aktrack.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 35.157.205.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-205-242.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 142.250.184.226 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.33.221.90 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.119.11 (France)

ASN16276 (OVH, FR)
PTR: ns31094366.ip-51-77-119.eu

vhs.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 4 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 198.47.127.19 (United States) 8 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 8.39.36.142 (United States) 6 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8101:fca3:6f47:214a:2d54 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.182.200.29 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: gcm7.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.94.180.125 (Amsterdam, Netherlands) 6 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

vid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.242 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.165 (Uppsala, Sweden) 3 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 169.50.137.182 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.244.141 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)
PTR: tracking-failover-02.ams2.m6r.eu

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.19.147.44 (United Kingdom) 5 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.73.238.193 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-238-193.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.196.159.27 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-159-27.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.236 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.blau.de

portal.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.46.154.242 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:21c7:2400:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.235.66 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-235-66.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.75.189 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.189.75.88.23.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.7.56 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-7-56.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.98.228.78 (Spain) 1 redirects

ASN16276 (OVH, FR)
PTR: ip78.ip-87-98-228.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: ams-delivery-4.sys.adgear.com

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c087 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.208.19 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 19.208.227.35.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.62.202.251 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.241 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.173.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-173-19.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.20.211.8 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-211-8.us-east-2.compute.amazonaws.com

vid-io-cle.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d05 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.197.61 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-197-61.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.126 (United States)

ASN174 (COGENT-174, US)

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.227.93.166 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-93-166.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.34.152.202 (Tann, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.202.152.34.188.clients.your-server.de

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.79 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.210.213 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.210.244.35.bc.googleusercontent.com

freewheel.adhaven.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
159	doubleclick.net 9 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	452 KB
152	pubmatic.com 10 redirects vpaid.pubmatic.com ads.pubmatic.com image6.pubmatic.com vid.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com Failed aktrack.pubmatic.com Failed hbopenbid.pubmatic.com aud.pubmatic.com simage4.pubmatic.com image8.pubmatic.com	1 MB
151	sunnewsonline.com 48 redirects www.sunnewsonline.com sunnewsonline.com	5 MB
148	lkqd.net ad.lkqd.net v.lkqd.net cs.lkqd.net t.lkqd.net	515 KB
110	googlesyndication.com 2 redirects pagead2.googlesyndication.com 9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	806 KB
74	stickyadstv.com 18 redirects ads.stickyadstv.com cdn.stickyadstv.com	901 KB
68	google-analytics.com www.google-analytics.com	23 KB
63	2mdn.net s0.2mdn.net	835 KB
61	google.com 3 redirects adservice.google.com www.google.com	8 KB
54	google.de adservice.google.de	7 KB
24	vdo.ai a.vdo.ai analytics.vdo.ai targeting.vdo.ai vhs.vdo.ai Failed s.vdo.ai Failed banner.vdo.ai	527 KB
22	advertising.com ads.adaptv.advertising.com	10 KB
16	adnxs.com 3 redirects ib.adnxs.com secure.adnxs.com acdn.adnxs.com	31 KB
15	adform.net 2 redirects adx.adform.net c1.adform.net	9 KB
13	springserve.com vpaid.springserve.com vid-io-cle.springserve.com	612 KB
13	gstatic.com fonts.gstatic.com encrypted-tbn0.gstatic.com www.gstatic.com	281 KB
12	googleapis.com fonts.googleapis.com imasdk.googleapis.com ajax.googleapis.com	352 KB
10	googletagservices.com www.googletagservices.com	355 KB
9	spotxchange.com 6 redirects sync.search.spotxchange.com	6 KB
8	openx.net us-u.openx.net rtb.openx.net	1 KB
8	turn.com 8 redirects ad.turn.com	3 KB
7	bidswitch.net 7 redirects x.bidswitch.net	4 KB
6	amazon-adsystem.com s.amazon-adsystem.com	3 KB
6	rubiconproject.com 6 redirects pixel.rubiconproject.com	3 KB
6	quantserve.com 4 redirects cms.quantserve.com pixel.quantserve.com	2 KB
5	everesttech.net 5 redirects pixel.everesttech.net sync-tm.everesttech.net	2 KB
5	yahoo.com 1 redirects ads.yahoo.com ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	2 KB
5	ampproject.org cdn.ampproject.org	103 KB
5	increaserev.com increaserev.com secureads.increaserev.com	20 KB
4	simpli.fi 1 redirects um.simpli.fi	2 KB
4	gemius.pl 4 redirects googlecm.hit.gemius.pl	875 B
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
4	feedify.net tpcf.feedify.net cdn.feedify.net feedify.net	62 KB
4	vidoomy.com ads.vidoomy.com a.vidoomy.com stg.vidoomy.com	6 KB
3	tribalfusion.com 2 redirects a.tribalfusion.com s.tribalfusion.com	2 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr idsync.frontend.weborama.fr	722 B
3	agkn.com 3 redirects d.agkn.com	2 KB
3	1rx.io 3 redirects sync.1rx.io	2 KB
3	de17a.com 3 redirects d5p.de17a.com	981 B
3	googletagmanager.com www.googletagmanager.com	107 KB
2	taboola.com 1 redirects trc.taboola.com match.taboola.com	654 B
2	avct.cloud 2 redirects ads.avct.cloud	894 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com	1 KB
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com	1 KB
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	innovid.com 1 redirects ag.innovid.com	685 B
2	addthis.com 2 redirects e.dlx.addthis.com	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com	887 B
2	teads.tv sync.teads.tv	344 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com	600 B
2	youtube.com www.youtube.com	50 KB
2	wp.com stats.wp.com pixel.wp.com	3 KB
1	adhaven.com 1 redirects freewheel.adhaven.com	258 B
1	splicky.com 1 redirects bidswitch-eu.splicky.com	223 B
1	ipredictive.com 1 redirects sync.ipredictive.com	522 B
1	bnmla.com match.bnmla.com	112 B
1	w55c.net 1 redirects pm.w55c.net	784 B
1	deepintent.com match.deepintent.com	44 B
1	gumgum.com rtb.gumgum.com	238 B
1	playground.xyz 1 redirects ads.playground.xyz	466 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	534 B
1	iprom.net core.iprom.net	282 B
1	ad4m.at ad4m.at	915 B
1	adgrx.com cm.adgrx.com	408 B
1	erne.co 1 redirects green.erne.co	326 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	656 B
1	loopme.me 1 redirects csync.loopme.me	217 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	zeotap.com mwzeom.zeotap.com	455 B
1	blau.de portal.blau.de	616 B
1	blismedia.com tr.blismedia.com	141 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com	513 B
1	adsrvr.org match.adsrvr.org Failed	493 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	criteo.com dis.criteo.com
1	genieessp.com js.genieessp.com	285 B
1	googleadservices.com partner.googleadservices.com	652 B
1	cloudflare.com www.cloudflare.com	435 B
0	audrte.com Failed a.audrte.com Failed
0	contextweb.com Failed bh.contextweb.com Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	onaudience.com Failed pixel.onaudience.com Failed
1196	84

	Domain	Requested by
104	www.sunnewsonline.com	1 redirects www.sunnewsonline.com
76	t.lkqd.net	ad.lkqd.net
68	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.sunnewsonline.com
63	s0.2mdn.net	imasdk.googleapis.com www.sunnewsonline.com s0.2mdn.net
62	ads.stickyadstv.com	18 redirects www.sunnewsonline.com ad.lkqd.net cdn.stickyadstv.com
58	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net www.sunnewsonline.com 9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com
57	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.sunnewsonline.com googleads.g.doubleclick.net 9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com imasdk.googleapis.com
54	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
54	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
50	pagead2.googlesyndication.com	www.sunnewsonline.com pagead2.googlesyndication.com googleads.g.doubleclick.net 9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com srcdoc www.googletagservices.com s0.2mdn.net tpc.googlesyndication.com
47	tpc.googlesyndication.com	2 redirects www.sunnewsonline.com googleads.g.doubleclick.net cdn.ampproject.org 9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
47	sunnewsonline.com	47 redirects
39	ads.pubmatic.com	vpaid.pubmatic.com ads.pubmatic.com a.vdo.ai
38	vpaid.pubmatic.com	ad.lkqd.net vpaid.springserve.com blank
37	cs.lkqd.net	ad.lkqd.net
33	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.sunnewsonline.com imasdk.googleapis.com
22	ads.adaptv.advertising.com	ad.lkqd.net vpaid.springserve.com
19	aktrack.pubmatic.com	www.sunnewsonline.com
19	vid.pubmatic.com	vpaid.pubmatic.com
19	v.lkqd.net	ad.lkqd.net
16	analytics.vdo.ai	a.vdo.ai
16	ad.lkqd.net	www.sunnewsonline.com ad.lkqd.net
14	ib.adnxs.com	2 redirects googleads.g.doubleclick.net a.vdo.ai vpaid.springserve.com acdn.adnxs.com
13	image6.pubmatic.com	8 redirects ads.pubmatic.com
12	cdn.stickyadstv.com	ad.lkqd.net cdn.stickyadstv.com
12	simage2.pubmatic.com	ads.pubmatic.com
12	adx.adform.net	ad.lkqd.net
10	ade.googlesyndication.com
10	googleads4.g.doubleclick.net	www.sunnewsonline.com
10	fonts.gstatic.com	fonts.googleapis.com
10	www.googletagservices.com	increaserev.com securepubads.g.doubleclick.net googleads.g.doubleclick.net 9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com
9	sync.search.spotxchange.com	6 redirects googleads.g.doubleclick.net
8	ad.turn.com	8 redirects
7	vpaid.springserve.com	ad.lkqd.net
7	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
7	x.bidswitch.net	7 redirects
6	vid-io-cle.springserve.com	vpaid.springserve.com
6	s.amazon-adsystem.com	www.sunnewsonline.com
6	pixel.rubiconproject.com	6 redirects
6	rtb.openx.net	googleads.g.doubleclick.net
6	fonts.googleapis.com	www.sunnewsonline.com securepubads.g.doubleclick.net googleads.g.doubleclick.net banner.vdo.ai
5	cms.quantserve.com	3 redirects googleads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	imasdk.googleapis.com	a.vdo.ai imasdk.googleapis.com
5	a.vdo.ai	www.sunnewsonline.com a.vdo.ai
4	um.simpli.fi	1 redirects ads.pubmatic.com
4	image2.pubmatic.com	ads.pubmatic.com
4	googlecm.hit.gemius.pl	4 redirects
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	secureads.increaserev.com	increaserev.com
3	d.agkn.com	3 redirects
3	hbopenbid.pubmatic.com	a.vdo.ai
3	pixel.everesttech.net	3 redirects
3	sync.1rx.io	3 redirects
3	d5p.de17a.com	3 redirects
3	c1.adform.net	2 redirects ads.pubmatic.com
3	ads.yahoo.com	googleads.g.doubleclick.net
3	9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net www.sunnewsonline.com
3	www.googletagmanager.com	www.sunnewsonline.com a.vdo.ai www.googletagmanager.com banner.vdo.ai
2	a.tribalfusion.com	2 redirects
2	cr.frontend.weborama.fr	2 redirects
2	ads.avct.cloud	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	visitor.fiftyt.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	tracking.m6r.eu	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	ag.innovid.com	1 redirects googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	id.rlcdn.com	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	sync.mathtag.com	2 redirects
2	a.vidoomy.com	www.sunnewsonline.com
2	pixel-sync.sitescout.com	2 redirects
2	www.youtube.com	a.vdo.ai www.youtube.com
2	encrypted-tbn0.gstatic.com	www.sunnewsonline.com cdn.ampproject.org
2	cdn.feedify.net	www.sunnewsonline.com
1	freewheel.adhaven.com	1 redirects
1	image8.pubmatic.com	1 redirects
1	bidswitch-eu.splicky.com	1 redirects
1	simage4.pubmatic.com	ads.pubmatic.com
1	sync.ipredictive.com	1 redirects
1	match.bnmla.com	ads.pubmatic.com
1	pm.w55c.net	1 redirects
1	match.deepintent.com	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	acdn.adnxs.com	a.vdo.ai
1	rtb.gumgum.com	ads.pubmatic.com
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	match.taboola.com	ads.pubmatic.com
1	trc.taboola.com	1 redirects
1	core.iprom.net	ads.pubmatic.com
1	ad4m.at	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	green.erne.co	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	csync.loopme.me	1 redirects
1	ajax.googleapis.com	banner.vdo.ai
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	ups.analytics.yahoo.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	mwzeom.zeotap.com	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	banner.vdo.ai	pagead2.googlesyndication.com
1	portal.blau.de	www.sunnewsonline.com
1	tr.blismedia.com	9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	match.adsrvr.org	ads.pubmatic.com
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	vhs.vdo.ai	www.sunnewsonline.com a.vdo.ai
1	js.genieessp.com	securepubads.g.doubleclick.net
1	stg.vidoomy.com	www.sunnewsonline.com
1	pixel.wp.com	www.sunnewsonline.com
1	targeting.vdo.ai	a.vdo.ai
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	feedify.net	cdn.feedify.net
1	stats.wp.com	www.sunnewsonline.com
1	www.cloudflare.com	increaserev.com
1	tpcf.feedify.net	www.sunnewsonline.com
1	increaserev.com	www.sunnewsonline.com
1	ads.vidoomy.com	www.sunnewsonline.com
0	a.audrte.com Failed	ads.pubmatic.com
0	bh.contextweb.com Failed	ads.pubmatic.com
0	match.prod.bidr.io Failed	www.sunnewsonline.com
0	pixel.onaudience.com Failed	ads.pubmatic.com
0	s.vdo.ai Failed	a.vdo.ai
1196	135

This site contains links to these domains. Also see Links.

Domain
vdo.ai
app.thenewspaperstand.com
www.youtube.com
www.facebook.com
twitter.com
sunnewsonline.com
netsera.com.ng
feedify.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-29` - `2022-07-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-06` - `2022-09-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.feedify.net Sectigo RSA Domain Validation Secure Server CA	`2021-02-06` - `2022-02-06`	a year	crt.sh
www.cloudflare.com Cloudflare Inc ECC CA-3	`2021-09-18` - `2022-09-17`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
ad.lkqd.net R3	`2021-12-02` - `2022-03-02`	3 months	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.vdo.ai Go Daddy Secure Certificate Authority - G2	`2021-08-17` - `2022-09-18`	a year	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-09` - `2022-07-14`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.genieessp.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-19` - `2022-11-12`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-12-06` - `2022-01-26`	2 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-10-25` - `2022-01-23`	3 months	crt.sh
*.stickyadstv.com DigiCert SHA2 High Assurance Server CA	`2019-11-25` - `2022-02-18`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.springserve.com Amazon	`2021-04-30` - `2022-05-29`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.iprom.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-01-06` - `2022-02-07`	a year	crt.sh

This page contains 157 frames:

Primary Page: https://www.sunnewsonline.com/
Frame ID: 54251E624DED3E8535C8738FBB316756
Requests: 455 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 51256B806C5835B59FD39639FDC21B21
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1098601291027995&output=html&adk=1812271804&adf=3025194257&lmt=1639422160&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460406&bpp=30&bdt=244&idt=319&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3311153261771&frm=20&pv=2&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=341
Frame ID: 14C61105A38F6CD1188A97E2C28686BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=7228661401&adk=2972760969&adf=1413519997&pi=t.ma~as.7228661401&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460775&bpp=2&bdt=613&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3311153261771&frm=20&pv=2&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=1192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=X4T5mPPx2j&p=https%3A//www.sunnewsonline.com&dtd=7
Frame ID: EA0F28C0BA493A8651A411C84CB028F2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=8187176395&adk=1961058974&adf=4137666700&pi=t.ma~as.8187176395&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460787&bpp=1&bdt=624&idt=1&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=1539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=1&fsb=1&xpc=K9rwXAImFL&p=https%3A//www.sunnewsonline.com&dtd=13
Frame ID: 79FE53AFF9567C8A4ABCB776F3D10BF3
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=90&slotname=7302666336&adk=770366950&adf=2369281301&pi=t.ma~as.7302666336&w=970&lmt=1639422160&psa=0&format=970x90&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460436&bpp=7&bdt=274&idt=368&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=315&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gy81gyRDvh&p=https%3A//www.sunnewsonline.com&dtd=371
Frame ID: C0686E9CCDD6CDE9AE5D0D253B3E574E
Requests: 10 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: A316F921F9112D20E01DF1F0DC8F758E
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 212D472FCF507B6127552C1CC915F1E7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8218178373&adk=2033062148&adf=2621076951&pi=t.ma~as.8218178373&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460554&bpp=2&bdt=392&idt=292&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WyFRi4xKFR&p=https%3A//www.sunnewsonline.com&dtd=298
Frame ID: C0D21638BB2029EEB6DEFCFA3AC271C1
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=90&slotname=5247484779&adk=3007378855&adf=1881412065&pi=t.ma~as.5247484779&w=728&lmt=1639422160&psa=0&format=728x90&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460894&bpp=2&bdt=732&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=3643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=P37kt1qyDA&p=https%3A//www.sunnewsonline.com&dtd=4
Frame ID: E99B87205FCEDA384CA3A9FCFF3847CB
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8187176395&adk=1477350333&adf=1664212563&pi=t.ma~as.8187176395&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460638&bpp=2&bdt=476&idt=267&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yofYObC5gI&p=https%3A//www.sunnewsonline.com&dtd=299
Frame ID: DE1F9B585707D59C6ED45FD2DE503A3C
Requests: 11 HTTP requests in this frame

Frame: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1F1757FE6F76DD895AE88A0FF0CB5136
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=2252910165&adk=2627293903&adf=3013028438&pi=t.ma~as.2252910165&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460717&bpp=1&bdt=555&idt=303&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D395cd4a97f3f9c50-22cf25c406cd0005%3AT%3D1639422460%3ART%3D1639422460%3AS%3DALNI_MZPEqm6qy4YQqZtpUlrr9mWUp64vA&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90%2C660x280&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=8xZzxVGw8u&p=https%3A//www.sunnewsonline.com&dtd=309
Frame ID: 554A21A03B741D614DF1820D4C33B3AB
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 54D53A299B9372FAB8C0A7AA523C6618
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 281919B1A6469D3CA7CB452FA48521C2
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 2D902A96B98F18153042AF4E4E3CAD7B
Requests: 20 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 72886A2FD5B9C6C167E27687F96C73FD
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 40D3E520550D13B7CEAF91E6C1DBE740
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 343B193E6069393A2C4FAADD20348957
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 3BF150875AA342CDD2345F1F3DD0847D
Requests: 6 HTTP requests in this frame

Frame: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0EBE7625C861B224E5777EAB80EA156D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=2252910165&adk=2627293903&adf=3013028438&pi=t.ma~as.2252910165&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460717&bpp=1&bdt=555&idt=303&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D395cd4a97f3f9c50-22cf25c406cd0005%3AT%3D1639422460%3ART%3D1639422460%3AS%3DALNI_MZPEqm6qy4YQqZtpUlrr9mWUp64vA&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90%2C660x280&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=8xZzxVGw8u&p=https%3A//www.sunnewsonline.com&dtd=309
Frame ID: 484C539AA675989BDBE2A0D0B2CBFCDC
Requests: 1 HTTP requests in this frame

Frame: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D8AEA991DCC16CC3E09B881FE8CFE450
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=7228661401&adk=2972760969&adf=1413519997&pi=t.ma~as.7228661401&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460775&bpp=2&bdt=613&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3311153261771&frm=20&pv=2&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=1192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=X4T5mPPx2j&p=https%3A//www.sunnewsonline.com&dtd=7
Frame ID: E7BDFF1512B12AD14B0161E525FA9F93
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=8187176395&adk=1961058974&adf=4137666700&pi=t.ma~as.8187176395&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460787&bpp=1&bdt=624&idt=1&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=1539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=1&fsb=1&xpc=K9rwXAImFL&p=https%3A//www.sunnewsonline.com&dtd=13
Frame ID: C58EE666A77F5C0EADC3AC6B2AD55DAE
Requests: 1 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Frame ID: 8D509C6F7D5B59CC47E05799F04EEA59
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEtntj_ptJGMGi_B32fe7qJ-6HHOzWvA86mOwtU8r3uMJoKhlPyInd25jYwq2_hC3O2eBAR9qAFNgMxxndlS149wvfsZ2G1ABUdpVc-MoWoZCfPlnuKv2om93OfHod3btJJNlejo8F9O1oqpadQCfnXpF_6_JpiBV0G00l633SfytGeGP8rXhUxCiehH_HNQjVb54l70v-rPcO2pUThx3q0SXIP3VhDDK99lgPHz3vZmyZ7LSa--rRo939Va66ItwA7DbbW-zN8cfg0GcRG1IjgINhX_eJr-DtxPwjt9rrie9251oq1PJC3wVXo7ktC8jwYk0quaq8YWc&sig=Cg0ArKJSzAZElwuevclAEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4F5A6EAC608541FB2FD2BB08723AD18E
Requests: 5 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: ADFECB29C2D057F2D26C0C37E805F0AC
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html
Frame ID: B5C98CAD83A6BBD05D6489C33E7E6A2D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQlL6EARjroISZATAB&v=APEucNXbDp2Xzi883K_8ySgaI94v6wWn06LLunJ7FivARz7nrL_5VZfJgLATzk-mReyhXYcXKTTbI_7zuNc02qbZ7rJuxUHbWN7VgyQMHMaIvcre985scO7pcHDe68S82C5d9x5s7iE7P97BfrXC4JshRXLTx3rBlB3TpWVOU9V6aPAVq8LM1qs
Frame ID: 3D7F7B4DCBDB0BC055B3DC15A0F842BC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7B6FF2DFE0546CCBA4CB0C87A2BC7E17
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNVo4Yifkwbja9fcEjGMIyvtGsA7M7y_RQbI2BQTzxIRd4XIyWx4pnNR21Qivrxdcon5iviFbhyKaIbz-IQJEdClmgOsVND3uyFS5kydhioAP0TxELhiJnCDVhBuMnIQgXEMH0vD3KNfneNAIXFjBhdgDioEQ3qnXb5TQUQMDrZEEn2m-5E
Frame ID: 8E3D21C2BC0505F68B42FDF572E90D64
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E47B4A38E87395CF3E211C9A14806FE9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4650651BFDED643BEAA47F08C3B2170A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DEFB04FD6D9D766FE2A1F8174E1C1258
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1C05F813388FC5EDD606D242D7B1B191
Requests: 9 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C43459431986928572441021382728%2C%2C
Frame ID: A647EA5B006CE47343BF5223EA8DC337
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNW3p4XI22l-8mtsPUHwCq2aQoEEZ-JLyYH_35kQjlBvBswcHSasKHFZXF_zg66aq2Q7vH9jYihFZ4vG2ihm4b10-p1X9uCaRGwqD1Oy_iE_pD11wUA8v5Va3702RTiSqm8uRDrz8Un-0cXi_WLK2S6IDbp7HxgD9ZIzw-4TMKbmv7DRONo
Frame ID: 342CE5DDC75804D5AE64CDADAD910545
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CoYTLP5fXX3Jzsl2DOGbOZLv8WqZJb4SeqXwpjBeGIbjUKCUdPJi3TMu8KxOzKg2jJlnBsfkZAber3TDmDTZuNJhvvtPpnYj_L2Le6EbtJbaO3aW8FmeWa2l2D0pJ13hm_i906-EOnwbBbzr9i-4BQnZrlug&dbm_d=AKAmf-DDtt1S1_k3poIk1ut0WEWth-8OW8vvmkXw3aGPRhzidIX8jxvhphilNAEl53ndI6u9pgUd1IZFyf-cYCSAKrwpug302foOSPMkYPTS1X8njAUukvrZ5Mc_gbgpKAGT5c88m7Ui_HLX-0wWX3L1AIlX-Xfw2xK_EiIrlLPQhwj6hylVp2L8yhWIH-RQU3bVmaVeoS7836DeWlCiDkqVBpy6fBfx1-b4Art2lfcmotwkLfLCkJBc3OF8EeLks1aKjoqVbkxQAWe774X7jKxiWyxMfon5FhuBzNpGs3179i3a8o9QjccxBsU61NN-BjJp4MesBO9NYaT-cP5ifZuqRw12Bn9-k0sjYXyofrQ-ab-j4qJ-BPMBFzrNGxeNfwAdbT6G67gpGsHawe4dzt6imtqZpcr3wR65ILRUFnCGYJQ_2Fo271RBNbZI-7lp6DFdyEQQmRqkUT2CaophCp9IpDpZlH2SU_g87b-f2aZ5s2gCp4i3dy-3aGYcFGZU1MCUijOuIHnesLTRMzHpYfXVjVW6mUwTZSFr7sucVuY87xS2zgcGq7JN4VIITr7ygZhxarYgacQj6g73rDcU4sk6SUO51-ta47glPr4_NhzvLQ_s56V3XaLYxWW7mPmelyIw7K6Nk28HNg0mTcdf-1S6hQB1r8uph6d6vcpv1_rMowIIfHT5exWH8O-z61TZTE9zPCrdQ_LOhQm33jfQieAi2X8zT0PBou40Ebiy_bTUyd-04UufnmmtgWQ91zYR62e_9LKhBovI9TPJ1sCAVSfFQu1gklPsZQgoazsLSIl_dlLB44kekdq1orCH7zLIUZEdgoVSD3yS8UdxwdnQuglcyF-EJhS73qpN3rJu7uvXhXGt0b2axDNmOrQsw4qG_z1WjXyZhsqdiFfRSbhOK671U1qnqtRuHqoTVdmJ5VJCdliEqD5WSa79ZKFpeaEffH9QCu_W_L4NEZPfrTQKJMcLdJTCKRDQW22uJN-1_XkWGDG0KgXWZG7bT-ZEACpLyxjoAf_p7-nUTdWLR9aBe60U-RigfsLZBw4VJP96EMfBInF640g3iZ_sjPQTTJvzYdNN8IBo3q4LOWXNwxF6YdN05EYRA6vUZpgb2ciXrmDBgbdo3JhmiQZiVEFjRPpd6gfekPMZDEXkLB-jUxRmUlmsmcy3OcGK8BdQxTRc4EcfyV6Ap_Cr9-1Vx8vBan2hSBUa34MW4-gUlgh9EsvOB31iYYRQONo2iiUAfh8mTddGZArdidV-M1uhXk2cuRtErJ_ZyDyDGR3Re-QM6mVk_lZUcRbpXoMuJUt9JsVYyBKYYFasXdYh3qZo0qNTPl-WOSXngV_yp5lnAl3pZZP8qQCOgnAxyNFVzV1ha4zMnBsbDTWbPrJGUnsi1qPLTylqaiOfAOTPWJa1EQPsqzVUqgAVTRiAKhDj6Ckb47V6NBmE3HAMYJXsGKH1sejTJz7FOZzKjk-evD7Y9npFU7t9PRDrXK5yiJZxg2pw42QOQ0QkTsmwY788LV1DPoo-PUeYMXpxSbDzgz79kQvx43-1upvkHHdRtmJdCW3fRJUYjcqDzLkg3TSlr19qXpOPQLsc8rN_PWL1UeunBaBFpdm2SkLOT0GKC0Y1mv1POTukQqxPA-_FpOusVGtN3-kdEqJYjdsuOK_OjA65Hg5MYTIRWBbB3eP7-dNgTf9ygXfk7wJUwZgkCu2j7a1conXHGVgAUvc32PIk2DgOwVW5_N6LSLjVmEXRVgxfaqw1owcuM0ABL6QVdjdBY_1rCDR69VgX7x4UHsTvotxKw_pavTT6JIOZzvZgaz0vcpwQV-G6Yq9udaNhbNJ06M2hxs2IUKzRaZyvqSuj2udfg4KAwJFtX5fh6NCrMdhII1lvEU9OvI4ZR5XZANYBbLiodNY4oUuWVGlBJZO-qMUkssb4ugQ8v4KmxDcx2trTWWoKzV6f22Joq2ExkdNItwGslyFdmcOV4pQPFj4YDxZnWfjIt_7GU3IXdPqefCO7Z3mVqo88nbH2dPWG12DP3J3TudpZB2-8CZC-Y7InwPzpoYW7uTE1Ch-T02fFvpXM7yiqxPIAXfTSThGDUqKbr7RWe_itBURNXTHnsSXoxQlMfMzSymADEHUZ9HEALkANVx8GfCUJM8IiEI1mRjAuDi6aZgG6Eq0-K7ZM80zJWx2q4AhMpLaxv6URzp11J3MM_sbX2attV7fzeY2lKa0biDV2bjY8Bp6WqDZIbSb2qwab02SlpriQL1ZAPLBXe27oV-GO1L9CiGgJOUd6jXrKq0O0oCZjsl-dwiWM6iBEZvgDQyMDAl820vBEEj-LTLvz-xDndlwbiV745H9ctmNCAaRuP0eOeBtcwLqvRqMkfOIOKu9LdR8IU4hudvleDeezAIu8PxbAQG_z2GIl8vv08WPbckBWNpJaP6ObUGwN6Zl4QoEz4hFH6hvHVbpi6za-YIS6QcXoOI7LHa40pk72r3T8m3DHN8XinoQqfiGExQU5XSQWDhD4qP8ojdCJhZdZOJQf9ycT2IED1iCLNvCIZP7OsrnuznVlX7xcpqRgW27PTnxVv6MxpUpcUMwkNu4SyNtevS5oSIQoJ9Ne-jGBlV2Jks8LarKoSNiyVSvm1m-IG8ijTcgrmKG4pegNnILkFLdqqlLfh7ZzUH0I4Oxm9s1XggtXI4aQAhUFo89nfd3Og2sMa0xwo4eSJqWPGPuJRxOtkK7kDhLnB_6YG5MXh38hMyFy9PmM_dgXwIR07zllttH1_ES4hhmA9_tIwGhDMX5336T6ogTEaityNqlAetqP6tSvdxSVl-BD4JrewQkC5u_OniSwnLjXJwUZqGwxsre5-po9qtX_hQhzpf0EL9dOfFUPIzwEKMU9qg36EhZ2FAw3xft7bdgCmgcuVexuVkR5_gPuOFWSLuP18oh49DINbdsAxMxM4RaNmPrDlD0SLnTdnpu2CmX6ZSM-oD6t_mWoEW4VNY2T5fznw6sWkM5HmVp2PDtfonfqrGs5kXSJpEyC0PLBm0-f_XcALeTDM6lmpeCEAWXnilfp5G-LBCeoqtQcZNTXSEJCD4pqM7mmXmCjF1hMFXuNMaHSpwl2s6gDIGzol_AaWy-GUwR6SMkjlAuHgVtGLs5XDzyPIfrs2CTRDiOYrRuOMDXkAlNiJoPHSfwGdzhV3PFfr5WdDJCrwbqNYv_Q0hpncOych3AQUbVIJ2lrdhPDhguUcNRUyQR0XI2R7Qx223TxZz1dmz7iq48lzVYdwv1OoPumn0KN6_NVTj7T3QjUVHiEz6cJVbF1piukX2hTlH3Pm_Euwxt0nUMiUmHG88v23FqzhbxLXw3dV52a_HpMOnDhLJI-Ls3H9q1nlI1Cgf6VDeVZud6SGeziXOLn1ZpCA09Fj7cT21vtQ1mDq2B28-lenjkWTA&cid=CAASEuRofj37fP9XE1F09KZhTMg97Q&rfl=2%2Chttps%253A%252F%252Fwww.sunnewsonline.com%252F%240
Frame ID: 1729CDF172CF015D9FFE0E5A392BECA0
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNU9EPD08I5rKz046DejlkL10705ARe_KrXNr1V9ElcJyZw6J8yxzMMlEynl1PStsSo86EAtahHJ7ut_QXVx9z3dRsHQiQr54_uYBRgeKjTuoDt2alGn2vqZtySXU24f66CDycUPXjSPNIU2Eq3jtpybGm3IBo_vEWcP5JhHgt1xxIffaNQ
Frame ID: 513304F590B864EA5A518C8314BD4D86
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dyv52Q7Y3KMnb4baAmwr28rztBtnq1teIwnNGfSuFkEzs6qUgtXnCqo4CiXf8TITPMvaUy6j6QlP8-QeOzaTHqkq9DFSo2L1apyGwhlcvx9V3wO6z5v5E2xsVxWu5KB7c--agfGzkbCbvYX7uyD5gIFBlePw&dbm_d=AKAmf-AhmBy_WyWQOWQMNumEHBQMbIcl84apvuANhCb6uERxenSAB8LVKwFqOhiiqJeBGDMN4M78RLVaueUKZy2AcqEwys2Z98kNvTDoDaruXT4Qo4gvZcjXthzdJ1oPxqmcGMycZR6eCScglmhsjtG3awBtGCuHBd4O3CCSjMK-ThktUZs85EYoEdrpDx0F37pLMC767mmX3owY43XJIYBykQ5KZ_Aqw5lkvVygtvQV5DfFqDakecfJe3_hh3Yr6R-MBzKL-9TiKAY3ML2hkUGmXkXCx7kOHdI7v2xqyKwF2tbcUkSZEMkhN80BXcrf3ZO1CR7fMZZPliZ4YNhicS-JNV7GzwtxH6m2fbPVKfmroc6C9G2Z1UuLHJ5SxARxTHngBNXFHGncjfhBN4OkCdPJIyZ86OnSfr4R6Ogo9yW0ms5bJz-JUhv23gdIC6qbKuVBpIx9PjolVKVI59b6kFmc8BGlyoSgIMaCKRBN5JDb1TKiWfXhxa49xRMm9MwX4h37hqX5pamGrh4y-I1nRolyqgSuazfLE9iAH-I4NOvayjTFBYGs2azYtvUSBJV23MAmjf-_NfVbO1Axil7bZ3Rpm9JLmhpseELABYFh3mGPsyzymDALXEpfo84QeL84e0CBbY42V4kRJWiXGvJUS7F9eZ27oP7OnuFOjOG2Vsyn-b0-s8N9himwx7fHp13PrMqVc-5LwqEQtfTl4iKf4k8AqbyLuMBP3ypy3-lY-J1WBcgc_iDYLnXq84FXxXePKs53XI5VQNTvizJ8fNDkRzC3pFLgIfkez8qPmY202RlkzKVZmHmmG8FUOHKFDuTy_HyzAO9-lH9kNtLG8G4Hjfvtv4JFg99x7LE3T4l2RcQwfxcNFbE69z4iUGwEehZHmVAchGhBnqhhJfb_An8jzwROvdvit98l8_0uA_4oAVHYMpADSbbOtgpowim1F2V1WOCDPXLnkXPufDYboHZlNHCMYl_DS_ZMqVi02jGUUZpL9Ag3B2Dt7C3ASL5P4vSHSGnaVARgbqQJuMdVg9UwRGBmZoy08XkDXhvK0r4zTLYLvQJitQyxTa5ffMyzg7rfqLXW5Br5jq5g5wuJhlcT-Nm-FN-x_gYvID6-UhG290WzLUiWQnnIjrtn7DnmFMlFW5ZzRR-IQUK8EL42r2RnappfyDB5Np64fOAMFUaxITuyFwBp-0Gl7irt3aZ1f04Jyk-nTedVWyQU5n1Zz6V7KQoFQ8YqCc-9piek25VD1kZbBbTLmSSX0B5TftRhI0Y3LatFDIPniQiC1C093-z6dO6z88elT3_R977qvpgCcZRkoeASkP8yCo2VanjG5gXPrOO3PAIQ4zmVRpF6CmSFQMS8yMqZXYxnoSccnBD45ufNf5D1ZBy0o7qBvTOoDGGrGVhAtx8mey0GtR9p-lbbO2NCHQpz9k7JgAegyE_lm-_Nf5PDJtOIwzbopf2jqc5lullBZajODkbPO9dkpOXMUd11FgQtmrIq_ZIKHCII0celM2HS60gR5lhcDi_nQxAU6wdKib3yhGILbJ24DXB4Hn_elECU0xC3PyJARyihImSJk-cu0_JR3YS5OtNuXD7Gv2gidBkbW3ZryRuSRwPRHYI6CQnwDeIJniZAxgkd5T4HRZPZ3eO5WFz0CypSjORhxKZmirM0lMpGjNSgqoyOFq6MA4t-CEtDpOg6AnAz_Uhf5cBPOYCTg86bSr8GFntdERYFAmf59at61NayRKojhgU79XiXdIkqxVvzy6vbLl0ZX5ZpAccF67bSqsXxnNUuLgHnjO3hj5gnHdo7VyoqYaCRId1lICP_Q68E8QOujP9eLdRogXSKE5wLGXFwj8oW0e8GqKIDA4DufEaasSQjyd-INCX3U48Nf6arvBjajktPd1Mi4F8OWuONuT51k-c96I1lj_29DbMaXu3ucKdnooU6gkIRNCNJ1wMdtlVyGEug5j6MQ7iWJh63yIewval11Q9_sbErNHxrohTd-aw7wo0DBLhJWlZKKCaNKIHky8G5-nK9v7aUhw2XiNA8mzQLBKj_KscnaRulbTya8otCugAXgRde2KmNjypOY8DAgGcsq3SqHaaLk7lBZy5ItJmj0E18Pf3ucuqzWu70adi-6tgx-Yyvkc1bUnRJa9ncnLVmEftba5C7vq2pdqCgpfSfOLxD7yphqEC6ZcZRmzIXTJBxYO00BVMOUSCWFLfy8KXY8CY701bExXR4C56qbcuMhoK0cawchFIX3j6NtBsKY9F_4egIPoLqgvRen_flFyD78FzcYCNXi4sbr3aYUiv6U-QinwaZop9SPm57Kki6tqllI7jSXj9ttvVhxRYFO-DjJcnmOKr1i_FBuLJ_nKrrFy0VLn85NJS-LCJ4PWRAr5iwUbxUMavliQJFbQz6YNCInBTqeEqOsEjrrFEozaOPdvoYJ6Zkyv4Y5LLaexG299kB2Hp-9XbW4QAqAe2kJ6xRogKTqwMpw8ubr5rGd9xoTV1ecY-grasM6WSnIXgjUyd6v4g3YDPvCMq22siQWNw4Hg06JBYIuYWfwv5rogNK3NW7MH_jzb1AXgHjiBRYfqDwHf3W--L6hZZkAD8LYxu__SqA1zpn7PPnR6BkmjxjliaJVzqpQxo2K_L8Z5k0FcmHbwNj549l-4Zj80GO63fD7STHC7P-RHhD0UXpIDjXzslkikPkY3GpyE6AqUl6dMbu0DnhAfyHjg4xEbCwRmQOZomcffI8XjluLs5cPOGZSY2e4PbwLNrD2tMJoJYAM7R0m5j142p3xqlGIMZrBuJmivpvReT-wuI3Mw_wFJJwxwu7-cw6thYyZrnLZxEK4-nBzHxWrWISuyBqtwqVfQj0mze_SOwVvLSaWvR7tQV3Jy7uhsKYFX3dKwmmLoQhZTfDNKhcziO05gCqjOLs3SVewyVO17JuecA56GHoZ6GOHvVhbGYcOXGqJRde_eLshYEAOx-wBfozZiBdTELZFHFbFB3z_OpF85GSESINjz8ttNflZuaE0fmTz0u0866enFOm3Sik-KlwVw_R_v14cbD9mR-Iv1RsZmBJhUYF3hOjnH20a_Acj15kHCSqN9utfndYv8DBTTmcYhT6BJFW72Crppn-oY4IDChyetDzGpdk-2j5OX6D3pufeuYVH8X4xcRaUyrsMfJwVjNrLnkZqvIY8BV4CjgiCdSSMFsQT3oGiCLgt8TA2QIHcekjE1UpMxrF6pNQILxhxiJarCDKt13p6NdIhdgEj7VC6Fg_jRULnwpcfVB_4Y7bDF33iTCIebWIDF_2HhZwP2bbOQ90Td-EmVTTXEKhHktWGCSdIHDzzL-qhp8vli3AcFI6tEaLD6DglpHvtdmBuNH7A3j12I_d8U-xnTKs6ySubanMXtWIUfOByTcsPIjbsS57f8d2tb-tDpdD_IQQsQg_U_mWsBEpBTawKg-3-IQ&cid=CAASEuRoESlZIGkON8iaNQCWWPFshw&rfl=2%2Chttps%253A%252F%252Fwww.sunnewsonline.com%252F%240
Frame ID: EEDC5A9C03D9D085A34C462A8BCBF76B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNWn_5jSzqJsXxp-BQtfzZqvK1VWl7w2n68FJ9f4Fhcwk4PiBDD4Eczda34MisXpUfmQLBRR_-V8jxJfapSyIbzl6c6UsLlWy_f7RD4d4jzfoEKUs8qUnKaXNIhzyRcWQ-2kUFQX7cZdc_AmHZ_gdqkKcfzmpq3iGH7kcI_rZXEHijc2QxM
Frame ID: B7D503F32B2587AE338B9F28EB1BEBB4
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Awx9P-QbvEXavVQZkfXvflLum23yPd_9KBiY8UgrqXQ01wTPZu7flBLcIoUzpVVWttMoVyLH8Bf4kBx2prvYEqx5V6ucOevtMc-NeqTKl4NEkCAzebV4iRV-HZ3ka9Duo0kyf6hpu3dwzQKdRs8M3mIGKWsA&dbm_d=AKAmf-CSPqn5F5sVHhLJGu0JT-2MhbCQfMxqBGx_w7XUOs5AF_0YwBUL9AxP-aai1WYAGzqG5_g4rbhQQmDH8cuwhN2BkvMCHXifgECtdnVkCDUr6FAxPJk9_c2WMF7T-8txqnbW4PacIRYU-E02fvU79Gj5ATGgrRcqKjBkj4Mw4dU3vqiHxW-gftwSSgy4IgP-eDlB5mC29gjPKItiLGgSZHJockE9clNDonCvFqgb82B7lOseYvWT7SPJ9pEgXebaxW4m3t_40JqSbhek-PYb5lkwjvKHJFpA4iIGv0LzmkmCXVMSTKQMgvXd05etXTo8eU6mCh0mi5jn_tGcLI5Foz1sUBMcrPpwd6CSUMnQmq7fvw2pTfpMkwZor_DcJ5rrBf9S88QWv_-h8gkc7OCGHR7P_xu96kDJlEy9fMGT2oehy96ezRt6Yyg8huZ9qdQKcXq3JgSoml59S-xitU1S7XW71VSFglCkpP7nWmdUc0pyxhqZQD9L9tkIAg6d9zpTLV1aIMr3QhATs_fVE9cVkxMCx1xsS0SsLeRDrrhNYSjPPFKY06G2cr-6a44-6BqRQEptLORQFdZwJXpwJrnLSXBLTQRkIU2xKVG9p9sUlV7FV0XQeSVvlcjBoZYSKdk0VHDkmnb84DRo50o_M9sEImM9Q32qBHC63xH8feDcpy2y8trYgVeIlDfy9fQ0Bxq9I0AV_NJv4_-nIiqNLdxCuAuRGA9G6UGENMvtYzcZs7Xi4W-BTgI3kbjH8d7iH_GnKoyRoRyq3GZJwIoWn9Xh9FmzgR_OrAFq3dHoZ4N5CYy84V3JObOWWhkjHBTwI_WYrB53wExa3CsQrMZdhxWWeHg0jZs06JFWfC5T8W-oRZc_u0uc1shEUIGXHitNXnnboK_FvHiod6QH3GfgF_DNJ72OcosE82t4XVuV6-JUKpZWRSX3j6ElGG5QK7xj2zo8_tD2rxtIqwd5pmZAhN7HCIvqhXT-fWjl1A4QCXB5yagaOKos_HalZ4kSLQjjAYu4eSXbqtUlTZdE5rStNTG3Dyo0-olV1hhQCI2q6KyU9e9yjbNbAstcmmt675asQw31WCvL0xoRT7DEqDdjtcc3nkMLFYZAQxR2vd51QDRhCkwmo71W7sHSZQxPU8ER_NI0xhE10KheLjFIqUDTmXKIj4TBML8TyFiHTHsPmF-olektZz4CJbsGSxdxL4ezSTv8hfcfX3ozmg-JQ_T6dNfrciNdTsAv3eBKnLjwjugXSF0V55j6xXSWvYrSPiRGAUcJSUMEhq9QWL0Lz-0TTBy6N7zguJbQmTPOgCYD8tezA7S4fGiZ9bGGroE4b14gaHTWc3frWlk1LkWqENqa3QN0fA6fWeaHnYiQruXYVb6j4cBKQ3ar2tVzh4CwJBV7TC0inm-ghRF-R2SQw9uWmYsnsNT4hDpc0iQzSSaNp_HPAQjVlfXq32yG8Mh6UrzqSgUrgdCASVyyr_EGrGLckHoYTuWFLKCxz6-6f1hN7-ell6jEoMDTT9BTp7_F5F1X557038TbmLn3DEAizABID1_bEcHypJgkYJoWiuX6LdNA5B8Mp27nhDK_0lU54QEfb5oa5b8qSkVnq-nHmmf11dineIFvXelxNQzFKCifk12Cvvap1EE8eyYgp_XHOnI9FInEC2hZGiLQaQAu8qKvydDKKxlzUJvSVVy1nJUC34Hbw22_2ZjripfVkjcUFydX26HL8P-7p49di9kzboc3FtWqwgXXg9H0RbtU-8DW3xDfQVExC7D39Epy8telqR_jkfpcg9hh_81-Yf1-hwlcBAjXz-puIiQGzWSLjKhBB1hBE6rGnvMtw5nCbquUI87TmbU-1cxMsyH6Twd5TXL4P_UDt4NVDsMJLa2jw5dq33h7fpMD2LN5qh_VLq2GwxUCstLo0zvYzgaJ5t2d0E1HeGwfvPvDAMxa59zjei9TKK4kiUtUewJnCDYsAr8s0Unj-KtjhRsglwjJ_q_gwccmNWyQU38Vd71u76I-N_wKVIckrfbOHI5VHcLjJLzTHJc3oaSOMYLI3h2qOurrPQiW9-p9r2jFg7HRNap-0n4TfJfB3c-0w4UJ7OEvfWN3CgAW7y_K5E1MOAaYOFpjJwMP8Rsn_dv6SQGCrtpgkPUk-I69jVGFW3PYqYgoQdPY6eBgLUbY2L4BrF8M8qT50qnE89t_qlkGqyeLlLJXeFJl5CiBdOi1eSwv1D4ymNc3S7iK2hu3vVIurQ1mQduJfJn0CrzIvsVy7-TCRuKRdWtyjCc6ialypf1aNy0sNENctR2rlA9Rq-9DLK7ecKnzcaKTLq7v59qx2GSzy7dTXu5IQs3GqEzM9c2yZzoBmZ0BtyWepIT5tP1PrRxq0Ce_KTiB-ZeDyGZIlitQURdBPsN_sWrChZm3WsNDVeO9Bm4zwuXg6AWc9ATfC4WVg-7TydmBmxelue_7JX2PPx-NOW0Oy74g9YzXk3VgvyeBwIN7ZQUy_F5Gm2VhWK6E_FDQt0sm-muPxIrEsUj6W6RVtmN4rfikTApmsgJj2-wmIJgdKQ38bmEZz661DV6eOB6pKpEQ3ACHHExwRhZ6Fy79NCJxG0AUPV__nEajc7TJJCe38H2wV6J9pDNnRDl3Q6R9OPr0RqhXqbI0oOIWyNbqUMdB-rANkz1atzh934XVd2b3RS1xiz9_XKhvraGNtkBbSO43Xw4eWn083DEswuxsu-1CRA-4rKRKj1zNQUFnaGlcRdJF8I0bIzyydSfsHtg_KJkJKeM7zsGoWFn0xkglCjDOhCgZmQsb5F8OOVOPDnVaso9ZILSS1_Q6KgUg7CeFcQzDt7kSlyoqrjbHgoAkp7b7dKfFcC35y3IWjh5ELQ5lZ_MhHEPQU3lTzQIo2Ni8wRf03ywSj6719TlR7_-rum1KigGtfs7dbHB_hNslPgCid1l2MR517Do23J4jVwZBpryR19K_YyYKJIqE6C10U2qtvgABdHnvfqnMVq1LGuuQhAm0rYHCw-gEwvHZMXoMZVE4vrmj6Jf8GZ8gEA72ZRE9FLjPDnNnLA6vCT4y2ZJOJjL0TRRHuBT_Gl9ukEbLZMu2DYogrUQRm74vRC5BeJ8Y4Di5-TTb7MTwgBYRXF3ErcqSvUAvsQyBZJXpL_Kbe2MUKNDXihhq8Smn9CEnL8OUaVJvp9vx6WjiiwuGz6mU4-ryJRWW30rWVBLgu3YQZh2uP8R7Ky-wZtYsnHcvJXVVJe6Y_2ZBKBKcGSz2ZgU_DAjGf6K8m-52Su3p7GLVmB_7N5tLZU5c97H4g8ZN1aWmuRLtDLkAGG1rYR31EajqN5QIv_9NaKXnltDTSZCmj3R9hJpNr5aRLxgh8XcqySjUqsIB9SHIzAJn5A5iAiBviNmaOxVe6rfCZYnU1g55r3nG3sSQsQej9QWhxvIAzxzZR4-JOifFcKSnFSQ&cid=CAASEuRo22oHSDAor0F2ltav1p5iMQ&rfl=2%2Chttps%253A%252F%252Fwww.sunnewsonline.com%252F%240
Frame ID: A6EA3E59B50A3E8FB3BCAF4757D332D9
Requests: 15 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html
Frame ID: C320847B26B595685D2C733D00B4A69B
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
Frame ID: B32A138D6D854344E001F5BFF7CFB850
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14129977134126465024/728x090.html?e=69&leftOffset=0&topOffset=0&c=gVkYHoJ33e&t=1&renderingType=2
Frame ID: 90C35FCF035A4449918D75403AF83CD0
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4536F46E4F6551CE5FAF76CC03CD9231
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B3888A04AC54BF739C824A050208BB59
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
Frame ID: 4BC03786DCDC042E7A9088CC5830104B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
Frame ID: 1B564A2C60CC1DFE3ADDE5689048771B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
Frame ID: 42256F32B2FCEA94365342C50B17B4C6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2B08718E4E5C78305ADA048F37EF80AA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DAEADD593D5B36973D45C5B983F11C46
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
Frame ID: 70AE7A5FF65D3BDA4B4D94F7ADDF184D
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
Frame ID: 5740A6982C254C5C745DCE29527F41AB
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5E8188FE479634B84375C7A8FBE10D87
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C51965816C8D807FC59600324731428E
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html
Frame ID: F67B837C2E282163C66FED983BD18379
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
Frame ID: 7FA6CDBB4E1C701259E64D7E13FC8E46
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AA04D2938B417BAF9F4867ACD0E33D43
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 39E5ADF86DA1D789848CA083B1D078A3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3D855FE7AF460E1B298301D7EBBF92B7
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D288D63C72AA3E0D1E47FD6F30CEE9EA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1649E7D13A986F88532F957DC36BCB1F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F12121218F11816E04EB8448AFFFDA97
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3ACD464A-A328-4DF4-8F1A-0DD8945657AC
Frame ID: 4BF10741D468CF36A8E3858F2FF5E0CF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1790455566403472678
Frame ID: 82BCD50DBC7FF95EEDC41686EC1A48CA
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 7C169F0E982CB4EB39CBA186691DEBF8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7041265867236767896
Frame ID: 03E2F55DE0908DE087468CBC8495B806
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A5BF822BD7FBE95AB6E3B64E008236BE
Requests: 3 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 75B671AA40B186EB23BCFE647FCE5FD3
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html
Frame ID: D1717D7A77E924E1520D0A434FBBE69A
Requests: 53 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 03349301D8CD512CA8F928561E8FACC2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
Frame ID: 255269FE731B07F355779E7CF0CE2620
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_25214542.js
Frame ID: 2CA5AEF6B07440E1932CFA465B5936C3
Requests: 9 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422462248,,
Frame ID: B5B883B7A8138CEBC6AC4798B7C8B009
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5B786DC78D29E3D2B98142907DE1A427
Requests: 13 HTTP requests in this frame

Frame: https://banner.vdo.ai/shelter-dogs/300x250.html
Frame ID: 79EBB782525484E2E7B76722BCB8E594
Requests: 4 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbeaAgAL0Bn6mABG&gdpr=0&gdpr_consent=&_test=YbeaAgAL0Bn6mABG
Frame ID: 0C5CB0FFF878998F7627DC8E360BCE77
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAKeek7DbzQAAD1DgdIPyg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2
Frame ID: B9B20BF167E5F901835E7AF768B43FB0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1f9ab7a2-77b3-4762-8294-e8b0be90fe4c-003
Frame ID: AEA4F18574F014B1AC0756DCCCC7CF5A
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422462248,,
Frame ID: 6ABCE6B415580268E119DAFFE6BF18B2
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D28C82D7B518F25E0134E4B12DA835B1
Requests: 6 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 1F1205AD2ECD3A1E700BB140BAAFE6C4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vpZ4P16DSmpCOB0B3AkRzrnoF7Q
Frame ID: D635941C1EE7F1F728ED16BA9D7F5570
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2HgDlJ61k0lPGnzsWU4HX-f7
Frame ID: 650144B4F13828EFDE1EE1C9BF4975E6
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 69D8837567108BC3A12A0A8A89DF2C06
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 55F005DF70FEA707C5BA0BCBCBFC1E9E
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 0B02B331CE64010D91A6A748CA757798
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3561ddb8-9d66-434e-9c26-05202515e1b0-tuct8b11f82&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 92CD1EDE17448ECF22CF9D97F02B73BA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 12F5297AE6A3D6B07645784517AC55D8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5B2A453564884FBD590BA166111A61BC
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159175
Frame ID: B4A771888FFA353780F4E0DAAE81322A
Requests: 4 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 727023C19FCFE6B14C8FE8742C207A0E
Requests: 3 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 286D488730B7E3C22A1C516F02FA312D
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 955B45E70FCAA57EAD7102D895A11D1D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:CIJXfyNx1MWQFQ5&gdpr=0&gdpr_consent=
Frame ID: 38C552445BC8F68196CF07F1A4B744DB
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 95DD4B4B9B590AB78765FD9025A3591C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BC645DDB5A294CCFBD7267F3192E45F7
Frame ID: 3BD1E153CB41795902CBDD221D1D121A
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 5D51E977C494CEB46C9DB26D7EAD1D81
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 977EDDBC1F7E8E4F6F461873BD01288E
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: B56F9A49EE0692B39C74F820D05E7047
Requests: 6 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C840318329758672676211549407%2C%2C
Frame ID: 2721A2731783DB17A6D1EFA9281E6F6A
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0F1E6DAAA92861C3AA410E07785FF475
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 74EE4A24BA13E5BC5A137FCAFFEC609F
Requests: 6 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_25214542.js
Frame ID: EE7B759B8DFA891AD00D4CA14CEC954A
Requests: 9 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422468651,,
Frame ID: 196F7C84FA900EE3AFC26AE79C5B5650
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F25FDA519A3D19B2E1C19F64AC1AD052
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422468651,,
Frame ID: 311EE75AEF7D8AD23F6A16FD6BE3040F
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5BAE8748F82DE2CE07D8AB2514DB18CE
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: D2450C8552E4527261F8B635C5702B64
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 7EF73E070FA25B1E17321DCFE29365D6
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 3A764BD175AB29E8BDB792DACA0AD729
Requests: 6 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C6932050710290808963750295609%2C%2C
Frame ID: D31752F93D1DA8018643DB4EEB7CB780
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2F853200DD03FD1EE8CE4E5AE3991AA6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 9499E532825522FEFBEF4C1CC0710198
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_25214542.js
Frame ID: 1F5F5B97CBEF0EE6D12BDA45582A5937
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422473046,,
Frame ID: 4E5A42D00C884BA4C3F606B20C748F42
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8BB1396B333F300EC99585839D0B4EF8
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422473046,,
Frame ID: EB0582273F64A60A5506E0CBA345B579
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3180AB4BD4D0ACC71D173083CFBAD5FE
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 46B89F806786C1BCBE4CD90A2B168C21
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 50058D782FFBCA6EE53A4C13E9CAB093
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 4FBAE64B9803D9DCC8AF17EA70330F7B
Requests: 7 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C6780525908916153533550592743%2C%2C
Frame ID: 124E4215C92A6ED71BE74841C01C8685
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6B254428CA9BD536258DB2105C2EFA67
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 1F6F891E601C78EF15138B5A3CE45D70
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_25214542.js
Frame ID: 59F11E9C738A4B465885ED5249738477
Requests: 7 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Frame ID: 7D85952045E8E3CE03B4D3CD7E081CC2
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 71055FABC39DC6FE1F80557B12F2DD91
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Frame ID: 81BD5D0050129F70D1A28CA23E66FA2A
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 504A0F639FC3AA79425B5D82FA246B46
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_25214542.js
Frame ID: 18A5C988CE1CBD6ECE1BF181CCD80A2D
Requests: 8 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Frame ID: 8AB149ADB264D7E203F1B4A0D4F1691C
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E3C5A89D8BD23CFDCFD9617BCC7318B1
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Frame ID: 8C0E7BBD90D9822266C67C50D6FEC937
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 55E549077FAA8A305BDF8EE559AF3260
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 0C7829DD1504DD36AC38B1D67BDF151F
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 0D902D2A17A548092D5A5ED71DBA4CB1
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 7D761C059B6CE828B4F455B7389B7FFC
Requests: 6 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C53005068373967677021014429761%2C%2C
Frame ID: 3E760AB874D84C7604396BB4A0D3337B
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8304EF82E0267433A93651A62D81E924
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: F7F7DBACE610E5A85E260547BCA4AD27
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_25214542.js
Frame ID: 56F9C81338576AB7B2C23D0161A19F7D
Requests: 6 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422483471,,
Frame ID: 4E2E692DD6AC87E4C5B1D5F68B25C052
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 91B1750AA1315274E81E2EDC8C857B92
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: D0CFF527AC038AEEBD950B995F1133B4
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 8CFA9F2932A1F8809FD1991B8AFCC5B0
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 87A4B5F0A55AD43C38C767E0DE11BFFF
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C11919726063254499851945929577%2C%2C
Frame ID: A299E625B671A95666BB2CE99DE663A1
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6B86F77411351D23CED7483F39235193
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: F91D6BF2BDDDABB5B949EF6659B028DC
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_25214542.js
Frame ID: 683D8481A58F41846B53E01E8840EA82
Requests: 6 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422487098,,
Frame ID: 529C6DD93D84479947CAB51976D32668
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7BB71059896B82FCD065699934D37968
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422487098,,
Frame ID: 6A0D6247AC7AC286121D2B60E0012131
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7943AF1547719B13799BCBC504E1D8C6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Sun Nigeria – Nigeria news national tabloid newspaper

Page URL History Show full URLs

http://www.sunnewsonline.com/ HTTP 301
https://www.sunnewsonline.com/ Page URL

Page Statistics

1196
Requests

85 %
HTTPS

31 %
IPv6

84
Domains

135
Subdomains

86
IPs

14
Countries

12894 kB
Transfer

31255 kB
Size

148
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://vdo.ai/?utm_medium=video&utm_term=sunnewsonline.com&utm_source=vdoai_logo

Search URL Search Domain Scan URL

URL: https://app.thenewspaperstand.com/create_account

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=2NZjTJiWqtY
Title: Gunmen attack Police Headquarters in Abia, kill Inspector

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=k_NYydDsN9E
Title: How has the cost of bread and other commodities affected you? 00:02:07

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=AKvraLxVaHA
Title: Pastor nabbed for raping pregnant woman in Ondo 00:01:08

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=n8zSinya_uY
Title: Wike to FG: Show evidence of money borrowed 00:01:08

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=K3qrKyvdCGE
Title: Landlord’s son arraigned for allegedly stabbing tenant with bottle 00:01:22

Search URL Search Domain Scan URL

URL: https://www.facebook.com/thesunnigeria/

Search URL Search Domain Scan URL

URL: https://twitter.com/thesunnigeria/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC2cJnYydeAFBVAhT4L0ojZg

Search URL Search Domain Scan URL

URL: https://sunnewsonline.com/feed/

Search URL Search Domain Scan URL

URL: https://sunnewsonline.com/
Title: The Sun Nigeria

Search URL Search Domain Scan URL

URL: http://netsera.com.ng/
Title: Netsera

Search URL Search Domain Scan URL

URL: https://feedify.net/?utm_source=referral&utm_medium=PoweredBy&utm_campaign=https%3A%2F%2Fwww.sunnewsonline.com%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheSunNigeria/

Search URL Search Domain Scan URL

URL: https://twitter.com/thesunnigeria

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.sunnewsonline.com/ HTTP 301
https://www.sunnewsonline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://sunnewsonline.com/wp-content/uploads/2018/12/thesunnews-logo-latest.gif HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2018/12/thesunnews-logo-latest.gif

Request Chain 88

https://sunnewsonline.com/wp-content/uploads/2021/12/Screenshot_20211213-064109_Word.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Screenshot_20211213-064109_Word.jpg

Request Chain 89

https://sunnewsonline.com/wp-content/uploads/2021/12/Screenshot_20211213-064304_Word-168x300.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Screenshot_20211213-064304_Word-168x300.jpg

Request Chain 90

https://sunnewsonline.com/wp-content/uploads/2021/03/the_sun_epaper_advert_2.png HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/03/the_sun_epaper_advert_2.png

Request Chain 105

https://sunnewsonline.com/wp-content/uploads/2021/12/thumbnail-3.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/thumbnail-3.jpg

Request Chain 106

https://sunnewsonline.com/wp-content/uploads/2021/11/wilfred-ndidi.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/11/wilfred-ndidi.jpg

Request Chain 107

https://sunnewsonline.com/wp-content/uploads/2021/09/Nigerias-Falconets-e1632498652334.png HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/09/Nigerias-Falconets-e1632498652334.png

Request Chain 108

https://sunnewsonline.com/wp-content/uploads/2021/12/Sailing-copy-750x461.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Sailing-copy-750x461.jpg

Request Chain 109

https://sunnewsonline.com/wp-content/uploads/2021/12/IMG-20211211-WA0121.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/IMG-20211211-WA0121.jpg

Request Chain 110

https://sunnewsonline.com/wp-content/uploads/2019/02/54346ed2-gernot-rohr-750x407.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2019/02/54346ed2-gernot-rohr-750x407.jpg

Request Chain 111

https://sunnewsonline.com/wp-content/uploads/2021/12/IMG_20211210_155134_471-300x135-1.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/IMG_20211210_155134_471-300x135-1.jpg

Request Chain 112

https://sunnewsonline.com/wp-content/uploads/2021/12/IMG-20211211-WA0097-750x537.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/IMG-20211211-WA0097-750x537.jpg

Request Chain 113

https://sunnewsonline.com/wp-content/uploads/2020/10/victor-moses-spartak-moscow_1dpxfaociziop1l48ztx0xgm8q.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2020/10/victor-moses-spartak-moscow_1dpxfaociziop1l48ztx0xgm8q.jpg

Request Chain 114

https://sunnewsonline.com/wp-content/uploads/2021/12/Untitled-24.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-24.jpg

Request Chain 115

https://sunnewsonline.com/wp-content/uploads/2021/12/Untitled-25.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-25.jpg

Request Chain 116

https://sunnewsonline.com/wp-content/uploads/2021/12/medium_2021-12-09-75d7ca6090.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/medium_2021-12-09-75d7ca6090.jpg

Request Chain 117

https://sunnewsonline.com/wp-content/uploads/2021/12/Vicente-Ferna%CC%81ndez-750x563.jpeg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Vicente-Ferna%CC%81ndez-750x563.jpeg

Request Chain 118

https://sunnewsonline.com/wp-content/uploads/2021/12/Indias-Harnaaz-Sandhu-is-announced-as-the-new-Miss-Universe-2021-during-the-70th-Miss-Universe-pageant-Monday-Dec.-13-2021-in-Eilat-Israel.-AP-PhotoAriel-Schalit--750x500.jpeg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Indias-Harnaaz-Sandhu-is-announced-as-the-new-Miss-Universe-2021-during-the-70th-Miss-Universe-pageant-Monday-Dec.-13-2021-in-Eilat-Israel.-AP-PhotoAriel-Schalit--750x500.jpeg

Request Chain 119

https://sunnewsonline.com/wp-content/uploads/2021/12/Untitled-2-8-350x250.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-2-8-350x250.jpg

Request Chain 120

https://sunnewsonline.com/wp-content/uploads/2021/12/Untitled-1-9-200x250.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-1-9-200x250.jpg

Request Chain 121

https://sunnewsonline.com/wp-content/uploads/2021/12/Big-Brother-Africa.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Big-Brother-Africa.jpg

Request Chain 122

https://sunnewsonline.com/wp-content/uploads/2021/12/SON-OF-IMO.png HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/SON-OF-IMO.png

Request Chain 123

https://sunnewsonline.com/wp-content/uploads/2021/12/movie.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/movie.jpg

Request Chain 124

https://sunnewsonline.com/wp-content/uploads/2021/12/Untitled-20-1-300x250.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-20-1-300x250.jpg

Request Chain 125

https://sunnewsonline.com/wp-content/uploads/2021/12/Untitled-21-1.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-21-1.jpg

Request Chain 126

https://sunnewsonline.com/wp-content/uploads/2021/12/Untitled-22.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-22.jpg

Request Chain 127

https://sunnewsonline.com/wp-content/uploads/2021/12/Untitled-23-350x250.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-23-350x250.jpg

Request Chain 128

https://sunnewsonline.com/wp-content/uploads/2021/12/Untitled-19-1-300x250.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-19-1-300x250.jpg

Request Chain 143

https://sunnewsonline.com/wp-content/uploads/2020/11/2-1-12.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2020/11/2-1-12.jpg

Request Chain 154

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3462075458361632950

Request Chain 163

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCr6PbFiwEQnQkYnQkyCKuj71APLB1M HTTP 301
https://tpc.googlesyndication.com/simgad/16954104317476786032

Request Chain 176

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886

Request Chain 195

https://sunnewsonline.com/wp-content/uploads/2021/12/IPOB-Leader-Nnamdi-Kanu.jpeg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/IPOB-Leader-Nnamdi-Kanu.jpeg

Request Chain 196

https://sunnewsonline.com/wp-content/uploads/2021/12/IPOB-Leader-Nnamdi-Kanu-120x86.jpeg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/IPOB-Leader-Nnamdi-Kanu-120x86.jpeg

Request Chain 197

https://sunnewsonline.com/wp-content/uploads/2021/07/gunmen3-120x86.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/07/gunmen3-120x86.jpg

Request Chain 198

https://sunnewsonline.com/wp-content/uploads/2021/12/images-2-120x86.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/images-2-120x86.jpg

Request Chain 199

https://sunnewsonline.com/wp-content/uploads/2021/12/Hadi-Sirika-120x86.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Hadi-Sirika-120x86.jpg

Request Chain 200

https://sunnewsonline.com/wp-content/uploads/2021/12/Ghaali-Umar-Naaba-300x350-1-120x86.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Ghaali-Umar-Naaba-300x350-1-120x86.jpg

Request Chain 201

https://sunnewsonline.com/wp-content/uploads/2021/12/pjimage-18-2-120x86.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/pjimage-18-2-120x86.jpg

Request Chain 202

https://sunnewsonline.com/wp-content/uploads/2021/09/efcc-edited-120x86.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/09/efcc-edited-120x86.jpg

Request Chain 203

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

Request Chain 204

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=849032616.83711211527440386.34458625 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=849032616.83711211527440386.34458625 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3D80dcca2c-d676-49f5-a23a-0eb8ac5bfab6&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=b8be61b7-99fe-4d00-bc17-b53262889e6e&expires=30&ssp=vidoomy&bsw_param=80dcca2c-d676-49f5-a23a-0eb8ac5bfab6&gdpr=&gdpr_consent= HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=80dcca2c-d676-49f5-a23a-0eb8ac5bfab6

Request Chain 206

https://sunnewsonline.com/wp-content/uploads/2021/12/265717848_129281402873069_4676259019752207854_n-360x180.jpeg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/265717848_129281402873069_4676259019752207854_n-360x180.jpeg

Request Chain 207

https://sunnewsonline.com/wp-content/uploads/2021/12/Plateau-120x86.jpeg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Plateau-120x86.jpeg

Request Chain 208

https://sunnewsonline.com/wp-content/uploads/2021/12/Ogun-pensioners-120x86.jpeg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Ogun-pensioners-120x86.jpeg

Request Chain 209

https://sunnewsonline.com/wp-content/uploads/2021/12/sen-Gyang-120x86.png HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/sen-Gyang-120x86.png

Request Chain 224

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 236

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCr6PbFiwEQnQkYnQkyCKuj71APLB1M HTTP 301
https://tpc.googlesyndication.com/simgad/16954104317476786032

Request Chain 295

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886

Request Chain 297

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOA7z96ulZdzSDOJNBcfpAY&google_cver=1

Request Chain 298

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbeZ-x.qV.BQvM.QozvQXAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOA7z96ulZdzSDOJNBcfpAY&google_cver=1&google_hm=2

Request Chain 299

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFglTXMH3SwfrBPr_N3sA_E&google_cver=1

Request Chain 300

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ3NDM3ODE2ODA1NzI3NjM2Ng%3D%3D

Request Chain 320

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBvoa9isksice5iFsG0qBXw&google_cver=1

Request Chain 322

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEJBTJgS7vT2SpzuKKgfiXkE&google_cver=1

Request Chain 367

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 370

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJWSfoBYGYL_nn3eBPPZ_2-SbDVNsCAuDRta1GHgabSOJmLqa9VlvU9ZXdUXEBUn5szkKbt24xv0cWkPfTG3NuptXb8Mx0&google_gid=CAESEGa7da071TBOdkBqRWl_9uU&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCP-z3o0GEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBKV1Nmb0JZR1lMX25uM2VCUFBaXzItU2JEVk5zQ0F1RFJ0YTFHSGdhYlNPSm1McWE5Vmx2VTlaWGRVWEVCVW41c3prS2J0MjR4djBjV2tQZlRHM051cHRYYjhNeDA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwU1QwUEdYYjQ2Uk5Kdl83OUFtdElmZ1ZqUGNGMHVKZW9kV004MlQ5Skctcw==&google_push

Request Chain 371

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKRUWduvN5CZVK3vKyPFItrnXfikXO4w-_7Bc15z4fUVu9V_CZrmt3EZ5wNeB0p02g7WhO19Vq6EICWBJiEyqG0uUEXqUk&google_gid=CAESELct3f0CFbWmNdzalAjQ7Hc&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKRUWduvN5CZVK3vKyPFItrnXfikXO4w-_7Bc15z4fUVu9V_CZrmt3EZ5wNeB0p02g7WhO19Vq6EICWBJiEyqG0uUEXqUk&google_gid=CAESELct3f0CFbWmNdzalAjQ7Hc&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMTMxOTA3NDQwMDAxMjc4OTk3NzcwOQ%3D%3D&google_push=AYg5qPKRUWduvN5CZVK3vKyPFItrnXfikXO4w-_7Bc15z4fUVu9V_CZrmt3EZ5wNeB0p02g7WhO19Vq6EICWBJiEyqG0uUEXqUk

Request Chain 373

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKubkYYFa6MFsAgUTgJMTCo&google_cver=1&google_push=AYg5qPKomPfrYWjQC7gatn3w4GCW_DaC9eqWX2lT4RuJWS4v0BIZSYv7LQhF8hD1ngx73EGN6Xbd7b_ldQjpEreeB2aArIjHwUn4 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKubkYYFa6MFsAgUTgJMTCo&google_cver=1&google_push=AYg5qPKomPfrYWjQC7gatn3w4GCW_DaC9eqWX2lT4RuJWS4v0BIZSYv7LQhF8hD1ngx73EGN6Xbd7b_ldQjpEreeB2aArIjHwUn4&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Os1GSqMoTfSPGg3YlFZXrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKomPfrYWjQC7gatn3w4GCW_DaC9eqWX2lT4RuJWS4v0BIZSYv7LQhF8hD1ngx73EGN6Xbd7b_ldQjpEreeB2aArIjHwUn4

Request Chain 374

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDZM06DlmOlibyARiaIiwM8&google_cver=1&google_push=AYg5qPJ91dMeoqhlbb3ava_DhBa4-IeXGHLjgvFScCJPsedDhlG0-Oost8ZKxZv_3nVTdr-ldyit3rgnRyh2O8LPHvJ0_lMFMZw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQxQUUtMjYtOFpE&google_push=AYg5qPJ91dMeoqhlbb3ava_DhBa4-IeXGHLjgvFScCJPsedDhlG0-Oost8ZKxZv_3nVTdr-ldyit3rgnRyh2O8LPHvJ0_lMFMZw

Request Chain 375

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_cver=1&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1

Request Chain 379

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEK7vdGLq5oNJ0CJZKY2VyYA&google_cver=1&google_push=AYg5qPINH77EIyPJuxy63bYG5LFsS-fa5aoreTXjaLM-fQXdC2k5VWV_sZOEQ9ms0zDCpfPXhftEq23evw5dEOTUmf1Vn5PaCOQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEK7vdGLq5oNJ0CJZKY2VyYA&google_cver=1&google_push=AYg5qPINH77EIyPJuxy63bYG5LFsS-fa5aoreTXjaLM-fQXdC2k5VWV_sZOEQ9ms0zDCpfPXhftEq23evw5dEOTUmf1Vn5PaCOQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=418SZD5RRQGVgO0B5qokUg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPINH77EIyPJuxy63bYG5LFsS-fa5aoreTXjaLM-fQXdC2k5VWV_sZOEQ9ms0zDCpfPXhftEq23evw5dEOTUmf1Vn5PaCOQ

Request Chain 380

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELtX9bKpRH1XdGXVXuFfntI&google_cver=1&google_push=AYg5qPIAfruZtn4foqVNoJOYIGtnVLHy5lwFS6k1-zAup45HEqK67HEbU_mUtkwzKfhyiuao1nybMDNs86B6sikXECsFHUI4pdIU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQxQjgtRi1IVERG&google_push=AYg5qPIAfruZtn4foqVNoJOYIGtnVLHy5lwFS6k1-zAup45HEqK67HEbU_mUtkwzKfhyiuao1nybMDNs86B6sikXECsFHUI4pdIU

Request Chain 381

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8

Request Chain 383

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMdmSiORPt5BCFd023hbeK8&google_cver=1&google_push=AYg5qPKR7ug5y_KrNeEJlTT-bYpUz8_tWafaM27sF3w4urkeSLC3tXzuiq0opUfc8D7x8DAYQPr5eI8njIDqcopZZsIPfUJE1veu HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKR7ug5y_KrNeEJlTT-bYpUz8_tWafaM27sF3w4urkeSLC3tXzuiq0opUfc8D7x8DAYQPr5eI8njIDqcopZZsIPfUJE1veu&google_hm=

Request Chain 385

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECxtF4d1ejSjVyS3YRRI5bY&google_cver=1

Request Chain 386

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=f367d018-5c47-11ec-b75f-132476d60506 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZjM2ZTFlZGItNWM0Ny0xMWVjLTg2MzctMTBhMGNjYTgwMTA2

Request Chain 391

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECxtF4d1ejSjVyS3YRRI5bY&google_cver=1

Request Chain 392

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=f36d9eba-5c47-11ec-91b7-18c6427b0206 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZjM2ZTFlZGItNWM0Ny0xMWVjLTg2MzctMTBhMGNjYTgwMTA2

Request Chain 395

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECxtF4d1ejSjVyS3YRRI5bY&google_cver=1

Request Chain 396

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=f36e1f30-5c47-11ec-8637-10a0cca80106 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZjM2ZTFlZGItNWM0Ny0xMWVjLTg2MzctMTBhMGNjYTgwMTA2

Request Chain 398

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 492

https://c1.adform.net/serving/cookie/match?party=14&cid=3ACD464A-A328-4DF4-8F1A-0DD8945657AC HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3ACD464A-A328-4DF4-8F1A-0DD8945657AC

Request Chain 493

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1790455566403472678

Request Chain 495

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7041265867236767896

Request Chain 496

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Os1GSqMoTfSPGg3YlFZXrA%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 497

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b8be61b7-99fe-4d00-bc17-b53262889e6e

Request Chain 499

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0FDRDQ2NEEtQTMyOC00REY0LThGMUEtMEREODk0NTY1N0FD&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 500

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKfK0JqYzDbpCRDDiFVvPTo&google_cver=1

Request Chain 502

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b8be61b7-99fe-4d00-bc17-b53262889e6e&gdpr=0&gdpr_consent=

Request Chain 503

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 504

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=

Request Chain 505

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3474378168057276366&gdpr=0&gdpr_consent=

Request Chain 510

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEC9V4nskUI8zY5BPE1rRpE0&google_cver=1&google_push=AYg5qPIKv_7BcxVez1Qj_X3PA4PB1ZIbflmFHWVx3e6D-HkmTzkapsQSYXSbxK3VTETYNnypiA2HjpSfZqb-Z93s35nOxC5wJp32 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=uL5ht5n-TQC8F7UyYoiebg&google_push=AYg5qPIKv_7BcxVez1Qj_X3PA4PB1ZIbflmFHWVx3e6D-HkmTzkapsQSYXSbxK3VTETYNnypiA2HjpSfZqb-Z93s35nOxC5wJp32

Request Chain 511

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFDcw4PCXoUf2mlY0BH7l6w&google_cver=1&google_push=AYg5qPLCTPcMog-iOIUhNkfeAFeEBpDkyz3lq8HTQOArGH36YmeI-QkMBTXViKZ3TkCqLNstwjiPCOUq_soskRqevRL02BxTKWcj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLCTPcMog-iOIUhNkfeAFeEBpDkyz3lq8HTQOArGH36YmeI-QkMBTXViKZ3TkCqLNstwjiPCOUq_soskRqevRL02BxTKWcj&google_hm=HYwLUGeIRAOJqBDIOJspk7Q

Request Chain 513

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEF4Y8O9TCCs0oX2zWnZjzqU&google_cver=1&google_push=AYg5qPKnZfuFmb8KLAeDbs4rLEHxAyP96k_zuOKZAIaDGqGotmfRPxTjvjSD8EPnTloN2COMBLVI1IZGOCrnGS2ov_eNsErRpElM HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEF4Y8O9TCCs0oX2zWnZjzqU&google_cver=1&google_push=AYg5qPKnZfuFmb8KLAeDbs4rLEHxAyP96k_zuOKZAIaDGqGotmfRPxTjvjSD8EPnTloN2COMBLVI1IZGOCrnGS2ov_eNsErRpElM&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=OSh68-_37nvO2HNbsNEw9Q&google_push=AYg5qPKnZfuFmb8KLAeDbs4rLEHxAyP96k_zuOKZAIaDGqGotmfRPxTjvjSD8EPnTloN2COMBLVI1IZGOCrnGS2ov_eNsErRpElM

Request Chain 514

https://d5p.de17a.com/cookies/google?google_gid=CAESEC7tyGqamZDB6zT4FNRO3r4&google_cver=1&google_push=AYg5qPI10WNmMCTt9kNT_4-AQLKODNSX1qWsZuKVoh67ZjcPLKW8qPPimb6HG9DW0b2VxMms4fzFVaGGNSUIn9CWmRAm0d-nGR5w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPI10WNmMCTt9kNT_4-AQLKODNSX1qWsZuKVoh67ZjcPLKW8qPPimb6HG9DW0b2VxMms4fzFVaGGNSUIn9CWmRAm0d-nGR5w

Request Chain 515

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFcl2I0QqJ_T6XTK9VhSgJs&google_cver=1&google_push=AYg5qPJ36gERgLqza85NEDLK2HlJXEoXHw6gNQNWUNQH51grFYB8DCc6yyFUdmZSmtBio04y_UUJYZtyFksSY9wnKtOLm-6_oEk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM3OTczNDYwMzE5MTc0NDI5NQ&google_push=AYg5qPJ36gERgLqza85NEDLK2HlJXEoXHw6gNQNWUNQH51grFYB8DCc6yyFUdmZSmtBio04y_UUJYZtyFksSY9wnKtOLm-6_oEk

Request Chain 516

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESECLdKhFNubRwDWCmI8wrG-s&google_cver=1&google_push=AYg5qPJWoYv2lJYJnsp9FQk80lNr7kwF_diasxlB2JRw_KMyTyF-L8AT9WcpmmxonNilOlBqjRIvqW237jlObAcg9P9kJEnSMWA HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-1f9ab7a2-77b3-4762-8294-e8b0be90fe4c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPJWoYv2lJYJnsp9FQk80lNr7kwF_diasxlB2JRw_KMyTyF-L8AT9WcpmmxonNilOlBqjRIvqW237jlObAcg9P9kJEnSMWA%26google_hm%3DAx-at6J3s0digpTosL6Q_kw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJWoYv2lJYJnsp9FQk80lNr7kwF_diasxlB2JRw_KMyTyF-L8AT9WcpmmxonNilOlBqjRIvqW237jlObAcg9P9kJEnSMWA&google_hm=Ax-at6J3s0digpTosL6Q_kw

Request Chain 521

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKSe3CxDYWfm6NyUPTZmaqk&google_cver=1&google_push=AYg5qPJHr75ipDYb71D2WKO2e17S2jUVr063QHJpu3mjHVsTpsTz-rfuWeXtyI5lQ4W-5ReZHCIADWxqwGS8wFMDpZY0d08QmrM HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJHr75ipDYb71D2WKO2e17S2jUVr063QHJpu3mjHVsTpsTz-rfuWeXtyI5lQ4W-5ReZHCIADWxqwGS8wFMDpZY0d08QmrM&google_hm=6ZD2KFUZ0bgd9FC6Jd-DBw

Request Chain 522

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLL-E6K_sSkCSAMJqZmVJSCsuZ2_0XO6ispxbDE3h2AokI72iVEoiTHcaGOsG9xMPisd46R2P04MPOlJ8g8rXSmcygpE9zf&google_gid=CAESEIQQQ37hmemWJcfmbV5gdDM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWJlYUFBQUFBVnJ0ZmxrVA&google_push=AYg5qPLL-E6K_sSkCSAMJqZmVJSCsuZ2_0XO6ispxbDE3h2AokI72iVEoiTHcaGOsG9xMPisd46R2P04MPOlJ8g8rXSmcygpE9zf

Request Chain 524

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKGi9quQv15FFaqruhVncwU&google_cver=1&google_push=AYg5qPI8lo6pjZuzIumz6eDKA2xpy1ShoIz3L2R5auyupUUL-2m4yJa9OND6xhkPLiQQOsxif7FwQB-Iqx_KFP6ZZQBM9ueopYJj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Os1GSqMoTfSPGg3YlFZXrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI8lo6pjZuzIumz6eDKA2xpy1ShoIz3L2R5auyupUUL-2m4yJa9OND6xhkPLiQQOsxif7FwQB-Iqx_KFP6ZZQBM9ueopYJj

Request Chain 525

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOup3tButHbE_x7jMTO3Pjc&google_cver=1&google_push=AYg5qPLgNBCHSQ13xj0dlLcUyZMgFP0_P-C7LRjcZ8rSXdEzOgtzg6w-0F4se8daMRZXGBrVMHd5R2RvllkQ2fySozPlP4mgcab4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQxUlktVi1FSkFY&google_push=AYg5qPLgNBCHSQ13xj0dlLcUyZMgFP0_P-C7LRjcZ8rSXdEzOgtzg6w-0F4se8daMRZXGBrVMHd5R2RvllkQ2fySozPlP4mgcab4

Request Chain 526

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1

Request Chain 527

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMgIDRnXPGnqFMdqOuaDRwo&google_cver=1&google_push=AYg5qPIIU6Qh4iC5Tjn9ZqlsvrYTVWHtgAqxuwe91z-J1u26smF5bhTP--eLG3yb795wTvIcbnQnv2C4KZCbrOiWbeP8hOP5jr03 HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIIU6Qh4iC5Tjn9ZqlsvrYTVWHtgAqxuwe91z-J1u26smF5bhTP--eLG3yb795wTvIcbnQnv2C4KZCbrOiWbeP8hOP5jr03&google_hm=

Request Chain 543

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFb5izSimeyWDuKFGqFcEG8&google_cver=1&google_push=AYg5qPIJGBttyiKrTSNoBk3a-UbPHVNuigPM2lA27epY4OIhMteQ3CP6TOfeLcjISnWWZchqXFzuDeZBwv9ZaQZR5hGPDE1BOTc HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIJGBttyiKrTSNoBk3a-UbPHVNuigPM2lA27epY4OIhMteQ3CP6TOfeLcjISnWWZchqXFzuDeZBwv9ZaQZR5hGPDE1BOTc&google_hm=6ZD2KFUZ0bgd9FC6Jd-DBw

Request Chain 544

https://d.agkn.com/pixel/2175/?google_gid=CAESED3sSr0D4fxCFZlPmOtv3Gs&google_cver=1&google_push=AYg5qPJ3dHpsnN_3x_YvPML6tcC7z0fj9hTIGRGEx1Q8DWGTuF3twKv-2AgrrDGN8MiG890RNdjGt-fvnfPm7f1bqwgigp1OJg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ3dHpsnN_3x_YvPML6tcC7z0fj9hTIGRGEx1Q8DWGTuF3twKv-2AgrrDGN8MiG890RNdjGt-fvnfPm7f1bqwgigp1OJg&google_hm=Q0FFU0VEM3NTcjBENGZ4Q0ZabFBtT3R2M0dz

Request Chain 546

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFh9ztLtr6SbmpKIa3JljqM&google_cver=1&google_push=AYg5qPJmbt5byLy7uzB7cZfAVvzxt8vsKK-XccPfjZ9ZPX3ysvq0uVCNdjZlV2OMvpX3284tSWYsHBu9fXDYQWFZPNB1NHuS4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Os1GSqMoTfSPGg3YlFZXrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJmbt5byLy7uzB7cZfAVvzxt8vsKK-XccPfjZ9ZPX3ysvq0uVCNdjZlV2OMvpX3284tSWYsHBu9fXDYQWFZPNB1NHuS4Q

Request Chain 547

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKsKYiW5BjxgDgBJPnONhC4&google_cver=1&google_push=AYg5qPKgAnSOOs4nf-UyDagno99WpmrzHYRqPeiTf2VvEIlK8UJykmDwxVERwxMrNEkpbXY-TyLY-_6iRSu7XamlqwLIwDmT8w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQxV0MtTS1CQUpT&google_push=AYg5qPKgAnSOOs4nf-UyDagno99WpmrzHYRqPeiTf2VvEIlK8UJykmDwxVERwxMrNEkpbXY-TyLY-_6iRSu7XamlqwLIwDmT8w

Request Chain 548

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1

Request Chain 549

https://ag.innovid.com/trk?tid=11711&google_gid=CAESELFIz3J6wua080i-1rWk-q0&google_cver=1&google_push=AYg5qPLf7-TNWvnWyvri0Cxkp5p8TYiDIRwuIMJpQYeZzmlQejIJ5YcWsZdUGAOTRMqRosm3t8f8QMBrsfQbV06a09rXIr4Brq4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLf7-TNWvnWyvri0Cxkp5p8TYiDIRwuIMJpQYeZzmlQejIJ5YcWsZdUGAOTRMqRosm3t8f8QMBrsfQbV06a09rXIr4Brq4&google_hm=DC2kzjrVS6C91L-nQ1BA1w

Request Chain 551

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIo_n0O9o87sM0NB9qNtxjWsx7ouUCyw4tIMVuxq5JA-_7Dqg1ykh1DwssrXLNb8XNZInwyVETg2MUcBiTENL1wbwpbjdHr&google_gid=CAESEJHepBVynoVNr0AvbbAyJD4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWJlYUFBQUFBYkpwTTNqcQ&google_push=AYg5qPIo_n0O9o87sM0NB9qNtxjWsx7ouUCyw4tIMVuxq5JA-_7Dqg1ykh1DwssrXLNb8XNZInwyVETg2MUcBiTENL1wbwpbjdHr

Request Chain 552

https://d.agkn.com/pixel/2175/?google_gid=CAESED3sSr0D4fxCFZlPmOtv3Gs&google_cver=1&google_push=AYg5qPL5qMKijwUxd-iJIryVfSpI-vdIjD2Tkh9agUUwWne0814BghOixGJ0XzbDz1LVQ_YXlaMJqSqil3bjJwfznPxqs6R_04Jx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL5qMKijwUxd-iJIryVfSpI-vdIjD2Tkh9agUUwWne0814BghOixGJ0XzbDz1LVQ_YXlaMJqSqil3bjJwfznPxqs6R_04Jx&google_hm=Q0FFU0VEM3NTcjBENGZ4Q0ZabFBtT3R2M0dz

Request Chain 554

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFh9ztLtr6SbmpKIa3JljqM&google_cver=1&google_push=AYg5qPIUvE7sdocI8jN3Bo8c8-TypYGZi7EeQ_J-y3DZL06NqBVrE06hEOEksqZDp1WwXymfIp0FbcuS3tURqfO5Sui0gU4kotU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Os1GSqMoTfSPGg3YlFZXrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIUvE7sdocI8jN3Bo8c8-TypYGZi7EeQ_J-y3DZL06NqBVrE06hEOEksqZDp1WwXymfIp0FbcuS3tURqfO5Sui0gU4kotU

Request Chain 555

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKsKYiW5BjxgDgBJPnONhC4&google_cver=1&google_push=AYg5qPKE_7PHwLB9wJVlO5ORI8qdCbWFozqZzRQLmeQAlRFkXKkSiPCpTAPL0cZUDCilEek7n9Hij0M_COzvUMyMn2PQylB18Po0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQxWFotMVctOUJUTQ==&google_push=AYg5qPKE_7PHwLB9wJVlO5ORI8qdCbWFozqZzRQLmeQAlRFkXKkSiPCpTAPL0cZUDCilEek7n9Hij0M_COzvUMyMn2PQylB18Po0

Request Chain 556

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI

Request Chain 557

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEL3jFqfHNAgMs7ij_iDyeGc&google_cver=1&google_push=AYg5qPKj2rrZCV71d9_PoRB_ANNNYitAliWQbpeo7vLYzb2d9Lb7-qId7nQWWRg9utF3cimE9Lk5syy_D9pLN7znYK0kWoh0hnFXWw HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKj2rrZCV71d9_PoRB_ANNNYitAliWQbpeo7vLYzb2d9Lb7-qId7nQWWRg9utF3cimE9Lk5syy_D9pLN7znYK0kWoh0hnFXWw&google_hm=

Request Chain 560

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFb5izSimeyWDuKFGqFcEG8&google_cver=1&google_push=AYg5qPLt69ct8nBAh5-LyqoSydS_BdTOZY1-MDgPc5SpLJBmaaw1UzbZkxBGryyhtu0iLEWjtc30zlEUdkFrYxZV-Nwj4Un27LI HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLt69ct8nBAh5-LyqoSydS_BdTOZY1-MDgPc5SpLJBmaaw1UzbZkxBGryyhtu0iLEWjtc30zlEUdkFrYxZV-Nwj4Un27LI&google_hm=6ZD2KFUZ0bgd9FC6Jd-DBw

Request Chain 561

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJYOVQ2n8LCslnoz6GYE5lmF3paGYXwvqnnfba-67nIey9E70cmHaRyu7vIGoHmYpps6ugDinTtbNmUt4iA-E2QPNCAU9o&google_gid=CAESEJHepBVynoVNr0AvbbAyJD4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWJlYUFBQUFCVzhEd3o5dw&google_push=AYg5qPJYOVQ2n8LCslnoz6GYE5lmF3paGYXwvqnnfba-67nIey9E70cmHaRyu7vIGoHmYpps6ugDinTtbNmUt4iA-E2QPNCAU9o

Request Chain 562

https://d.agkn.com/pixel/2175/?google_gid=CAESED3sSr0D4fxCFZlPmOtv3Gs&google_cver=1&google_push=AYg5qPLOvm2edo2zqql30K-iivDxX2kPqxsJD00J-zgeV3Ok2LfN_tDpyJGVhayRTy2K9uJ694lnuGY7e9Yqrf5u_hI2tiaiE1ZA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLOvm2edo2zqql30K-iivDxX2kPqxsJD00J-zgeV3Ok2LfN_tDpyJGVhayRTy2K9uJ694lnuGY7e9Yqrf5u_hI2tiaiE1ZA&google_hm=Q0FFU0VEM3NTcjBENGZ4Q0ZabFBtT3R2M0dz

Request Chain 564

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKsKYiW5BjxgDgBJPnONhC4&google_cver=1&google_push=AYg5qPIhVuFGP8B42GbMeoLxLyr4WlWeTi_hYqB8c2rgrdWWsm3FjCylwVjxeprcEJD2RIxsE-5XBorio99oqdSX4ADf3y3GMYpL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQyMlotMTktVEVR&google_push=AYg5qPIhVuFGP8B42GbMeoLxLyr4WlWeTi_hYqB8c2rgrdWWsm3FjCylwVjxeprcEJD2RIxsE-5XBorio99oqdSX4ADf3y3GMYpL

Request Chain 565

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c

Request Chain 566

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEL3jFqfHNAgMs7ij_iDyeGc&google_cver=1&google_push=AYg5qPLApnqOqwRLuyqMcc1CDLy4joBpcuSXwCLc7QJGyDunCrMd6jI-Cq1AhfzN6IdwC60C2G9AgHIHGx-Ufp1JA2WBd7Lf2FR-cw HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLApnqOqwRLuyqMcc1CDLy4joBpcuSXwCLc7QJGyDunCrMd6jI-Cq1AhfzN6IdwC60C2G9AgHIHGx-Ufp1JA2WBd7Lf2FR-cw&google_hm=

Request Chain 580

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=dd3ef9182a146ca43335a3409c61b&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=pc029_7041265871502952442 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGaqlGB3hwfuNPDWGdeMhrc&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=ec54adb6-4271-4109-b238-fbfa812e8263 HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=3474378168057276366 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/dd3ef9182a146ca43335a3409c61b?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-go.435RE2oM0GlU32GIXyqeyclweV3fkopLFi649~A HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=b8be61b7-99fe-4d00-bc17-b53262889e6e&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=CIJXfyNx1MWQFQ5&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=6379734603191744295 HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YbeaAgAL0Bn6mABG HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=

Request Chain 588

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=

Request Chain 589

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 600

https://sunnewsonline.com/wp-content/uploads/2021/07/gunmen3-600x375.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/07/gunmen3-600x375.jpg

Request Chain 611

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7094677798399606&output=html&h=250&slotname=z1_adx_display_ron&adk=275265714&adf=282184647&pi=t.ma~as.z1_adx_display_ron&w=300&lmt=1639422160&psa=0&format=300x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422466043&bpp=18&bdt=5881&idt=18&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90%2C660x280%2C315x250&nras=1&correlator=3311153261771&frm=20&pv=2&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&loc=https%3A%2F%2Fwww.sunnewsonline.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEr%7C&abl=CA&pfx=0&fu=32768&bc=31&ifi=14&uci=a!e&fsb=1&xpc=k6wZJ9z5xV&p=https%3A//www.sunnewsonline.com&dtd=34 HTTP 302
https://banner.vdo.ai/shelter-dogs/300x250.html

Request Chain 612

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YbeaAgAL0Bn6mABG HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbeaAgAL0Bn6mABG&gdpr=0&gdpr_consent=&_test=YbeaAgAL0Bn6mABG

Request Chain 613

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFLZWVrN0RielFBQUQxRGdkSVB5Zw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAKeek7DbzQAAD1DgdIPyg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2

Request Chain 614

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8832176352 HTTP 302
https://sync.1rx.io/usersync/tradedesk/ec54adb6-4271-4109-b238-fbfa812e8263 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-1f9ab7a2-77b3-4762-8294-e8b0be90fe4c-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-1f9ab7a2-77b3-4762-8294-e8b0be90fe4c-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1f9ab7a2-77b3-4762-8294-e8b0be90fe4c-003

Request Chain 615

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3ACD464A-A328-4DF4-8F1A-0DD8945657AC&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3ACD464A-A328-4DF4-8F1A-0DD8945657AC&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3ACD464A-A328-4DF4-8F1A-0DD8945657AC&addseg=19,36,42

Request Chain 616

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3ACD464A-A328-4DF4-8F1A-0DD8945657AC&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3ACD464A-A328-4DF4-8F1A-0DD8945657AC&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 619

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Eo0krh2FIP8J3X-rEdlrqULedK4J2iL_FNikSV1M

Request Chain 620

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3ACD464A-A328-4DF4-8F1A-0DD8945657AC&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-WSjbEDJE2uWppXYPnmOhLryH2.qb_oA-~A&gdpr=0&gdpr_consent=

Request Chain 622

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=789ad8c0-7391-4f67-9651-6626b4b716bf&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=80dcca2c-d676-49f5-a23a-0eb8ac5bfab6&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 623

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3534133052399560886&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 625

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 645

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 646

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vpZ4P16DSmpCOB0B3AkRzrnoF7Q

Request Chain 647

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2HgDlJ61k0lPGnzsWU4HX-f7

Request Chain 651

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3561ddb8-9d66-434e-9c26-05202515e1b0-tuct8b11f82&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 652

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3728759190 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3ACD464A-A328-4DF4-8F1A-0DD8945657AC

Request Chain 653

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:99c5cb9b-3293-4a73-8aaf-9dccfc8cd9fb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 654

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3474378168057276366

Request Chain 686

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 688

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:CIJXfyNx1MWQFQ5&gdpr=0&gdpr_consent=

Request Chain 690

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BC645DDB5A294CCFBD7267F3192E45F7

Request Chain 691

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=f6458fe6-5c47-11ec-96ba-955e0c724771&gdpr=0&gdpr_consent=

Request Chain 701

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886

Request Chain 742

https://sunnewsonline.com/wp-content/uploads/2021/12/images-2.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/images-2.jpg

Request Chain 744

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null HTTP 303
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAKeek7DbzQAAD1DgdIPyg&gdpr=0&gdpr_consent=null HTTP 302
https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=3534133052399560886 HTTP 302
https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=8992879&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=f6458fe6-5c47-11ec-96ba-955e0c724771 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D721%26userId%3D%7BuserId%7D HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=721&userId=no-consent HTTP 302
https://sync.adotmob.com/cookie/stickyads?gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=257&userId=070f22040087ccafb263a1f3&gdpr=0&gdprConsent= HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849&1501=070f22040087ccafb263a1f3&159=CAESEGaqlGB3hwfuNPDWGdeMhrc&171=3534133052399560886&23329=CIJXfyNx1MWQFQ5&25522=no-consent&25746=f6458fe6-5c47-11ec-96ba-955e0c724771&26913=AAKeek7DbzQAAD1DgdIPyg&45=YbeaAgAL0Bn6mABG&529=b8be61b7-99fe-4d00-bc17-b53262889e6e&617=6379734603191744295&717=y-go.435RE2oM0GlU32GIXyqeyclweV3fkopLFi649%7EA&892=ec54adb6-4271-4109-b238-fbfa812e8263&951=3474378168057276366&gdpr=0 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=849 HTTP 302
https://7e1d5.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D993%26userId%3d%23%7buser.id%7d HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=993&userId=pc029_7041265871502952442 HTTP 302
https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D HTTP 302
https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=609&userId=d6.067168ccd0cd48eeab51aa3af646926d HTTP 302
https://x.bidswitch.net/sync?ssp=stickyads&gdpr=0&gdpr_consent= HTTP 302
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=stickyads HTTP 302
https://x.bidswitch.net/sync?dsp_id=188&user_id=vpZ4P16DSmpCOB0B3AkRzrnoF7Q&user_group=1&ssp=stickyads&gdpr=0

Request Chain 751

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=

Request Chain 752

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 817

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886

Request Chain 851

https://sunnewsonline.com/wp-content/uploads/2021/12/Hadi-Sirika.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Hadi-Sirika.jpg

Request Chain 864

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 865

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=

Request Chain 933

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886

Request Chain 966

https://sunnewsonline.com/wp-content/uploads/2021/12/Ghaali-Umar-Naaba-300x350-1.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Ghaali-Umar-Naaba-300x350-1.jpg

Request Chain 985

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=

Request Chain 986

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 1054

https://sunnewsonline.com/wp-content/uploads/2021/12/pjimage-18-2-750x375.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/12/pjimage-18-2-750x375.jpg

Request Chain 1086

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886

Request Chain 1112

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://x.bidswitch.net/sync?ssp=stickyads&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=stickyads&bsw_custom_parameter=80dcca2c-d676-49f5-a23a-0eb8ac5bfab6 HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=stickyads&expires=10&bsw_param=80dcca2c-d676-49f5-a23a-0eb8ac5bfab6 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=204&userId=80dcca2c-d676-49f5-a23a-0eb8ac5bfab6 HTTP 302
https://a.tribalfusion.com/i.match?p=b25&u=dd3ef9182a146ca43335a3409c61b&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D977%26userId%3D%24TF_USER_ID_ENC%24 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=977&userId=18072662317486555609 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156429&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156429%26mpc%3D4%26fp%3D1%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D642%2526userId%253D%2523PMUID HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156429&mpc=4&fp=1&pmc=1&pr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D642%26userId%3D3ACD464A-A328-4DF4-8F1A-0DD8945657AC HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=642&userId=3ACD464A-A328-4DF4-8F1A-0DD8945657AC HTTP 302
https://um.simpli.fi/freewheel

Request Chain 1115

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=

Request Chain 1116

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 1134

https://sunnewsonline.com/wp-content/uploads/2021/09/efcc-edited.jpg HTTP 301
https://www.sunnewsonline.com/wp-content/uploads/2021/09/efcc-edited.jpg

Request Chain 1148

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886

Request Chain 1177

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
https://freewheel.adhaven.com/bid-engine/cs/b714c175b3fe12d9388dfc1431d76197/v1?rd=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1217%26userId%3D%24UID&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1217&userId=4c_42a42205-c0df-4d9d-b33b-07d04c2174c5 HTTP 302
https://um.simpli.fi/freewheel

Request Chain 1182

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=

Request Chain 1183

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=

1196 HTTP transactions
21 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.sunnewsonline.com/
Redirect Chain

http://www.sunnewsonline.com/
https://www.sunnewsonline.com/

340 KB
38 KB

284ms
240ms

Document
text/html

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6e6915b1d46b97fabc0b2b9a4d95ed05ede5ccaa3bc97cc30483b79237227a6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-type: text/html; charset=UTF-8
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
last-modified: Mon, 13 Dec 2021 19:02:40 GMT
referrer-policy
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bH5rfa%2FtqIZmw6XifJ0qJ%2Fdom3Eb3OxMFlOCzLEj%2BfZ0Fcw%2BBFbT190hjfPjB%2B47pU2E8iGm5KMBvQS57PmIBdoxgCO8cb0B030QnRRFBVDPtrn16W1i9Vv2weUFNbyspqg%2B40LSHNnSdvpjZjiaPDmwDAs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6bd17a068db659b3-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Mon, 13 Dec 2021 19:07:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 13 Dec 2021 20:07:39 GMT
Location: https://www.sunnewsonline.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jl4qdkXLOPcmmiRXz9Ytgb%2FptstLV%2B6EAGrrtMr1EPxRu8J4MxciG8nwlb93vnI%2B2JLwpBzgesOgUUwx3XIgRQNwodDWwiIgwoYPCirAxIu2KYYoW%2FvJkVLAZbBatArmjT5pfQjUjM85OvQ82JBmoGBDcgg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6bd17a05fa005a25-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.min.css
www.sunnewsonline.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 33ms
31ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.1
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 711799
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Sat, 17 Oct 2020 11:05:56 GMT
server: cloudflare
etag: W/"d293-5b1dbdd852d00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KG9b%2FktFJ6XtgV2%2BFVHCBzZcOX6Yo6eMBh39wDfR%2Bigd%2B9j10jeQ%2BqJXTZ6aDFXdqqDrutIoBtXRRFZaoylaHIDNodcT6O4U8FCtKkZ1YoJZfE8WIjMv6gttSP3otvbd4w3O6VbhmIi7e8y%2BmkwouJ3En0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6bd17a083a7a59b3-MXP
expires: Mon, 05 Dec 2022 13:24:21 GMT

GET
H2 200 blocks.style.build.css
www.sunnewsonline.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/ 0
502 B 35ms
33ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css?ver=2.0.36
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 554483
cf-polished: origSize=184
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
pragma: public
referrer-policy
last-modified: Tue, 07 Dec 2021 08:55:19 GMT
server: cloudflare
etag: "b8-5d28a88624e17-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELkt4PaSzU%2Bcdxe7bEaF3hTLWvZ6Omlh2sTID%2BckH3BFSBO6DdGxZPXlbKBLVQZp4ealkVjZx3ybrXM9nmFiWBzD2ix9O6c9xXszYjN9IcfhhhiYobIE5vzHbbpFW2TYORRqnqs3j6pM6DPR1vbZA3Xjnzc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
expires: Wed, 07 Dec 2022 09:06:17 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a083a7d59b3-MXP
cf-bgj: minify

GET
H2 200 adsforwp-front.min.css
www.sunnewsonline.com/wp-content/plugins/ads-for-wp/public/assets/css/ 1 KB
877 B 30ms
26ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/ads-for-wp/public/assets/css/adsforwp-front.min.css?ver=1.9.16.2
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b72805902e02fb3e4dd61d116e8f34a240f5609bdfb0c699ffb950a418e5a162

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6425420
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Mon, 26 Jul 2021 21:07:09 GMT
server: cloudflare
etag: W/"4c0-5c80d22ebeedc-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39DfbLErVnspLiSmFuon3E5VLHLzwdODkXvY2bO1YDokUS0Cf3I1SycLW2Rra6tPeQdeRo6%2BAmgTdQLnk7bHWF1jHTCRG8zdaigd1lEouStlSdbcRXlR1fuJj2rOBnR3g8lmcJMHFBMF59vb00EyGn7JYTI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6bd17a083a8859b3-MXP
expires: Fri, 30 Sep 2022 10:17:20 GMT

GET
H2 200 plugin.css
www.sunnewsonline.com/wp-content/plugins/jnews-video/assets/css/ 42 KB
7 KB 44ms
41ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/jnews-video/assets/css/plugin.css?ver=7.0.8
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ea86f4a80f90475866329b7799c0d32a29c19a9eb7ee07fb377b378ed7e78d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 345923
cf-polished: origSize=43406
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Mon, 19 Oct 2020 13:22:58 GMT
server: cloudflare
etag: W/"a98e-5b2060345b080-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TugPMDSCgfwfzX9BNMVsXfzrERbiyw%2BO9NUuCNYqGaN1N%2F3mOICVSJStl9s%2B3jmsuSEDj17UBfIZEkTtq20ZHz8e90%2BUJDopS5zcY3g9DcdmkRjx3xwQOyPkQpzyIHQ8IcFDvWRd5tNfhUN6nENVPrltDqU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6bd17a083a8a59b3-MXP
expires: Fri, 09 Dec 2022 19:02:17 GMT

GET
H2 200 darkmode.css
www.sunnewsonline.com/wp-content/plugins/jnews-video/assets/css/ 4 KB
1 KB 45ms
42ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/jnews-video/assets/css/darkmode.css?ver=7.0.8
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf08e51ccfa7b19b6f03697c91bd6720d75e5c7ee12347e0485d8fe1dd16eea3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 918363
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Mon, 19 Oct 2020 13:22:58 GMT
server: cloudflare
etag: W/"105d-5b2060345b080-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vudbo%2BARCcIuoCMF4UkKk2SPsR89gb%2B3gbZqG7D1o7HZ2iXF%2BOdmYxxyZ2y4ehb%2FBYcAYnqvM7TG0jkQyhNO8OnyVamJofAuW0I1GaT%2FvK8H%2FfCcZEheW55zypyz%2FZZKO3GRKxJ7c2fyO88E01619ZS%2BWZo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6bd17a083a8b59b3-MXP
expires: Sat, 03 Dec 2022 04:01:37 GMT

GET
H2 200 jquery.selectbox.css
www.sunnewsonline.com/wp-content/plugins/ultimate-form-builder-lite/css/ 2 KB
1 KB 35ms
32ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/ultimate-form-builder-lite/css/jquery.selectbox.css?ver=1.5.1
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bbd3334d8682fe68a10c5f18fce42c65bbcc0eb4af62344dfc97c16c19ebd72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 936416
cf-polished: origSize=2078
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Thu, 16 Sep 2021 08:55:34 GMT
server: cloudflare
etag: W/"81e-5cc18fa4e160e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=or7HSmyuIRwVlY3G%2Btvw7Y6COK%2B6cppFbPZp6IDy4TAZJy0bQbGBGTF%2FDiPmBGIP4C2XA6xPNrtjr8x5ryN8SfbxxhpjKk2Xa5XaisoAgi7yrLQgHSOTBx62Jp6vjRwB7zm7zY%2BSDdLjG5FjcSrXqKPExFg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6bd17a083a8e59b3-MXP
expires: Fri, 02 Dec 2022 23:00:44 GMT

GET
H2 200 frontend.css
www.sunnewsonline.com/wp-content/plugins/ultimate-form-builder-lite/css/ 35 KB
4 KB 55ms
52ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/ultimate-form-builder-lite/css/frontend.css?ver=1.5.1
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26b4fd911fd3061a6b5ec2c594473fc80419beb99150cd89487438fca0aa3489

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 936416
cf-polished: origSize=42369
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Thu, 16 Sep 2021 08:55:34 GMT
server: cloudflare
etag: W/"a581-5cc18fa4e19f6-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAS8Ps780WOlsDo4Ww6Xf4Tsz5W27nsF91YZ%2B3BQ39cKF7acoqcObFOf7087DZhltQnDkE8ufi%2FSnUGXxKvLpH6VLZ6P6IZXjeT9LSJb%2BIrff%2BE8q9zMttXzAvTuZDuFjFaxHMdhydZKav%2FrAs6YeLgqi9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6bd17a083a9059b3-MXP
expires: Fri, 02 Dec 2022 23:00:44 GMT

GET
H2 200 frontend.min.css
www.sunnewsonline.com/wp-content/plugins/wp-user-avatar/assets/css/ 68 KB
11 KB 34ms
30ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=3.2.4
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e6acde1a483c1cfd05ef515b8a74523c2aa0c12e16d8ce04ae32275731d8782

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 711799
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Sat, 20 Nov 2021 08:55:19 GMT
server: cloudflare
etag: W/"111f7-5d1348d20aaff-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCUY0zr0qub6NEMemCjrH9nF8KU46b%2BTe%2F%2Blr9tF%2BTrlBtKRFgDeu5E0dekdGyOHhR6fA0IFMSrn1A3KCCxBDr1LSFVq0ssDlq7txEdpzfAFMPOUR08U61eVBRBtLWq69mRWm1nQbEsjZj%2B9Zls36bZzLpo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6bd17a083a9159b3-MXP
expires: Mon, 05 Dec 2022 13:24:21 GMT

GET
H2 200 flatpickr.min.css
www.sunnewsonline.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 16 KB
3 KB 81ms
78ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=3.2.4
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 661e00570c65c29528d9ce6ee19e5e9939986716c293def67b07f8b6a191b018

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1850024
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Sat, 20 Nov 2021 08:55:19 GMT
server: cloudflare
etag: W/"3e52-5d1348d20938f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2F47Rwe%2BbgGly7XV3Gb4n8fKFrbCGX%2Bc4dSawCk9UFhKzN1rVlN3jVFjFI3%2FG05zySJsOXOS%2Brh%2BN1DoG6MkCRpQoH32l%2FEhagSHoz%2B4uFnQx5eIEBvutfvwhD6PTUUMizpCzpIrCag63nLlre6EoK9t2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6bd17a083a9359b3-MXP
expires: Tue, 22 Nov 2022 09:13:56 GMT

GET
H2 200 select2.min.css
www.sunnewsonline.com/wp-content/plugins/wp-user-avatar/assets/select2/ 15 KB
2 KB 48ms
45ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=5.5.1
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1721567
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Sat, 20 Nov 2021 08:55:19 GMT
server: cloudflare
etag: W/"3a75-5d1348d20a32f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNl0XFQJ392KEe7x8ouzBjaHTAfahU1my7RJFXjKN6EsysXXt6lvqttfqxTcX1Tz8TRKneI2gSIOjW2sFRtbDPyZ9Kq%2Fz5a5R%2FiPNlBgDtYlucYZLkWw4CmA11%2FN2RkzqMwcG0s7q3vQTei2fw5vmqToMCE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6bd17a083a9459b3-MXP
expires: Wed, 23 Nov 2022 20:54:53 GMT

GET
H2 200 style.css
www.sunnewsonline.com/wp-content/themes/jnews3/ 0
413 B 42ms
39ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/themes/jnews3/style.css?ver=5.5.1
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 918363
cf-polished: origSize=426
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
pragma: public
referrer-policy
last-modified: Tue, 06 Oct 2020 13:02:42 GMT
server: cloudflare
etag: "1aa-5b10036db2080-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIkDSxv478zgcfa91il75OWtql3P3MNUuXYGodeaMZsli58Y2faxcjTCtnSm952PYXLQVoV5khOUHYCm95%2Fz5vjygYIvC%2BG1PrsBBRZAgMkB3%2BSD9wtjGCBpHJciwRTKxBurcQkTKWRq685Ir9d78fAGvMw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
expires: Sat, 03 Dec 2022 04:01:37 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a083a9859b3-MXP
cf-bgj: minify

GET
H2 200 js_composer.min.css
www.sunnewsonline.com/wp-content/plugins/js_composer/assets/css/ 474 KB
46 KB 55ms
52ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.7.0
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 184158b86609c0805441583af03684e5d2e349b481bc5e0b405eef4f63d0f25f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6351174
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Tue, 27 Jul 2021 21:13:18 GMT
server: cloudflare
etag: W/"76878-5c82156b9fa8c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDb3pH3Tuucitw2e7k%2FA08U4vW6gNtIjYkUImWFcHiOMiEWzHJELAV16Jp7fXOJf4eJYjG0gzfyQXKkR52BzLrcIC7kSXsuTqx9i2zBZomWJSO2CMrb9A%2BPm81JWHw4Sg5Cg5QfQ95s8VKLGBGQVms4J%2BPM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6bd17a083a9d59b3-MXP
expires: Sat, 01 Oct 2022 06:54:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
2 KB 46ms
20ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%7CRoboto+Condensed%3Aregular%2C700%7CPT+Serif%3Aregular%2Citalic%2C700%2C700italic&display=swap&ver=1.2.5

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe5d43bed73b4c6b97447faa75b4f7b22a2bb75333432399634d5df31dbed0c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sunnewsonline.com/
Origin: https://www.sunnewsonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 19:07:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 19:07:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 19:07:40 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
www.sunnewsonline.com/wp-includes/js/mediaelement/ 11 KB
3 KB 54ms
51ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.13-9993131
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b834a80037718e3da7f92199034dc59611ed774af41f1e84fa1e0d97c4261192

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6425420
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Tue, 22 Sep 2020 16:35:11 GMT
server: cloudflare
etag: W/"2ca1-5afe98cfa2dc0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXgCwUMV0g4fx43JjIXcpQYM4wjuheFyin89vH9dvSA86%2FQj%2BIH0wfHHMja4fAxeAs8pADpOI1x7%2B2nBtCMkiTW73RUYMEonBP4LwQnl6DJBl9dF0nZzD8vbXNGCbr6TsdNJLJm%2BJ9K6J7GFTA8Rgn2S%2BPQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6bd17a083aa159b3-MXP
expires: Fri, 30 Sep 2022 10:17:20 GMT

GET
H2 200 wp-mediaelement.min.css
www.sunnewsonline.com/wp-includes/js/mediaelement/ 4 KB
1 KB 48ms
46ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.5.1
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9717868
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Tue, 22 Sep 2020 16:35:11 GMT
server: cloudflare
etag: W/"105a-5afe98cfa2dc0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FSNLU%2FOadmI3QuM0alTgy0PHOZaCxYCeMRU%2Fmx79DfH81y5qQqdSUsKDtv2vrQqmZQu7stfFLDDw2oE1GmvNbHCMHO0qGNIN6UbOuha4DX8HaPUBns47oA3LEcLxdELAVt1A8OOnpTrBC9J7v59CelNiSA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6bd17a083aa359b3-MXP
expires: Tue, 23 Aug 2022 07:43:12 GMT

GET
H2 200 frontend.min.css
www.sunnewsonline.com/wp-content/themes/jnews3/assets/dist/ 530 KB
89 KB 55ms
53ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/themes/jnews3/assets/dist/frontend.min.css?ver=1.0.0
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9959b3eaa45e57c09c54a58955b2dd957b731df24036b5438785fc207bf7b03c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9717868
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Tue, 06 Oct 2020 13:04:14 GMT
server: cloudflare
etag: W/"8490d-5b1003c56ef80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNVQO3z3xW%2BLr5C85cV0Q43A4OHJfXzniDqO3nyW0dgtQZE1ywcRIRkyf8o1oWX3hF3m6aAe0L%2BXt1rZe1%2FIsV5wYDKSz9O%2BVQYoVnyHAGUzGIRdx%2Fw%2BXdFAYcQWWw2AizQ9YHMOrHfAP%2Bu1vZhU6ncBfIM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6bd17a083aa659b3-MXP
expires: Tue, 23 Aug 2022 07:43:12 GMT

GET
H2 200 style.css
www.sunnewsonline.com/wp-content/themes/jnews-child/ 0
387 B 32ms
29ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/themes/jnews-child/style.css?ver=1.0.0
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1080089
cf-polished: origSize=567
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
pragma: public
referrer-policy
last-modified: Mon, 19 Oct 2020 13:11:53 GMT
server: cloudflare
etag: "237-5b205dba29840-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMdTDhhFDOAz%2FXLhM2npasJViDZhxxf1oZ1kmtnD4QkMWePfEbS5pv%2FMwddKH2D0grxADwwLLWcu1R9RIf2Liza0VppNSJH2MYyCcBDRG1xs3WPq%2BWl2Pf0lOo3scHAvMSKwczm7DJAsl59cT3sFqMLYLmk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
expires: Thu, 01 Dec 2022 07:06:11 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a083aa959b3-MXP
cf-bgj: minify

GET
H2 200 darkmode.css
www.sunnewsonline.com/wp-content/themes/jnews3/assets/css/ 42 KB
7 KB 53ms
51ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/themes/jnews3/assets/css/darkmode.css?ver=1.0.0
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21118991f8361c8c1d263c1c05d434a8d49c14c702907522c96577bd0bbf1199

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 918363
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Tue, 06 Oct 2020 13:04:05 GMT
server: cloudflare
etag: W/"a904-5b1003bcd9b40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qlS7gbWApajnixx5ll4d7vlKxsVQfKvnEfISG5AwoaW7Nzkl3Gg51e%2BMIyyaSikvpmiEL9ljHh473kaSwB2B6GERVgv5RDNiunEiNSAREpZCYwI%2BB1crKjdMsmdf8VOYLCycfaG2Us765hFmeh9zc197xTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6bd17a083aac59b3-MXP
expires: Sat, 03 Dec 2022 04:01:37 GMT

GET
H2 200 scheme.css
www.sunnewsonline.com/wp-content/themes/jnews3/data/import/citynews/ 6 KB
2 KB 43ms
41ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/themes/jnews3/data/import/citynews/scheme.css?ver=1.0.0
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c38345206c9dcf7f7b0ef2dac8ded7dc02abbd82850c9d9ca92aa98fc2e46c30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1794319
cf-polished: origSize=7516
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Tue, 06 Oct 2020 13:12:56 GMT
server: cloudflare
etag: W/"1d5c-5b1005b740600-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUeBzHFi9k63o43ktq4AinFuYUqbJx6WPc4SYZ84U2Ke0s0cDlPgoDAJwNG8a3D3WiJzcFmInEbrFmWRb4eMGjSlp%2BlAADrcU5AJljGk4J9r77WMu5m%2FdxXYcg64P0pOZtI1AsJEAn9epsexSLXPIA1qSBs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6bd17a083ab159b3-MXP
expires: Wed, 23 Nov 2022 00:42:21 GMT

GET
H2 200 jetpack.css
www.sunnewsonline.com/wp-content/plugins/jetpack/css/ 75 KB
15 KB 67ms
65ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/jetpack/css/jetpack.css?ver=9.4.2
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0493f79ed9925b96386392d145d82700629ead432c3985d478c5162e3cef3192

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8461495
cf-polished: origSize=77085
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Thu, 03 Jun 2021 08:55:29 GMT
server: cloudflare
etag: W/"12d1d-5c3d8bca78240-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klM9T6j%2BguhxfHaq85OWfVQpLyhCUWNDS9Oyug2ESGq00IqpS0yWIWoWQaWCx0SMu322%2F20C9rghx7Lf4ZU8W%2BCRtdQGANBaKk1Ril7lhaChjEc4%2BPA9Ovp1eeBkUFUr9CGW%2FgYCpJpv2%2FdoBiYIWSQ%2F60g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6bd17a083ab759b3-MXP
expires: Tue, 06 Sep 2022 20:42:45 GMT

GET
H2 200 plugin.css
www.sunnewsonline.com/wp-content/plugins/jnews-social-login/assets/css/ 2 KB
924 B 54ms
52ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/jnews-social-login/assets/css/plugin.css?ver=7.0.3
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c62c820213f1ab28757a744fd3d15b65fc1ac9e148c8db2c50eb8a20959f930

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1080089
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Mon, 19 Oct 2020 13:26:20 GMT
server: cloudflare
etag: W/"94e-5b2060f4ff700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avRqYTFYqfFCbCd65EGjqd8A5bQFrvC39HySsgbrIQPnfjH3nj97DNdI6kiH6W3KNThDbH8wp3%2BxvHbt6fZs5c8ap1I2i7eG76D3Ca61ZzTLMZm%2B8gfL74dYkc9Yk91iTzvTXEplB%2BV6B0L1nji3bQj3G4U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6bd17a083abc59b3-MXP
expires: Thu, 01 Dec 2022 07:06:11 GMT

GET
H2 200 plugin.css
www.sunnewsonline.com/wp-content/plugins/jnews-social-share/assets/css/ 1 KB
807 B 41ms
39ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/jnews-social-share/assets/css/plugin.css
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5847707988b0ee28c7b583abaabd6c203ad910326e5b9fe12149a0bc8ac43e5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 989159
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Mon, 19 Oct 2020 13:24:28 GMT
server: cloudflare
etag: W/"472-5b20608a2fb00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2B9yVdVQa9IwSmWyQ0A7GfgXpjhz6xE3otawF93gVulyQ7jKibPnVWNs561LGze5plBoZ8v8nWvMZGn%2Blq%2FZCq0Nmxu%2B75W5OUApjoxdKOkC4EU8mgu0HDWzNgRo1VfwPZ2W83hLTJqOYsNzunW%2BWw%2BCqzw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6bd17a083ac059b3-MXP
expires: Fri, 02 Dec 2022 08:21:41 GMT

GET
H2 200 jquery.js Show response
www.sunnewsonline.com/wp-includes/js/jquery/ 95 KB
34 KB 51ms
49ms Script
application/x-javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 345923
cf-polished: origSize=96873
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Tue, 22 Sep 2020 16:35:11 GMT
server: cloudflare
etag: W/"17a69-5afe98cfa2dc0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXPyWXuCj6%2Bzily%2BYVtdbUIZ1WeF6Y1tanPX34v8%2Bkq7DNn6XlIxd0XcCKPEXPbNo%2FLY8gXzKoSFOUEg17ekxFslvLVFgIfTu7v1RbR5dyP5dewwDWX%2FNw3WYfYRPBilIq0%2B%2FGpyWfRVzy3g%2BOCoWPSpxkI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6bd17a083ac359b3-MXP
expires: Fri, 09 Dec 2022 19:02:17 GMT

GET
H2 200 jquery.selectbox-0.2.min.js Show response
www.sunnewsonline.com/wp-content/plugins/ultimate-form-builder-lite/js/ 9 KB
3 KB 46ms
45ms Script
application/x-javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/ultimate-form-builder-lite/js/jquery.selectbox-0.2.min.js?ver=1.5.1
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91d6157d0e51f7705acc396d5032e439d1dffaeeef652b91127f7690e35b4399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6006483
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Thu, 16 Sep 2021 08:55:34 GMT
server: cloudflare
etag: W/"2440-5cc18fa4e0e3e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRNMG0fhCs2uti00ESoVemhMYVfHp4G2gQjuDJxOgL%2B8h1AgwlCvI6c0gJ74FxnmCNn0wMt3IcCH6774yNf9sf5xxBAfbEAqAnLIsBFwfFk3kpqpTacxriRg4OnyVkJQQbEAY5%2BT0nfNuDOmMOuGebL7heA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6bd17a083ac759b3-MXP
expires: Wed, 05 Oct 2022 06:39:37 GMT

GET
H2 200 frontend.js Show response
www.sunnewsonline.com/wp-content/plugins/ultimate-form-builder-lite/js/ 3 KB
1 KB 54ms
52ms Script
application/x-javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/ultimate-form-builder-lite/js/frontend.js?ver=1.5.1
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b80c73014dbbd03a6e1c398f2a95dc38f7bd0e08cedddfb33c296bc1a158bf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 902199
cf-polished: origSize=4122
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Thu, 16 Sep 2021 08:55:34 GMT
server: cloudflare
etag: W/"101a-5cc18fa4e0e3e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPrVumF3nE3iMQXSTSYqPSMpNAizOjHVLEZM9sP8oPK6zWKSzdL%2FWQRraoiFLKP8x6H7nJ%2FckPxmfiJiZ3Bew8Pu5nJp9mQwr%2FHnTzgKb%2FX0ibaF8IA9gicCV126x3avqumzDakr2DrZmQ7rQq23DDNNRcI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6bd17a083ac959b3-MXP
expires: Sat, 03 Dec 2022 08:31:01 GMT

GET
H2 200 flatpickr.min.js Show response
www.sunnewsonline.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 47 KB
14 KB 53ms
52ms Script
application/x-javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=5.5.1
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe2ac5219992a3608a5c9e2bc4759fac8fb2189b88d7a674d395ff6c435da536

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7809686
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Thu, 02 Sep 2021 20:55:39 GMT
server: cloudflare
etag: W/"bd86-5cb0967c7f027-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ME8T4uITTA6XQ59jgH%2BQ7JSPMDniBA220lOx21uq%2FrgKGnPORBawlZtXxYKw6JaMKH80SZqRawGiY05hgP3V5Yc2WCGQRrbxlECg44enIkYxg7Xi%2FmCR7kVT7JoJyhmpQncFaBiVXVCjA2wn42QhB0KUrNM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6bd17a083ad359b3-MXP
expires: Wed, 14 Sep 2022 09:46:14 GMT

GET
H2 200 select2.min.js Show response
www.sunnewsonline.com/wp-content/plugins/wp-user-avatar/assets/select2/ 69 KB
20 KB 43ms
42ms Script
application/x-javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=5.5.1
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6425420
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Tue, 21 Sep 2021 20:55:18 GMT
server: cloudflare
etag: W/"114c3-5cc879d7c94f9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQMThtQx7m6q0M1JTp2MsedZLGRE33XCHMC2a5xSuqjmmUMpNiN4i0dSx%2B8Bd4XbabJlo%2B8XSINxCrN7aqlA0CsGzeYXNIJCRwuCo57sdpzr6l7KmhUjTdCEvbJwVim7x81Xs5G%2FjEZrGbEyQCc58pbWAvE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6bd17a083ad459b3-MXP
expires: Fri, 30 Sep 2022 10:17:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 40ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-75348301-1

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

045d305f397996f9ed7cbbc69281fdfeefba499e9992e759ae060f30e0a72d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36246
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Dec 2021 19:07:40 GMT

GET
H/1.1 200
OK sunnews_18450.js Show response
ads.vidoomy.com/ 5 KB
6 KB 361ms
125ms Script
application/javascript 3.129.250.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/sunnews_18450.js
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: c83c3688188a8fee52e49f7c0eae243c1c1026c24f359f3afe01fd99dfd84d08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:40 GMT
Server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 5357

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 68ms
44ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8447832343bd281487dbe2782febd51cc2a95fa1950b50d5efe402a070091802

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52001
x-xss-protection: 0
server: cafe
etag: 2736726106506473563
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 19:07:40 GMT

GET
H2 200 mcm.js Show response
increaserev.com/ads/dfpres/ 228 KB
18 KB 56ms
22ms Script
application/javascript 2606:4700:20::681a:17e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://increaserev.com/ads/dfpres/mcm.js
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:17e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 333c02f6e5d67a49e94daeceb911c878f6f5ffda7b4cea5bd10c83e3facc81b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2170
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 13 Dec 2021 14:29:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5qtkJfFkpRQpTgfseKAFBunXD9e0%2F5R%2BTaRFKOtPknC5BviIPbcRq8b7LB%2Fi8yAZ7BiBavURx9HbV3jUD2%2BYyAbSNKWJSgWeCDIU352Hf0iyZKwsJT86bNMus7oTrOjOyAwxFnL7THbfWImJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 6bd17a086a372bce-FRA
access-control-allow-headers: origin, x-requested-with, content-type

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 48ms
32ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4454686729706359

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

509c829a283e3358370d1861ee9d0b04bafcdeebe0c4015d2990e6dd21b3a070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sunnewsonline.com/
Origin: https://www.sunnewsonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51937
x-xss-protection: 0
server: cafe
etag: 1770682619612133976
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 19:07:40 GMT

GET
H3

200

thesunnews-logo-latest.gif
www.sunnewsonline.com/wp-content/uploads/2018/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2018/12/thesunnews-logo-latest.gif
https://www.sunnewsonline.com/wp-content/uploads/2018/12/thesunnews-logo-latest.gif

5 KB
6 KB

23ms
22ms

Image
image/gif

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2018/12/thesunnews-logo-latest.gif
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56f96596698065b2f31870cdf6cd8a305d562a3795e84b4b59f2e1bf329b8251

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9653139
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5295
pragma: public
referrer-policy
last-modified: Fri, 07 Dec 2018 09:32:52 GMT
server: cloudflare
etag: "14af-57c6b4c991900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zv6t9SBNYeqWskxeyK%2FG0ossP6VTApGZsxStsfCoWVxj2cYEnva9Sx%2B3bdEsqR3mD7e1qYCM5Uapw0DMb5a%2BTHVq5bqCixmEhoXyxHPPFtiGw2Z5J9X5895X0xsue%2BAERGzK1uwb58zIv6qeeu42WeJ2zA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0a9b304e4f-FRA
expires: Wed, 24 Aug 2022 01:42:01 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrBg6ucIBRNEfbo%2BKqq%2Bb%2Bf8lsmh9vlk6Qrt5b08nAdhMzZGOCi9XOy4mr6g%2FGXZ6vf%2FJnxGdk8I9s9w04P9sxrihYLLpzyA98ecgfe6pxt%2BATD2XGWybzEVJuA24AmyR2HhSSuSExQyiIfrAemb1A%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2018/12/thesunnews-logo-latest.gif
cache-control: max-age=3600
cf-ray: 6bd17a09df8f59b3-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.sunnewsonline.com/wp-includes/js/ 14 KB
5 KB 61ms
57ms Script
application/javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.1
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 17 Oct 2020 11:05:56 GMT
server: cloudflare
age: 12000318
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvxK0m0lKwNsRGgbjpWW%2By0YRaaqXQL34zstxC8S68CpXAF0lPWXoxXJz%2BlNMHwQ4DB%2F9VuTtT5Etb%2Buqg%2BChLcL7CzUE5vvUPmYiTn248xEE7akIGvHap96nnV7E8PhDDNsf4FF4KBMjH%2BS8HDLrkCf5Pk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd17a09b9734e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 jeg-empty.png
www.sunnewsonline.com/wp-content/themes/jnews3/assets/img/ 70 B
649 B 62ms
57ms Image
image/png 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/themes/jnews3/assets/img/jeg-empty.png
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 13:04:25 GMT
server: cloudflare
age: 11995886
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8aI8kNBzxdh84CH7fMJ61U%2BfPSfiekM%2Ffb3oKhAzeaYEneFWKOJx8ItWkl3wPa%2FZkJduQslQfoP2f7lu7r2yxYvximt4I06o23wAHmeO6bExwXvoO41TkTpvbb0819uB98wv4owRmaW3iCjzZ62xlgBZBzI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6bd17a09b9754e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 70

GET
H/1.1 404
Not Found 8d6b4600ec59c11748c05c5693f15b59.js
tpcf.feedify.net/uploads/settings/ 0
0 362ms
297ms Script
text/html 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://tpcf.feedify.net/uploads/settings/8d6b4600ec59c11748c05c5693f15b59.js?ts=0.25957226590814675
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1 200
OK feedbackembad-min-3.0.js Show response
cdn.feedify.net/getjs/ 194 KB
55 KB 68ms
11ms Script
application/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.feedify.net/getjs/feedbackembad-min-3.0.js
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: cloudflare /
Resource Hash: 8f78f12bf3b24dcaad0c6128a6ac1ebbe79799b7da7254c93918ff5264791026

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 19:07:40 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2748
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3pfOS3SdBmfZrIrRX33HmMducSnJJIMYapRpUbxvGnil00BTgsYAJd9Ao8MgRsgfQbNyOXQrlonYs9TN8hZGlWw%2B%2FX5WbEsNLlhVdfXjTYKFP6Vu1IOSaOHfvGMyA%3D%3D"}],"group":"cf-nel","max_age":604800}
Connection: Keep-Alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 55799
Last-Modified: Wed, 08 Dec 2021 05:28:03 GMT
Server: cloudflare
etag: W/"61b04263-30981"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-HW: 1639422460.dop216.fr8.t,1639422460.cds136.fr8.shn,1639422460.dop216.fr8.t,1639422460.cds102.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6bd10504693068e5-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 48ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/dfpres/mcm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1069 / 739 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Dec 2021 19:07:40 GMT

GET
H2 200 trace Show response
www.cloudflare.com/cdn-cgi/ 287 B
435 B 83ms
22ms XHR
text/plain 2606:4700::6810:7c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cloudflare.com/cdn-cgi/trace?format=json

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/dfpres/mcm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85666896bec68d08a9211fb2e4c66431b91027cd3e7d860b2d887a234c4a6ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 6bd17a0959053761-MXP
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 getcookietime.php Show response
secureads.increaserev.com/InvalidAds/ 366 B
475 B 68ms
33ms XHR
text/html 2606:4700:20::681a:17e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secureads.increaserev.com/InvalidAds/getcookietime.php?domain=sunnewsonline.com

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/dfpres/mcm.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:17e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3ba0e62f56eda713cffebaef2120dba4f5d372c07b6e8fa276e269b336f4090

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 868616824 867133016
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4pIwHFhqTXH61yWoEmY8p2tcGhecxnEwf%2BU4mrxfnsnLf%2F6QO%2FjlUQ4xTHoWmwSCqRXqOX5j94cU4Z5KDmBLvWdvg1WFeBrcXRDoTWdJAgslhIrXi1jzKAt%2Fn%2B3D26dMqH7FRXzCNbVWzZGBy6GpT0sI8onKmg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests;
cf-ray: 6bd17a092abf7025-FRA
x-cache-hits: 2

GET
H2 200 track.php Show response
secureads.increaserev.com/InvalidAds/ 0
696 B 60ms
27ms XHR
text/html 2606:4700:20::681a:17e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secureads.increaserev.com/InvalidAds/track.php?ip=undefined&domain=sunnewsonline.com&type=mcm.js___a

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/dfpres/mcm.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:17e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 867106769 868133217
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYjlBuyIG%2B0AzUtXLLB351TjNtkjSubWFGqHrkW%2BarE2Sbd3i%2Bz%2BNeXA9ZCOSUuQB1ei9HPAl0yjEPJ4EZP%2FQLVhhuzsv7jBQqR3umQifYW7Qf314h1Zsw%2B%2F0OOr5v%2FWuUdC7DEWy9FQRKoJt7wtPjTh5Jh1Wp4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests;
cf-ray: 6bd17a092ac17025-FRA
x-cache-hits: 2

GET
H3 200 jquery.modal.min.css
www.sunnewsonline.com/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/ 3 KB
2 KB 33ms
32ms Stylesheet
text/css 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/jquery.modal.min.css?ver=4.3.23
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5954630
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Tue, 05 Oct 2021 20:55:18 GMT
server: cloudflare
etag: W/"c81-5cda13f4312ce-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMYb9xn%2FjX5Zi0yeENFYJ4%2B%2B82IxYA4%2FJQztZxnUv5TzGu90E5LgVFuxDDJM1fk2vQaCj%2FzjYCESgQ6Z2feUhCoR9p6ttQ%2FIznF%2Fs51%2FYQ4Tt5DFiK1AWCGiZ3f9ORjdORDpqk9T9q1jJFc9hYHLZd0KVB8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6bd17a0978a64e4f-FRA
expires: Wed, 05 Oct 2022 21:03:50 GMT

GET
H3 200 css
fonts.googleapis.com/ 5 KB
612 B 32ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif%3Aregular%2Citalic%2C700%2C700italic&subset=latin&ver=6.7.0

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0c400c8be6122ab2a8797b3c495be63393e3f1ec93426a88bb2a87a9996f8a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.sunnewsonline.com/
Origin: https://www.sunnewsonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 19:07:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 19:07:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 19:07:40 GMT

GET
H3 200 ads-front.min.js Show response
www.sunnewsonline.com/wp-content/plugins/ads-for-wp/public/assets/js/ 7 KB
4 KB 34ms
27ms Script
application/javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/ads-for-wp/public/assets/js/ads-front.min.js?ver=1.9.16.2
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1a86586e73a2daff4b9bccc2eef0e09c34c1683c5487e710a7f10c742f6bce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Jul 2021 21:07:09 GMT
server: cloudflare
age: 11997534
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IucNU0N5QhEfeGL3nzG9%2BvyC4qWfCtOXjdim9utCC%2BarRvKysSCZ%2FZVJz90MX%2Fp4Y2urJzhNYACplmfVK73qAQzybcwa3dmyx8vsk6SoOtsMM5653JZVzBRZsOMj1dZnrTu%2Bj%2FidW66eiRvhnc2UaYbqXM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd17a09b93a4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 ads-frontend.min.js Show response
www.sunnewsonline.com/wp-content/plugins/ads-for-wp/public/assets/js/ 1 KB
978 B 37ms
30ms Script
application/javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/ads-for-wp/public/assets/js/ads-frontend.min.js?ver=1.9.16.2
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dab5fc88424d51257fc91bb0cd946e4f61dec6af379c8c6659a4e4d231ff607b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Jul 2021 21:07:09 GMT
server: cloudflare
age: 11997534
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FOp1QhCJiS4n5oCUg9J5dFnh%2B3C5MS3HQr%2BKv4Maxm%2B6ZI82qy9c7bUyAOkKp21NsKvv9LwTiLcBDcbpNFjLzOpLSJAmDxq%2BybOtNyrUXkUzK5EN4OvAOhyR9VlCiKo%2B6nCd8n%2F%2FjvQ2sCHapLGVqE4KEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd17a09b93d4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 supposition.js Show response
www.sunnewsonline.com/wp-content/plugins/jnews-video/assets/js/ 1 KB
1 KB 34ms
26ms Script
application/x-javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/jnews-video/assets/js/supposition.js?ver=7.0.8
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b830b5f6370e256e3a56799d9fae9e6a8023114e5cf4da574d7ade0114ea649

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4027667
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Mon, 19 Oct 2020 13:22:58 GMT
server: cloudflare
etag: W/"496-5b2060345b080-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74ApnZIIxpOLZi%2BG2Gkug0Q0vNAfDbnQWi1%2F%2BmtTMNicnFRiyACwpNmlLgjZJRG5IS6zg2NWa2XrxrpAajTOR1nH95SKVKDyWvwUyjfn0H%2B3%2Ff%2FpY7vk6K6JqeizRIu5uPxJq3zyvhqMd5aQKh7MwLblSoc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6bd17a09b93f4e4f-FRA
expires: Fri, 28 Oct 2022 04:19:53 GMT

GET
H3 200 core.min.js Show response
www.sunnewsonline.com/wp-includes/js/jquery/ui/ 4 KB
2 KB 40ms
33ms Script
application/javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46e6f42a22054a793841935920cbbc723856e339fead50fa33c1f1bb3ec5a251

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Sep 2020 16:35:11 GMT
server: cloudflare
age: 12000318
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sn1fFoY5TSxw%2BejUDG%2BY1JXgknILbn2T%2BXZUTt1GgRGeqalXmwopmDdjshBi2wahhqG50tbiCq0xxl59yHv5Rzwwjb6S4WrcmSSfoV3PnnqtjiCiX4U6twL%2BtldOhtG%2FHCs641MOOO2NztjS51vW8xknP%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd17a09b9404e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 widget.min.js Show response
www.sunnewsonline.com/wp-includes/js/jquery/ui/ 7 KB
3 KB 33ms
26ms Script
application/javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cd83d5a29914ad4797748d8e80fbc42c2131fbce9bbcdf2749a275fc7db875f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Sep 2020 16:35:11 GMT
server: cloudflare
age: 12000318
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOQU1VdN5VrlGbTc9r6%2FCC4vSg%2BYj0L80n4fqeLFukAMmGPjIQ4MxPiZ%2BUM1%2BTCQok4IwmTVUXU7txT54DNe3ULskP28rcE1vPch3ddetpsIL84AERS6WRp0PaRMCp2Cm1UwOhRS9SrZKI4pTv1uh0R7yQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd17a09b9414e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 mouse.min.js Show response
www.sunnewsonline.com/wp-includes/js/jquery/ui/ 3 KB
2 KB 34ms
26ms Script
application/javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.11.4
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c04837b935b6d1fac0cbffc4a53bf19a6d89029742dbc4c8ad001c1078f5f957

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Sep 2020 16:35:11 GMT
server: cloudflare
age: 12000318
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNlXJDUl31SylKHJo%2Fr7ifP%2B57znyG9WkVLKByQ9KeBzrZeENRtbRnjkn7ul2LG7bfbtuKwaduAgF%2FfMY04NjJGtQdu8G06NxyMqkCh6AwfHD0hVY9Ml3d8%2FjrUUXiX53sDN5FDu%2FRVgl01uYP%2FYDRFDnrw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd17a09b94a4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 sortable.min.js Show response
www.sunnewsonline.com/wp-includes/js/jquery/ui/ 24 KB
7 KB 40ms
33ms Script
application/javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-includes/js/jquery/ui/sortable.min.js?ver=1.11.4
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29c9837d879a61c89343a4961a24baec69825d8fb1da68bdaa329869596455c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Sep 2020 16:35:11 GMT
server: cloudflare
age: 12000318
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNMnR7U9ASQJp%2BFMoOmCuERPFYktcuaPu27zCnzpK8LaufLPbKAyKCgZf%2BKpFCC%2FwqznsiDdLNBHnE7dDDkDHhBu2YJQp0%2B8ZxEvn7oTKhE3FbVERDMWJRkpqFfttKeUfhJLpGXpg87iTUpc9uqNmdbuiQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd17a09b94c4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 plugin.js Show response
www.sunnewsonline.com/wp-content/plugins/jnews-video/assets/js/ 16 KB
5 KB 47ms
40ms Script
application/javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/jnews-video/assets/js/plugin.js?ver=7.0.8
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55093ef3093d5d8a68abace3b036af1c50bb38f4a200d08af8b9e2f75ac6cb91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Oct 2020 13:22:58 GMT
server: cloudflare
age: 12000318
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLUmUChbdMJX2KllWmh4MC2xV6Ng44JwIG3axeq0imXIS1bdhB%2BzC2WcAp2OMmpDKYImo7wb%2FyrnFkauNqpX2UqWnskePEMzWGeGslvrHnDua58uvzvOzuXwuUmgpbRb2ffhlzeIYUcL6%2BTm7BvzF0eCllI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd17a09b94f4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify

GET
H3 200 frontend.min.js Show response
www.sunnewsonline.com/wp-content/plugins/wp-user-avatar/assets/js/ 9 KB
3 KB 47ms
40ms Script
application/x-javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=3.2.4
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3684b8902fe2f3f96b32be42dca7f2621827f8c8b92fde984b5b1787dd06a17b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2023539
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Sat, 20 Nov 2021 08:55:19 GMT
server: cloudflare
etag: W/"236e-5d1348d209f47-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8dBQla9vD%2BB0ghaOQEmlocD8YH%2Br2mDElpM51Sz96LuXO5i18C5zbhcCcElb4iXOln8nt6mcGx%2FUmTelGxs0ZlSJ0cgwye2SEZqK%2FyttKz2tlM4V1uwFrx8TM%2B%2FIRxzZ6rQq1N2PWfxeODf9y%2FzgEKxQUk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6bd17a09b9504e4f-FRA
expires: Sun, 20 Nov 2022 09:02:00 GMT

GET
H3 200 comment-reply.min.js Show response
www.sunnewsonline.com/wp-includes/js/ 3 KB
2 KB 36ms
29ms Script
application/x-javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-includes/js/comment-reply.min.js?ver=5.5.1
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d06df4184ba84e09a4be6a6ed101d1c3adefea0eaa833ddecf2f2251f6af33a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3952022
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Sat, 17 Oct 2020 11:05:56 GMT
server: cloudflare
etag: W/"b2d-5b1dbdd852d00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GP1iNwRvj0iyuIp8w%2F7fQL4qAjutJDqsD4bcJW%2BO1xbhlbtss7pvl35jhEg8bNxd4OUKwMxW3tR3i7j7A%2B5rsbI4pYgo8Pn6757%2F0OM%2FMi2DP3KdxELqjT12x8kNEGVQUtnF8xJgF9ghCGqWEAoASjd4LM0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6bd17a09b9514e4f-FRA
expires: Sat, 29 Oct 2022 01:20:38 GMT

GET
H3 200 mediaelement-and-player.min.js Show response
www.sunnewsonline.com/wp-includes/js/mediaelement/ 157 KB
39 KB 40ms
33ms Script
application/javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.13-9993131
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 282c86db3fc6cedcc79b172069ba09831ce0e6ba235d13bff382f57f0d3977ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Sep 2020 16:35:11 GMT
server: cloudflare
age: 12000318
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMfulLP7Y%2B%2BV3VrzApOcNiVQpyzqBIH4sk8mfYlNDO8jZ4I1Ozx2pINRJC3fTd%2FP7Hym4FatlIxuZc5OM9DwAKh2mt3rYG9rTrwwyS8E4O4OWGTqlHole%2BMjk6iVG4NA7CdyyYRV6FH1tvdqTN89EYS2edA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd17a09b9584e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 mediaelement-migrate.min.js Show response
www.sunnewsonline.com/wp-includes/js/mediaelement/ 1 KB
1 KB 49ms
43ms Script
application/x-javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.5.1
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b37a604b4add99725c3a9e6b0440fc4452f71139517e7d7deb452ed98499068c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9653134
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Tue, 22 Sep 2020 16:35:11 GMT
server: cloudflare
etag: W/"4a9-5afe98cfa2dc0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrInrQAcxcqbUQuRC5g5OoR717Wqu66I75xy0g7cxrBSKxi1CSMjjKTFPKT2g%2FnVO5mcFxT0MJpyhpnAfwWKsh4q42UL%2Fh2eRflyYUZz7f8Nlo3%2BOCGL0S%2FlOBerRArbmBWjvTySsjk5VE%2BUVZdkiiwxYi4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6bd17a09b95a4e4f-FRA
expires: Wed, 24 Aug 2022 01:42:06 GMT

GET
H3 200 wp-mediaelement.min.js Show response
www.sunnewsonline.com/wp-includes/js/mediaelement/ 907 B
1 KB 50ms
43ms Script
application/javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.5.1
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12aae45dbaf66e541e14694a7810a96fdd8b17f9ac5f5346fdc23d61d6fd74b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Sep 2020 16:35:11 GMT
server: cloudflare
age: 12000318
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1uigvtk%2FKVHGXszPwVBURfB9RJVSCDSZY%2FuqKzpGwBeh4ghIWpOAbju3DY6WfbdJOClDZJBuI95I9cLXdyMwZeOjTiiLT3ffqRi6agaEPMX1eujUlmsIfYMn6lB2%2Fg%2FEqbuyqYh053tAFnSK4MlP5snzcQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd17a09b95c4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 hoverIntent.min.js Show response
www.sunnewsonline.com/wp-includes/js/ 1 KB
1 KB 50ms
43ms Script
application/javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5036d77bc45902a3567f499ebf981076387d71995d6fab43c9be0cd0b962b230

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Sep 2020 16:35:11 GMT
server: cloudflare
age: 12000318
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpfkJcgDiRhKHCpyC5z8BQs9%2BqMNrIFbp%2BY6Q8l64D8pXnT%2FdSMqdBL27HPDq4mMX4tzwPyE1LF8lWSYILMsdo1f6DmgRx6rPrwSdjNVKPtXzNgtxt3Kyt3LmGPyFSjrLWcJMG4f2%2BeyvJoDI15lLaSQrWg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd17a09b95e4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 imagesloaded.min.js Show response
www.sunnewsonline.com/wp-includes/js/ 5 KB
2 KB 50ms
43ms Script
application/javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 17 Oct 2020 11:05:56 GMT
server: cloudflare
age: 12000318
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovwCEj97PIbsSMUEHt7m56hu8b8OBrr8AQDtElTtZqRJc38liuvZBAqH4gOHja9vwUEyrD1fNTTsW2HUirIA44STV2dQZqZ%2ByRY7aT8zLVYYPEHWj5XiounGnAkNNclt5hWWtq2qjVFf2hvUlpJMeJPDe7s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd17a09b9614e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 frontend.min.js Show response
www.sunnewsonline.com/wp-content/themes/jnews3/assets/dist/ 277 KB
79 KB 55ms
49ms Script
application/javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/themes/jnews3/assets/dist/frontend.min.js?ver=1.0.0
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4bfade3e46d2b26c8f8cddab814721312540f18400dbe3544c05ca75371b63f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 13:04:15 GMT
server: cloudflare
age: 12000318
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9a5I1bppPwQ2jeG2kO2ykQJkPP1nTrEoodtRdHJwhoCLEQh9xRAj6xoLcZMSRSfozq0itKSolqFmA4ESVYMxVL2tLiFwx2yQPKEFpNENwjSlSdraQ5sh5RAEAPSNnWbuZRXxvbWFlKHf9%2FiJBJFCBsniKCs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd17a09b9624e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 plugin.js Show response
www.sunnewsonline.com/wp-content/plugins/jnews-social-login/assets/js/ 907 B
1 KB 60ms
54ms Script
application/x-javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/jnews-social-login/assets/js/plugin.js?ver=7.0.3
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a05b5c6f3d2ebf0a27eb700a499a8860699ce224b61eebab608215ea1ddf2531

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4261248
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Mon, 19 Oct 2020 13:26:20 GMT
server: cloudflare
etag: W/"38b-5b2060f4ff700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpGtlKRefyjudEahqjYmSzerh2BVQ8zEBYvo%2FtR6%2B3ugfUk4py5iEEFivEF9OnjcAf6OPODFqqu%2FtClXDpZTGKJ%2Fd5vP1TlVg3EGhXwXrP7V4O5UkU5H2wgNt5dqoUgg6iudFiDB6Bz%2Buk5UdRJmN93jgLM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6bd17a09b9634e4f-FRA
expires: Tue, 25 Oct 2022 11:26:52 GMT

GET
H3 200 plugin.js Show response
www.sunnewsonline.com/wp-content/plugins/jnews-social-share/assets/js/ 3 KB
2 KB 61ms
55ms Script
application/javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/jnews-social-share/assets/js/plugin.js
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1571f1bece418ee90d63337858269630c13b63c4bc5d8fcbb6caf1ea8b29d998

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Oct 2020 13:24:28 GMT
server: cloudflare
age: 12000318
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFOlxGs9BrMY8wcGzERDUYRrXyLMhZ5o%2FK9l8cDpE3jy6g8uy3Ub5k6LLrafDkLFwJCN5PAtIRnpbOzQWlV1asaS7zf80gISjbnEDQIdEkNVGGgJvBMg9dVPJhNtu0akXgxGDou5LichCc0XMQInzNxcpgo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd17a09b9654e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify

GET
H3 200 wp-embed.min.js Show response
www.sunnewsonline.com/wp-includes/js/ 1 KB
1 KB 61ms
55ms Script
application/x-javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-includes/js/wp-embed.min.js?ver=5.5.1
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7922023
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Tue, 22 Sep 2020 16:35:11 GMT
server: cloudflare
etag: W/"59a-5afe98cfa2dc0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OlF6TnS9SueR1UowviREdFNEmT0%2F4WPdaQglPnmb%2FKoIDWzNfkByX%2BpcAtAV6L8V205ZGll0MHQlGwJx%2B7dNmXhRe2xaaxRpB1Zd7ZhOw5epvOe7VoA%2FZk%2Bm4Lpqin2pFXb8TGsedXC%2BJzCm0ucJAMFOQhs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6bd17a09b9674e4f-FRA
expires: Tue, 13 Sep 2022 02:33:57 GMT

GET
H3 200 jquery.modal.min.js Show response
www.sunnewsonline.com/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/ 5 KB
2 KB 61ms
56ms Script
application/x-javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/social-networks-auto-poster-facebook-twitter-g/js-css/jquery.modal.min.js?ver=4.3.23
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 970d08b0edc4bfc0925495d8b11564f3c2fd368f745f7b3510a7fced11848894

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3952041
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Tue, 05 Oct 2021 20:55:18 GMT
server: cloudflare
etag: W/"136e-5cda13f4312ce-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZY7rq5KdiS%2F9lL2Si8yzXRJH5xQma35jr9tfFdVa78nRG%2BZdcdEbXtzca6HLIQHPoWLRSnv9Y%2BjGqLBWn7b4YcXm%2Bb3vXsBa%2F7itpT4V5AGU13YEMb9BBwyXIhuDt8bbO3uDMZDHJ6lOhcYYbl39ej4BFA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6bd17a09b9694e4f-FRA
expires: Sat, 29 Oct 2022 01:20:19 GMT

GET
H3 200 ads.js Show response
www.sunnewsonline.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ 68 B
763 B 62ms
57ms Script
application/x-javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.36
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 955c98325a7e06af12c0e9a93a342ce5abe84b545e181ca0bdf110a1b5331139

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 554861
cf-polished: origSize=78
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Tue, 07 Dec 2021 08:55:19 GMT
server: cloudflare
etag: W/"4e-5d28a88630d7f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ve0vtfSw3GJmWp%2Bq4tXDXWzBNXqALHWoJAbH0u43mB6TL1Arz2bT2UAzFup%2FsUi6DysGy4knkT7nJ0UXU0dp%2FayCZezjA9V80ZKLoC%2Bf58xqL5QrV5r80WmItq0AzdBbYvALRqQGGl3xRW0cjCiqcbCD1rM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6bd17a09b96b4e4f-FRA
expires: Wed, 07 Dec 2022 08:59:59 GMT

GET
H3 200 js_composer_front.min.js Show response
www.sunnewsonline.com/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
6 KB 63ms
57ms Script
application/x-javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.7.0
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 159faf7827be43b4c85a35fc941924a9de59a169d42d600b49161f60debf9dff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4125596
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
last-modified: Tue, 27 Jul 2021 21:13:17 GMT
server: cloudflare
etag: W/"4e9c-5c82156b8aa9c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDCLYwswtPHY%2FW52GF6BfNuQaDHqML3mRi9nJjZRp4XGYPaN%2BFKJkjsTtj5z8yZ9ThY8l%2F12CUEAvbu%2B4DP9plnrDKp5ytwPqvu69SKm%2FKdRC0Bgq422uVOIV9Ljva03SCsv2yMrt9yvmgTTpF9a62MNqqM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6bd17a09b96e4e4f-FRA
expires: Thu, 27 Oct 2022 01:07:44 GMT

GET
H3 200 hero.js Show response
www.sunnewsonline.com/wp-content/themes/jnews3/assets/js/ 2 KB
1 KB 62ms
57ms Script
application/javascript 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/themes/jnews3/assets/js/hero.js?ver=1.0.0
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6554cc4fd404ee3c0b0228d628e6a60cf8aba9b234fdfac2723b463b6b5188f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 13:04:35 GMT
server: cloudflare
age: 12000295
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AursOn8uT1HcYJvGPKolYUjCaVuf7SOZ90MQvpzgmA%2Fr3EFutb1hbMc84aY63cx9FHs39t44qGL9dlo%2B2gr3oJbs7Qf0pNUh7kedhuAXwE5dfomwksiFJsvy5qatQwEJ7WmJ%2B2ds%2FiRv2g0jN9Wv25%2BEObA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bd17a09b9704e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 40ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-75348301-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 394
date: Mon, 13 Dec 2021 19:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 13 Dec 2021 21:01:06 GMT

GET
H2 200 e-202150.js Show response
stats.wp.com/ 9 KB
3 KB 26ms
6ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202150.js
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT hhn
date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 04 Dec 2022 22:02:47 GMT

GET
H3 200 checkblock.php Show response
secureads.increaserev.com/InvalidAds/ 32 B
685 B 143ms
118ms XHR
text/html 2606:4700:20::681a:17e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secureads.increaserev.com/InvalidAds/checkblock.php?ip=2001:ac8:20:8f:137::1&domain=sunnewsonline.com

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/dfpres/mcm.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:17e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37dbd9c8838bf7334757a235906507a14287f9a2a676ca05b557d28939ef6c17

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 868520547
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1iVgVS9tG8A6OtqGLdvi5WBsNLuLWAaIuh6W2fD5yH9GJcwaBDEuFpM%2FFDv864YK%2BvduxEmofhxUpVb2eG6VAkvmcXZZaadY0%2FY5GTF5EMD0Cu4XtQq4mj%2BAlhe4brHbslURMxEuoAJtwOwcT976LWOWCyOk9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests;
cf-ray: 6bd17a09ab6759a7-MXP

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 276 KB
99 KB 54ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1098601291027995&plah=www.sunnewsonline.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101734
x-xss-protection: 0
server: cafe
etag: 4507154694380913909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 13 Dec 2021 19:07:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 5125 11 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 13 Dec 2021 18:36:45 GMT
expires: Mon, 27 Dec 2021 18:36:45 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 1855
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C700%7CRoboto+Condensed%3Aregular%2C700%7CPT+Serif%3Aregular%2Citalic%2C700%2C700italic&display=swap&ver=1.2.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sunnewsonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 01:54:06 GMT
x-content-type-options: nosniff
age: 494014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 01:54:06 GMT

GET
H3 200 preloader.gif
www.sunnewsonline.com/wp-content/themes/jnews3/assets/dist/image/ 4 KB
5 KB 21ms
17ms Image
image/gif 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/themes/jnews3/assets/dist/image/preloader.gif
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/wp-content/themes/jnews3/assets/dist/frontend.min.css?ver=1.0.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/wp-content/themes/jnews3/assets/dist/frontend.min.css?ver=1.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 13:07:27 GMT
server: cloudflare
age: 11996984
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2F8i5RrD6R4PPs%2FJF897X7QYpSekBTpfDFeF%2B1tq%2FZugO9AmmKouXZhtLzWSS1%2BKPv8KRZhzWk4LqqK3kjUt2N3RIr4EN2a9xGJ0OK3AdRh%2FA21urtZn%2B6GzPZpkQcgrTXaTyp4wCoiPOiq0Ga1BVfeccTI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6bd17a0a09ee4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4399

GET
H3 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 27ms
10ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sunnewsonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 19:53:24 GMT
x-content-type-options: nosniff
age: 515656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 19:53:24 GMT

GET
H3 200 fontawesome-webfont.woff2
www.sunnewsonline.com/wp-content/themes/jnews3/assets/dist/font/ 75 KB
76 KB 28ms
21ms Font
application/font-woff2 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/themes/jnews3/assets/dist/font/fontawesome-webfont.woff2
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/wp-content/themes/jnews3/assets/dist/frontend.min.css?ver=1.0.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.sunnewsonline.com/wp-content/themes/jnews3/assets/dist/frontend.min.css?ver=1.0.0
Origin: https://www.sunnewsonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9653134
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
server: cloudflare
etag: W/"12d68-5b100474e8d80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvfX9n0ZhehVNTM%2F1yQMKO1Isr%2F55Wf%2Fb7%2B%2FixU6VmcRRSv9Oh4jxIrtv97aAIo2XVvJi67uo4LenjSV4LEioX%2FN94%2BxVsIwzf14UEcQqRAl39UwFzFpBDRy9FBNkGqKO2dIAWo8BtbEpcsWuryUXNr%2FdhU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: public, max-age=31536000
cf-ray: 6bd17a0a0a064e4f-FRA
expires: Wed, 24 Aug 2022 01:42:06 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 25ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sunnewsonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:07:55 GMT
x-content-type-options: nosniff
age: 514785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 20:07:55 GMT

GET
H3 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sunnewsonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:05:06 GMT
x-content-type-options: nosniff
age: 514954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 20:05:06 GMT

GET
H3 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v12/ 32 KB
32 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sunnewsonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:26:57 GMT
x-content-type-options: nosniff
age: 502843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32960
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:06:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 23:26:57 GMT

GET
H2 200 vdo.ai.js Show response
a.vdo.ai/core/v-sunnewsonline/ 16 KB
5 KB 82ms
31ms Script
text/javascript 2606:4700:3033::ac43:de92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/v-sunnewsonline/vdo.ai.js
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:de92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.30
Resource Hash: 37d62116c41bc38c3219c6dcc4dc86dc0a435dab55c7d0cf950954003863cabc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2097
x-powered-by: PHP/7.2.30
x-cache: HIT
vdo-server: Tag3
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 13 Dec 2021 18:32:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUtxbTO9q0n4P4GZA5sAcbJFwPXMQmFQDEMnImwVBJT%2B7J%2B1OH%2F7gvkUyItExf76AnZK6Szlzu3tmmDIzU9QMnDe5YGWzsuj4SH1NKHjS7fCQktyuIJ5J%2Bf6VRZ2xBn2RlwNReMO1w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 37954442 37386875
content-type: text/javascript;charset=UTF-8
cache-control: max-age=1800
cf-ray: 6bd17a0b2b36839a-MXP

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 79ms
56ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Dec 2021 19:07:40 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 194 B
762 B 40ms
19ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sunnewsonline.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

1edbe951e7c9185bebdda55840f2cb7244ede8b95b6da9fe3dc0ed6d87acb1b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126
x-xss-protection: 0
expires: Mon, 13 Dec 2021 19:07:40 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1219105699&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=418053854&gjid=310418821&cid=654118136.1639422461&tid=UA-75348301-1&_gid=1070411777.1639422461&_r=1&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1680798961

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1219105699&t=pageview&_s=2&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=&gjid=&cid=654118136.1639422461&tid=UA-75348301-1&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1577554562

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75976
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
feedify.net/thirdparty/json/setting/ 3 KB
2 KB 307ms
245ms Script
text/html 2606:4700:3031::ac43:b662
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://feedify.net/thirdparty/json/setting/?callback=fdy1113010064166783725415_1639422460707&_=1639422460708
Requested by: Host: cdn.feedify.net
URL: https://cdn.feedify.net/getjs/feedbackembad-min-3.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b662 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8c0113ea7191e31106326198a504c0a675d8e3495dbb9c7459a71e23989850c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TY5BhU%2FxWlv8HMwxca4aV%2FOLVaaFCXv5H5tt6M2JGHGh27JWnfdBYneSbQ2nmijNenmoTmTWpZgaiWxcMChh0y0Rfeh4r%2BwYxg%2BO9YjIN23LRrqKrIuAjn7G9OJSIFPaMjWSjaDgHR2CDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 6bd17a0be83f0f5a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
652 B 53ms
17ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.sunnewsonline.com&callback=_gfp_s_&client=ca-pub-1098601291027995

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1098601291027995&plah=www.sunnewsonline.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

7ba2ade7baf1718720f4b5b120373d0de35479aec15324d20ee6d08fa161bdfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 208
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 57ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 48ms
18ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 14C6 603 B
68 B 62ms
41ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1098601291027995&output=html&adk=1812271804&adf=3025194257&lmt=1639422160&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460406&bpp=30&bdt=244&idt=319&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3311153261771&frm=20&pv=2&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=341

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 13 Dec 2021 19:07:40 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 13 Dec 2021 19:07:40 GMT
cache-control: private

GET
H3

200

Screenshot_20211213-064109_Word.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/Screenshot_20211213-064109_Word.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Screenshot_20211213-064109_Word.jpg

827 KB
828 KB

34ms
34ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Screenshot_20211213-064109_Word.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 239760dc1843c5976b72f9c09da7f2991c412dc6e6123e73937079584896a5a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45735
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 847136
pragma: public
referrer-policy
last-modified: Mon, 13 Dec 2021 06:20:12 GMT
server: cloudflare
etag: "ced20-5d30110bcdb88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBsbxZb2zJjaW%2BlmH0LB4%2BFO%2ByMTo1U4mgkYwk%2BT8KzdmSvsKvDzBh4Ht8tHuDsuddt9dF2n3ugZUd4prvWJefACcFVbqdJxFltuanLGGR5Hmr5cnlFeYhy%2BYwqCDMmDvMJWPiuUgmPiUK6M6OVaZEphMg8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0c1e904e4f-FRA
expires: Tue, 13 Dec 2022 06:25:25 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7ow7ET3NJG4rIDcC%2FtOEhPU%2BA2h1DFtp6DczxlxFu1fPHd3X%2F8zMz3CdeF5Hx6jR%2BeLKKtwCNpEobN4xxBRFz1fwDWwSfi7R0Shfsv9d9TA50BgaIHMaS85jz%2BCPYP%2F3cHSHU2QnLxvaZS3oK%2BJoA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Screenshot_20211213-064109_Word.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0bcdd74e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

Screenshot_20211213-064304_Word-168x300.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/Screenshot_20211213-064304_Word-168x300.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Screenshot_20211213-064304_Word-168x300.jpg

14 KB
15 KB

48ms
47ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Screenshot_20211213-064304_Word-168x300.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0a1df13547331b665688fe713ba80cf9e053dc3bdb8a833e73fd3fb7b140527

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45798
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14776
pragma: public
referrer-policy
last-modified: Mon, 13 Dec 2021 05:53:42 GMT
server: cloudflare
etag: "39b8-5d300b1f15773"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHszUGP5O%2FSiPEni6SIljgX7f5lFOVKeEZDsbkH5oy2S6sqk3g25vKm%2Bn3JXQsvHsK724p5QPXyANkOznObgNV2lmeRWOMVBaMDSEFXA1n%2F5vD2VbYEWW5ooAPrI%2Fx8PCWwevpeGGzzlCb1zoGEdrHjzF78%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0c1ea34e4f-FRA
expires: Tue, 13 Dec 2022 06:24:22 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ct8XK0qR1iRk9%2FFDwDGXr4jbHCy%2FZ87mK2nPLfVGcDnqAE2ELivmmq8Ad5JFwyWAw36A9LBpnra7ArziEIPzohs2EFCFtUCDql5NaD9mNcB4%2F6kppQQQO0VAM6BkO17mqCLyyRWv1KRW2Oc2wt1EXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Screenshot_20211213-064304_Word-168x300.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0bcdda4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

the_sun_epaper_advert_2.png
www.sunnewsonline.com/wp-content/uploads/2021/03/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/03/the_sun_epaper_advert_2.png
https://www.sunnewsonline.com/wp-content/uploads/2021/03/the_sun_epaper_advert_2.png

238 KB
239 KB

18ms
18ms

Image
image/png

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/03/the_sun_epaper_advert_2.png
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61d0b25f3a7150bd34efb8e37492f3de253b0bb5f7fbcc1ba91adf6eec8b3c6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4027393
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 244082
pragma: public
referrer-policy
last-modified: Thu, 25 Mar 2021 16:53:25 GMT
server: cloudflare
etag: "3b972-5be5f40fc4b40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3DUM8etwtvOd07twAWDRiy9hbZREkfm5ePke6ENg4QL1jYdPTq%2FI4yIFdAOl4RrPVPTAb4GvmnOWrl33SjqtDcK8r6liFxib4qgVboIidBYKQzhH96ur%2FLHBt%2BsLvItkEKfW0%2Fr2xXw7fnMMKSk2WWmviU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0c1e924e4f-FRA
expires: Fri, 28 Oct 2022 04:24:27 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCuVcdvUqLjicqE6BxVt9cvn03Zm8Bn8P5FhD136qFnyRX7ssbh51HzWMxyVn4yPS%2B3QQyrEqpF%2FpUNEiaDrMmOZVmWGYf9ogLQFeIfa8Kh4NYtRabtVjYqZiYtC73dlLB4qbun9S0OGDVLmokJFFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/03/the_sun_epaper_advert_2.png
cache-control: max-age=3600
cf-ray: 6bd17a0bcddb4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame EA0F 0
0 799ms
799ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=7228661401&adk=2972760969&adf=1413519997&pi=t.ma~as.7228661401&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460775&bpp=2&bdt=613&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3311153261771&frm=20&pv=2&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=1192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=X4T5mPPx2j&p=https%3A//www.sunnewsonline.com&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 13 Dec 2021 19:07:41 GMT
server: cafe
content-length: 29340
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 13 Dec 2021 19:07:41 GMT
cache-control: private

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 79FE 96 KB
0 621ms
620ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=8187176395&adk=1961058974&adf=4137666700&pi=t.ma~as.8187176395&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460787&bpp=1&bdt=624&idt=1&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=1539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=1&fsb=1&xpc=K9rwXAImFL&p=https%3A//www.sunnewsonline.com&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 13 Dec 2021 19:07:41 GMT
server: cafe
content-length: 30461
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 13 Dec 2021 19:07:41 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C068 71 KB
27 KB 713ms
712ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=90&slotname=7302666336&adk=770366950&adf=2369281301&pi=t.ma~as.7302666336&w=970&lmt=1639422160&psa=0&format=970x90&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460436&bpp=7&bdt=274&idt=368&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=315&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gy81gyRDvh&p=https%3A//www.sunnewsonline.com&dtd=371

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5063da00180af2162da852b56e843427ec6a29e3da624254006b74e83c757dfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 13 Dec 2021 19:07:41 GMT
server: cafe
content-length: 27763
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 13 Dec 2021 19:07:41 GMT
cache-control: private

GET
H3 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v12/ 29 KB
29 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v12/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e548abcd8734bfcf8b4ebbbca1af98f9e8ae1e0ff884c0971f29498a4fc108f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sunnewsonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 20:39:36 GMT
x-content-type-options: nosniff
age: 426484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29400
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:05:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 20:39:36 GMT

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame A316 118 KB
35 KB 55ms
22ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1639422460.cds140.fr8.hn,1639422460.cds289.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 212D 118 KB
35 KB 32ms
12ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1639422460.cds140.fr8.hn,1639422460.cds289.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
597 B 100ms
45ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:40 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1639422460939035-545
Expires: Mon, 13 Dec 2021 19:07:40 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C0D2 88 KB
31 KB 837ms
836ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8218178373&adk=2033062148&adf=2621076951&pi=t.ma~as.8218178373&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460554&bpp=2&bdt=392&idt=292&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WyFRi4xKFR&p=https%3A//www.sunnewsonline.com&dtd=298

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c6b15da07e90ce81dde5ad2f2d571cac2c4cbdb7e7632b5ec28a205fc17e01d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 13 Dec 2021 19:07:41 GMT
server: cafe
content-length: 31666
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 13 Dec 2021 19:07:41 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
443 B 78ms
21ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-75348301-1&cid=654118136.1639422461&jid=418053854&gjid=310418821&_gid=1070411777.1639422461&_u=YGBACUAABAAAAC~&z=1133282707

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 13 Dec 2021 19:07:40 GMT
content-type: text/plain
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 33ms
17ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-35

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-sunnewsonline/vdo.ai.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a45e6aa2cebc209fb91180492d693411826d16325d6d44838548381b3664619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36223
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Dec 2021 19:07:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 31ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-35&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-75348301-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b753e48c286fdf30a88157671ff645ace5b179c36a1ab2afdf889b0d79971127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36244
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Dec 2021 19:07:40 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 308ms
93ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-sunnewsonline/vdo.ai.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Dec 2021 19:07:41 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 allowed_url.php Show response
targeting.vdo.ai/ 8 KB
3 KB 92ms
42ms XHR
application/json 2606:4700:3033::ac43:de92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.vdo.ai/allowed_url.php?type=json&url=sunnewsonline.com%2F&tag=v-sunnewsonline&domain=sunnewsonline.com
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-sunnewsonline/vdo.ai.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:de92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bff5f7bcf90f0e5dc74b31faaac34df2262eac1ef005f37440a5523c5ada7659

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bv1GXeW4qx7pcZPcTO1u%2F6RLm7x9%2F0IjE%2BPN2jM3NpaVnip4CFvIzdw51sROCAC46ndEwbypVGN71g1pVZPDvySbLrfyQMlpxZ3%2Bqo%2B%2Buy8WdgJ1UGlFjDC9MpTsdW27xuZwBYkjZBPaIfY2uW8q"}],"group":"cf-nel","max_age":604800}
cf-ray: 6bd17a0cda548397-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E99B 17 KB
9 KB 719ms
719ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=90&slotname=5247484779&adk=3007378855&adf=1881412065&pi=t.ma~as.5247484779&w=728&lmt=1639422160&psa=0&format=728x90&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460894&bpp=2&bdt=732&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=3643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=P37kt1qyDA&p=https%3A//www.sunnewsonline.com&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e18bf5ffe2eed29710bcdcc074089ab0691e4a181cda1fba3a05ad7046b83679

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 13 Dec 2021 19:07:41 GMT
server: cafe
content-length: 9679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 13 Dec 2021 19:07:41 GMT
cache-control: private

GET
H3

200

thumbnail-3.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/thumbnail-3.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/thumbnail-3.jpg

158 KB
159 KB

19ms
19ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/thumbnail-3.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5346c794b978bca76ef77177a5be9ccceb755e3a63a2c9ff179cf800d614fce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26392
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 161719
pragma: public
referrer-policy
last-modified: Sun, 12 Dec 2021 13:42:29 GMT
server: cloudflare
etag: "277b7-5d2f32098c9a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9oWQdzo22mEEOHXGiQq5LaW4foU5IU4cdrmDptcsDRSmC84PhGoQxeK98bGkKg526BakLGXYF7BeOc948rNx97pNGySlIHB1L3CesvHqW2VDYp9EIKEmawwPO5h0uTFgeOuJ%2BA9LWI%2Fe9FNrHU6n5hmKbk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d592f4e4f-FRA
expires: Tue, 13 Dec 2022 11:47:49 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Mz%2FuuYzpErI4XLcA2uIy7ww6e4HyJx5hsgc6F%2B7G1lBbM6DNCpc2kpI5pdh%2BmssXjauC%2F%2F5eftmqxsNiQ2DkCSxJLkr4jIeCJClqzcmXMyYSQXI8TY%2BjYoIoS%2B%2FMV6jYxogx7iKxhZlSQd3mCARzg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/thumbnail-3.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0cbfc64e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

wilfred-ndidi.jpg
www.sunnewsonline.com/wp-content/uploads/2021/11/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/11/wilfred-ndidi.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/11/wilfred-ndidi.jpg

35 KB
36 KB

18ms
18ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/11/wilfred-ndidi.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbd54cadb8a8409287018c30be8ead649b9483ea9c08b7fe3bbd3c86b7afa0e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42830
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35695
pragma: public
referrer-policy
last-modified: Sun, 28 Nov 2021 05:19:20 GMT
server: cloudflare
etag: "8b6f-5d1d2776b7eca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4aTvpzISVw9VOLCtrOlh9FIekF0sO7haubOx9zPM2Wc3aGq88D7Wk9%2FX%2BCK%2BSrILDdkepQXPcexToLulw0cAym6RW2l4B%2BrXymAEpnRWAZBv5Yq3IuCR%2FSWkd8OTT4Zk3lgXbfhOxMmA3f10NM%2FGYt5IMgM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d59324e4f-FRA
expires: Tue, 13 Dec 2022 07:13:51 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fy4whxflzjovSElCMU2qDQI3BeM2O6X8R18hVcmZIur0tltFBvtusWWEWZrZzntcuU7L8q2TuLzgYA9otUT%2B6rUm%2BqiqfFkVFkYx6cBYQzw4UPqOmZzvcdPlxBwCOutWIUJTe2hBHJvN1AhYkY3fFA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/11/wilfred-ndidi.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0cbfc74e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

Nigerias-Falconets-e1632498652334.png
www.sunnewsonline.com/wp-content/uploads/2021/09/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/09/Nigerias-Falconets-e1632498652334.png
https://www.sunnewsonline.com/wp-content/uploads/2021/09/Nigerias-Falconets-e1632498652334.png

309 KB
310 KB

33ms
32ms

Image
image/png

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/09/Nigerias-Falconets-e1632498652334.png
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b862b2a9bbcc5be914cdba0d6dcf72b071b431fb3300fbcbeebfeb43fb9e0bad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42872
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 316606
pragma: public
referrer-policy
last-modified: Sat, 25 Sep 2021 04:18:57 GMT
server: cloudflare
etag: "4d4be-5ccca29a26d31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixh2MtaSvNTf%2Fm%2Fnlvnfv2m1PCbKi8KYktndjs%2F6u4YvibWqi0MuDsGlz%2BFFnZzpjoCO1%2FNqfs9lDlq%2BZimy%2BLoYuV%2BOTsrwfTOJZVM7VPBOGEvoVW54IOJ6q9%2BqsNlN8AhAPiVondqk%2BdndfFh4qOLg9E0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d59344e4f-FRA
expires: Tue, 13 Dec 2022 07:13:09 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apGOXy2p5mMwJ4t8lGS2BPhye3DZ9DNQ5fEqznshibuUUfe4Q4V2XH123cw%2BeMki0WVbs%2FRG2rETvcsN77SXW10rIwVysPwdg4EhmpZL5ZBO%2Bh7AN6i0ndIi0QBrknq%2Bpa6DQqcMR3cWIwnrNvnQ9g%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/09/Nigerias-Falconets-e1632498652334.png
cache-control: max-age=3600
cf-ray: 6bd17a0cbfc84e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

Sailing-copy-750x461.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/Sailing-copy-750x461.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Sailing-copy-750x461.jpg

63 KB
63 KB

92ms
91ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Sailing-copy-750x461.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6918c5da7b7c6aef1dbc7d60375409304269fc56ae7c1c7fc6840ce7b183a2a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42830
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 64069
pragma: public
referrer-policy
last-modified: Mon, 13 Dec 2021 07:10:03 GMT
server: cloudflare
etag: "fa45-5d301c2fb20cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOY2S3UeqwUtWULWss6DMhoL%2FGnmVMb2oQ24HRddmqZhIByAyhzkmK6%2BQfamv51ZplIZyBsr9LmJZr8pH3uKN02bMoWDrKZVdpTr9HTcKpqCjkph2aUiVZfHyPWOhcHOCbzyvJBOn3I0h35h4Zyo5bMPJrs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d69514e4f-FRA
expires: Tue, 13 Dec 2022 07:13:51 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ly1eFYhidNg3OWp%2FcDh1NA0slkhTBEpnvLG9nlf5X2dHgK0QveDVfbn7zQE6gPyXPSRKEzTX503XQKi6UXnLIsvSe3fCqvx%2Fxh7Em08GaHNwMKylbGvMkbvZq2ovloRmcrSJAzNZuSDDeMWq7cHQkg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Sailing-copy-750x461.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0cbfca4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

IMG-20211211-WA0121.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/IMG-20211211-WA0121.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/IMG-20211211-WA0121.jpg

110 KB
111 KB

42ms
42ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/IMG-20211211-WA0121.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 244098a858198521c6dd4200fe28501cf71f4bd5f06e99987e08bba9507dd767

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43166
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 112764
pragma: public
referrer-policy
last-modified: Mon, 13 Dec 2021 07:06:24 GMT
server: cloudflare
etag: "1b87c-5d301b5ed612a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tk%2BMJmUYzJ%2FNcYSz04obEUvQ7JuDBGgeJUlrAu02%2Bb2nLjENcxU0aOrEZ643%2FD4mLNYIG97Nv82c%2BysPMg8RVKjD4AolzLIq3vt8YAHoovBqLLcV914%2FoSkA%2FUtaIM4k4Di7fjW3KuPCwCTD32VftrAdLyY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d59354e4f-FRA
expires: Tue, 13 Dec 2022 07:08:15 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrrNjoQpaTMbts8gNaRHgOYxmkVKjCxdvsTfe4IlCw2FBTw12EpyXzkOi0zZ6glRVRUIi6kv3Fhz2LdI%2BTnHOikopKTTSrJs54cUVBTJQnuWxQjxL2io16UaxVZR%2Ffq1sDWsnliYkZQUwar4eQ3ypA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/IMG-20211211-WA0121.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0cbfcd4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

54346ed2-gernot-rohr-750x407.jpg
www.sunnewsonline.com/wp-content/uploads/2019/02/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2019/02/54346ed2-gernot-rohr-750x407.jpg
https://www.sunnewsonline.com/wp-content/uploads/2019/02/54346ed2-gernot-rohr-750x407.jpg

41 KB
42 KB

70ms
70ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2019/02/54346ed2-gernot-rohr-750x407.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ee6725802ec47954fa8878da0f9f4e80341bb932e53d37a04784652c81e3558

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26311
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 42083
pragma: public
referrer-policy
last-modified: Tue, 12 Feb 2019 03:46:38 GMT
server: cloudflare
etag: "a463-581aa45bd2380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BU%2BnxMNxnuSk23oRTn1ncoqG%2B2TecL%2BoQI4guL7LzYyM9Qw7BYM90KCqj2lqb3cWh4wG5CS3kGGkQdQKzhEDNJwZsz09XSIj2knUQR5s3kyqlnTcHRNT%2BXzuZgltUH%2F0ejZ%2ByZX0HQmQt2P3qX0AGRyeC1U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d593c4e4f-FRA
expires: Tue, 13 Dec 2022 11:49:10 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRpzo2DE32hsmdQPHlIi%2BhVjxZ5DEYbAVwJJX5Fzm0kLHeDb8gFzH6TCzEWAx4y8thA%2FO8%2FGQ6JG9UBQktZMVniV8C0twS9YI0o%2BIl8ZXcF6yWkEIiyvvXnhaSqcl%2BMIu9eZyD2ex7nCeDM8JQpDJw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2019/02/54346ed2-gernot-rohr-750x407.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0cbfce4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

IMG_20211210_155134_471-300x135-1.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/IMG_20211210_155134_471-300x135-1.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/IMG_20211210_155134_471-300x135-1.jpg

14 KB
14 KB

94ms
93ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/IMG_20211210_155134_471-300x135-1.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79e648e6bc0816bb24386c01283b58d120d2e5c4e939b4eb64b9c5e2a302b89f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 187673
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14045
pragma: public
referrer-policy
last-modified: Sat, 11 Dec 2021 14:56:54 GMT
server: cloudflare
etag: "36dd-5d2e00ce3cd53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8Qqu5J4U9W3riK8RtunvA%2BmVMe%2BsCWxgH0PxCb6B3EC%2BktoncomM6yb2H%2F%2BFjnkXhbANmDw%2F8Se%2BgnmCFIxNefmm22tluKH5QOH%2FOOm%2FtN4rX3yBo4XqPvXaLz%2FMG6NnY2ViGoD8BZJ5eSn1Dmg%2FjWHm6E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d69574e4f-FRA
expires: Sun, 11 Dec 2022 14:59:48 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlC9P4f%2F7sDlbVN8WYFKy0HNIqX6pIWGbzD7sUWDmftVF3Gh6zvg095Tq0EBJdz%2BWGpuyYiZ5tZno0O91I8pmG98sLVmF4oC1njcW5qtkYd%2Bc8Fi4CTqMb3icwucMporX8YbVjGD9F9mwT6S9oFlAA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/IMG_20211210_155134_471-300x135-1.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0cbfd34e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

IMG-20211211-WA0097-750x537.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/IMG-20211211-WA0097-750x537.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/IMG-20211211-WA0097-750x537.jpg

74 KB
75 KB

73ms
73ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/IMG-20211211-WA0097-750x537.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01cb7ad44c858eeea652bbd539f5222195c738674fde666199126beaffa19746

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 187607
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 76030
pragma: public
referrer-policy
last-modified: Sat, 11 Dec 2021 14:10:43 GMT
server: cloudflare
etag: "128fe-5d2df67ba1586"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2Bh3E39RzZ10X11%2BIjV0SVTEGR47l7S6snZbDoqdrJxIGn4j2GBMFejzTXbFAiAms5odIQuZaVlJRzcLs%2Fm%2BxajtrgoSaEVf6LnpTK4XUh9BW7wQV5qgd%2FFtSYxxwusNLAch%2BKwuybezd4vxschjk41etmE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d593f4e4f-FRA
expires: Sun, 11 Dec 2022 15:00:54 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJEwPWPtXjilD9SHBFhBzP0HFsqgvV4646ThSh6lfbWIlLwgqpbI40VdeA2SNwYsJR7DY4pZh4R%2F6c7cRsCMRfFZUpA8mT945dzSHxd810hiGWFcK6gZgbdFqPOpVq1VMU0C4YP3fS%2Ft%2B7MJFXMQXA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/IMG-20211211-WA0097-750x537.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0cbfd54e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

victor-moses-spartak-moscow_1dpxfaociziop1l48ztx0xgm8q.jpg
www.sunnewsonline.com/wp-content/uploads/2020/10/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2020/10/victor-moses-spartak-moscow_1dpxfaociziop1l48ztx0xgm8q.jpg
https://www.sunnewsonline.com/wp-content/uploads/2020/10/victor-moses-spartak-moscow_1dpxfaociziop1l48ztx0xgm8q.jpg

950 KB
951 KB

26ms
25ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2020/10/victor-moses-spartak-moscow_1dpxfaociziop1l48ztx0xgm8q.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24d55719a30f093e7c70435b1be4c24f2a806100b217014a479c55e69f60faae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 217947
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 973132
pragma: public
referrer-policy
last-modified: Mon, 26 Oct 2020 01:39:26 GMT
server: cloudflare
etag: "ed94c-5b28900214f80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XN%2B%2FjI8WJZ9f6LOwx5h80ndl9%2BVATOU2rx1JBifEEEHdMkwTKcOnPvTDVKlADGUfql7j3IFiHSq00x3TTMvU9T7KRbraHxgFwAVLCyv5fnvMxEosWPSU39%2FUW92TGqLs0hArA30i4KBpe%2FV4X4oymYSm81I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d59374e4f-FRA
expires: Sun, 11 Dec 2022 06:35:14 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkLEln1kujwHkdIyZVIwdEPNhBnxP26GSwOOiWWa5ofEZj2KL7BHdQvJFO3X5Yb4dcveLoQSt0LAVeYyvO%2BMs5iMiuqY06G%2B03TPGRc4Eo4ARy1hGnidDh7uFi%2F28V%2FGFxM23M4Usl%2FVmOh2%2Bcujeg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2020/10/victor-moses-spartak-moscow_1dpxfaociziop1l48ztx0xgm8q.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0cbfd84e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

Untitled-24.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/Untitled-24.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-24.jpg

610 KB
611 KB

84ms
84ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-24.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6e7ffdd51aa5cc7f935933c7c826c43ccde1b746868e01790213f77af66edac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 218329
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 624909
pragma: public
referrer-policy
last-modified: Sat, 11 Dec 2021 06:26:01 GMT
server: cloudflare
etag: "9890d-5d2d8e9d04c01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLkv2zTc8zf0f028LaCg5gSSrrtnQiKFx9DGdj%2BWgSlBsnhWMl6LkWA9ZPq3a90hMHHHPhbHsrEAX2%2FGyOPXDFIejzpxceMJUvl6C3eRJ8TVtHzTVS10UaMTxcuoxulToRNjSlMWWak9NEJkyTtqS1YVEMk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d59424e4f-FRA
expires: Sun, 11 Dec 2022 06:28:52 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3I2FfeWBHG1QNkS%2FAwV%2FbnNvfCkkutHos6nJxaIhz8cr4%2BojvdzhdflXF2GzaBm94qQZhkvFwbSxD5ZQhK3nWSisLwPeXXJB%2FIinjCn%2BmhzA5QIcjkD%2Bh%2B2t9mI2XuZev1yWPTs7crHXl5cIngAzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-24.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0cbfdb4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

Untitled-25.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/Untitled-25.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-25.jpg

37 KB
37 KB

95ms
94ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-25.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ec0a8ad2257f9bbb4df0783932ca06c0aba83866a16590531ca3e1e802c2474

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 218551
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 37505
pragma: public
referrer-policy
last-modified: Sat, 11 Dec 2021 06:24:47 GMT
server: cloudflare
etag: "9281-5d2d8e56f560a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfCM2IpMHjfMuBfZ%2BHMiP0h%2BeQJNl2R4lXrlkNChukXNNuxiX8CMqn4JIzS2hTTofVpYKWJTh3NR9mhkO%2Fan9fKIZLtXt3Uerj1s9ErnwQXjKoYTEfKiju64Lh2%2BoEKJ%2FfxKpb8lD4S7M9n%2Bo0FpexugEUk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d69584e4f-FRA
expires: Sun, 11 Dec 2022 06:25:10 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAF7ksR2oZe6dyS4Rd%2FkJIGl43GWppZensW5q7fggRMiNPPuChq8bMvD30Ovud8qd11Ek%2FLE3o8RQWvszoTek7Z4ltNPCJlAM6Wn6xd5HMWfSFRf8C4gNUqJjm66QD3UvSV6lkjMrf8VCgRd25xgDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-25.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0cbfdc4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

medium_2021-12-09-75d7ca6090.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/medium_2021-12-09-75d7ca6090.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/medium_2021-12-09-75d7ca6090.jpg

22 KB
22 KB

69ms
69ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/medium_2021-12-09-75d7ca6090.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fb617004b64b07b4178dec8d7e58f45a7c29ccde598f5245ef597c3df194517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 219478
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22129
pragma: public
referrer-policy
last-modified: Sat, 11 Dec 2021 06:08:29 GMT
server: cloudflare
etag: "5671-5d2d8ab27b906"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36tBrPHhDKBMvVooXy8swn0C2hYz6fBNOxWvx8udPHxZ5yHEapIBrtxF1mjUW%2FG9Ecxm7RO7ytMqICUgfc%2B%2FO46Ep0%2B1W1671dSmZDfv7H%2BRGHf8Z8ewnZ39DdqTA15h8lCMQ7x9hz1yoHEHcb0zzZKlF%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d593b4e4f-FRA
expires: Sun, 11 Dec 2022 06:09:43 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nps4hb3Zv0SYZx3JRe5dI3BmG%2F76jRoZa5Xtg6Dn%2FbcTm80OsijtLelW%2F90N6t00j60FI4VIOMqV5W6xejRF0MYq6vmW1UY5qhEnLkwsFDN9hTtERiPwWE0zVayZ8ocCVtWaAKqw1ImlizroKtxrfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/medium_2021-12-09-75d7ca6090.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0cbfde4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

Vicente-Ferna%CC%81ndez-750x563.jpeg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/Vicente-Ferna%CC%81ndez-750x563.jpeg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Vicente-Ferna%CC%81ndez-750x563.jpeg

42 KB
42 KB

81ms
81ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Vicente-Ferna%CC%81ndez-750x563.jpeg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7ccb8aed2134fdf0640ad1a0566ecdaa3f939b984fc0f893598836749cf1a72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2854
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 42673
pragma: public
referrer-policy
last-modified: Mon, 13 Dec 2021 18:06:20 GMT
server: cloudflare
etag: "a6b1-5d30aee131797"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4tp5Sn69tS3yL8R52pNMgNfX4FqeoX788fCAoL8EHixgGCHjGczNvu3%2FngmGTZ9cJHZv2a8kzMXc1IbhwZq6QxLmrQCmEurhC5inOshr5DYWQ5vpAHgjQ2oJeLdPKDTcN9RxBep%2FVFU%2B6bnF2vyL2QLm4M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d59434e4f-FRA
expires: Tue, 13 Dec 2022 18:20:07 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YO3BX2wPiSAek8Vgux%2Bh6mRQWV%2BVFR1Qbp9Po68bMJ5aX%2FmHCwPocJ4iGCEnwvNdGN7qMhoXl0LhX%2BNwyhmpd9ndnn80ul65I9j%2BrwUKmTsxynAp2P462O8citby9Rup3aM2yPpQlCB1DJf%2FQJ6dCg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Vicente-Ferna%CC%81ndez-750x563.jpeg
cache-control: max-age=3600
cf-ray: 6bd17a0cbfdf4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

Indias-Harnaaz-Sandhu-is-announced-as-the-new-Miss-Universe-2021-during-the-70th-Miss-Universe-pageant-Monday-Dec.-13-2021-in-Eilat-Israel.-AP-PhotoAriel-Schalit--750x500.jpeg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/Indias-Harnaaz-Sandhu-is-announced-as-the-new-Miss-Universe-2021-during-the-70th-Miss-Universe-pageant-Monday-Dec.-13-2021-in-Eilat-Israel.-AP-P...
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Indias-Harnaaz-Sandhu-is-announced-as-the-new-Miss-Universe-2021-during-the-70th-Miss-Universe-pageant-Monday-Dec.-13-2021-in-Eilat-Israel.-...

66 KB
67 KB

63ms
63ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Indias-Harnaaz-Sandhu-is-announced-as-the-new-Miss-Universe-2021-during-the-70th-Miss-Universe-pageant-Monday-Dec.-13-2021-in-Eilat-Israel.-AP-PhotoAriel-Schalit--750x500.jpeg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1360589474f77d3bec64fcab2ee437f060862b31399a91aae6a4fea229b7e731

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2854
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 68014
pragma: public
referrer-policy
last-modified: Mon, 13 Dec 2021 17:35:45 GMT
server: cloudflare
etag: "109ae-5d30a80ac92eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3a9nOyHCCeVSqpbrYy5pjM2ZM%2BMf6ySBhzwsB3VX%2F2ElIzkQ1M02qk6G%2Bn6V8HrbDTcELOUjVLiNWCbzVdPTfgULXrdxoBnbkmrpmWhVPcAKaVACgdUSn%2F%2BvnFRlJ2cMUi17yrtMXEQuZhMiHwdKFRRDr8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d59394e4f-FRA
expires: Tue, 13 Dec 2022 18:20:07 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrWGH8zqaELisCozACmpUZV2ztHg7F0Ghdo8wNkyOizxB3IWkOw9vmtDxyACaMjgMeQbKYS53DAp%2BruJcxP1JTI9dqLqBJyEM0jPJyV6kkkvZNktkezSfMzQxFoiA%2BrMARoQJsTv5JlmLO3BjyG8GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Indias-Harnaaz-Sandhu-is-announced-as-the-new-Miss-Universe-2021-during-the-70th-Miss-Universe-pageant-Monday-Dec.-13-2021-in-Eilat-Israel.-AP-PhotoAriel-Schalit--750x500.jpeg
cache-control: max-age=3600
cf-ray: 6bd17a0cbfe04e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

Untitled-2-8-350x250.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/Untitled-2-8-350x250.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-2-8-350x250.jpg

30 KB
31 KB

94ms
91ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-2-8-350x250.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e3a050ee87de4feefd57a65d71a8d95ad2c1733cca02947f6d904e5b236e8df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 138818
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30654
pragma: public
referrer-policy
last-modified: Sun, 12 Dec 2021 04:08:17 GMT
server: cloudflare
etag: "77be-5d2eb1b1cd8c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BzpJhqsZeM6vjCInNWxhyyINOMT6HwrzKr1NQH0%2Fj1eIstmAUG23G1eK41amrC0Pp86IatUynP6OGxuslOlhvR%2B9nNRdjDF0KJ3TDyAygXxe%2BoAJyHJHvF%2Bg%2Bw4yYHDJh7e9R3nuDJ4iMzgaj73cya7xiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d694a4e4f-FRA
expires: Mon, 12 Dec 2022 04:34:03 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZl%2FoGo8Nz1TryrM%2BlP7J7d7oNtSQ30umshXMth%2Bi28160Lt1uFazFi4ni54TdR7K%2F2XlZpdyIme3p20rfAaQoErSJv0ZaIhpl9Wf7bV8DiN1aTrBRVGjgDw5MRYfncVEMMKl5GPqq57%2B1pllS4yZg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-2-8-350x250.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0cbfe14e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

Untitled-1-9-200x250.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/Untitled-1-9-200x250.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-1-9-200x250.jpg

8 KB
9 KB

94ms
91ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-1-9-200x250.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5158e3f2d06b36c0c2af9fee133e0086e24f3477ee10219d014f10ce724ecdcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 138359
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8256
pragma: public
referrer-policy
last-modified: Sun, 12 Dec 2021 04:09:46 GMT
server: cloudflare
etag: "2040-5d2eb20663af0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WgbT0jUPiieOTCt%2BTLYNXv2P1mCTqclVobJeG3Fesk%2BluRmoOTk2Lmx9gNCy8VzWcMuGId0rTbD%2FhHXzSvaxAK8WUZ2vQJsUNMbHQSy0nNXajhHP66Gy%2FOE9w%2F%2FTe63%2BZZ0aXskj4nlEjGXfhRZTJRSTLkw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d694d4e4f-FRA
expires: Mon, 12 Dec 2022 04:41:42 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BOMp1l9WIegCc9Yx2NCzPJk0HBvwVpevOg9QTSXlnr8bpErIIa0Hs8c1WleySvR09TAhFU1odCZS9lVW8JuWHHsLdNcgTbUUzgV6On1qzjaypjiYG1AfXinD5HU76mOa%2Fm%2FvxMtuEsciTUNQXfBMAg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-1-9-200x250.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0cbfe24e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

Big-Brother-Africa.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/Big-Brother-Africa.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Big-Brother-Africa.jpg

47 KB
48 KB

93ms
92ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Big-Brother-Africa.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0ccd95ba8accfd8f5cd891dab572e972ef3088e88b85e3b670f4d10336393b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 183109
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 48557
pragma: public
referrer-policy
last-modified: Sat, 11 Dec 2021 16:15:02 GMT
server: cloudflare
etag: "bdad-5d2e1244dc562"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNh%2FOoeB2HJxFcFBE%2FuTTtmXprETpNxtJrZVG89%2F2OsU6wVBG5NiyguJHLHHN2B2Q9lvfFoyMYwQ31%2F853ppwnHuJ2Lu30fbCnlqptcRe3ECbqQSJWrLoT5e34tTYtdX%2BUaaFZs6YQfXNWFFO7LqwAo5INA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d69534e4f-FRA
expires: Sun, 11 Dec 2022 16:15:52 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Ch%2Bypjm3yLX%2F4MHl%2Foa1bSMTmiACkqlwZQrJTdaTw8AvJaHNVG0Hsi0DheA6Mij0DjftKFcvjdcJwEM4Doh%2BR8PfAMNFpkFIaUylgCD8FyXk%2FUBFZD%2FWr7yzjWS6W41q6n8UcIyba5RmJrAvfSpBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Big-Brother-Africa.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0cbfe54e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

SON-OF-IMO.png
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/SON-OF-IMO.png
https://www.sunnewsonline.com/wp-content/uploads/2021/12/SON-OF-IMO.png

177 KB
178 KB

116ms
115ms

Image
image/png

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/SON-OF-IMO.png
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de7d05464cd157566946e9d50e7fbf0fef26439bf9481aebd3ce4c9905ba6c52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 184655
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 181569
pragma: public
referrer-policy
last-modified: Sat, 11 Dec 2021 15:48:59 GMT
server: cloudflare
etag: "2c541-5d2e0c725f25c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w563Q3%2FBVP5bYj0oYEzGXNLakr%2FSmSLJAlI%2FykaJdP1DFStDtelMHZPpWgaIkOD46KSYgt2VphBggoc5yYhiOmN8USpmgsgLGPEm60yHdAvc5bMN5G7S8WS99auYIqQ9mzFfSvgwTVpD8VFDgwPiRVavK4s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d695c4e4f-FRA
expires: Sun, 11 Dec 2022 15:50:06 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btkNUfaaARY%2Fv0Ks6uVo2k2ew%2FpIpYuHBB1%2F9QakKrKVi9xF%2BOyPkiDi9Fc9fFU08r16Bspaocau8qla0Sb9%2F1ZhnWqfahbidAYP7Qsi%2BEvSS7w8enmDPGhTGKxKG6ro0gBJC7A0lX2Mv%2BQAxkKu9w%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/SON-OF-IMO.png
cache-control: max-age=3600
cf-ray: 6bd17a0cbfe74e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

movie.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/movie.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/movie.jpg

18 KB
19 KB

113ms
112ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/movie.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 815f326804dc1e3b6c15614ce46a4b254485a84fb5a16b82958405e5b7172a61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 189283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18878
pragma: public
referrer-policy
last-modified: Sat, 11 Dec 2021 14:31:06 GMT
server: cloudflare
etag: "49be-5d2dfb0a1b31c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cw5xPdkbGgaIn8Em%2FkzzAPifwMFhYuhIAJJJXvOf3KM2oOZ7h38zm3lGnG6Pn5YYqHenFx9Wmk7obKQVKXVS9HZLEB0Gb6jUdnVw9gXeGNtyAtkCb%2B1BdfPi5lL%2F8YhhSumpAUkzJdOJ62lUBC5gsTudZC8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d695a4e4f-FRA
expires: Sun, 11 Dec 2022 14:32:58 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjXbpO%2BgJOEmSvauh9rGcJBfoaMQBVt1AdoKKKS3jkLXPDPM4ZWjdlwJQIGfOOzsSK7OsypiyeNWsV8n3ed5nj9TyWfclsOyYbUq3%2BQHZ%2BZ6rxQYdXO3J5b%2FUMe0UA2WYsii4wG8eI8lQNVJP7RfAw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/movie.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0cbfea4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

Untitled-20-1-300x250.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/Untitled-20-1-300x250.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-20-1-300x250.jpg

16 KB
17 KB

121ms
120ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-20-1-300x250.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94cd8fb3f7c0ca7db20d2104fd194cb8f94b1ea5e0ad509eb29be4cd15ef32e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 217175
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16462
pragma: public
referrer-policy
last-modified: Sat, 11 Dec 2021 06:41:15 GMT
server: cloudflare
etag: "404e-5d2d9204fd3c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGVeq%2FM%2FNre2O0A8uY1%2B11158x5FNacli0jvK%2BMzAM5PQYSOb4JDoGBdz1Z6aMP1e9NODzdfH3z9Ib8uJWp9cTeUO8hlvENIwFDkD7K0gWmFOvIrmP0lrMa2DI1dMKRPWcNhsEAFUmz4rVlFxCB8pbdJe%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d695e4e4f-FRA
expires: Sun, 11 Dec 2022 06:48:06 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2CXEAj62%2BwlJJTp0fSARlDcuTfV1R4Pk3AgNS9lEF45nnN%2BcOeZ4oOXCk%2BRwZt2SsXG0yfNKMHgZqcwuMVPgDs7keA2VpwkpriokSwQiXBaAYSKJ%2FsdPpux5elPCjPe1qytQkHAcI9aHniE3jorlA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-20-1-300x250.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0ccff34e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

Untitled-21-1.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/Untitled-21-1.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-21-1.jpg

619 KB
620 KB

122ms
121ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-21-1.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8145ab903ac8e8f9fa2c932668659d5765d32103a98852f05fa189981a0bf52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 217609
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 634274
pragma: public
referrer-policy
last-modified: Sat, 11 Dec 2021 06:39:56 GMT
server: cloudflare
etag: "9ada2-5d2d91ba188e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQj3E1usylV2BrjssATYYX9eixO0Nf36KZdnNsrSrtTaL0oAxbVJ4lngSyYE0PaxJVmYNN74hZqtEy8QNHh%2BeZ9n1IH7Zz81jGwzLg2IIkwtScrmzYa5iuV4okNjZ3QBVzTNFSEYhVFt7CW3XJ7BaxQM2rI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d69604e4f-FRA
expires: Sun, 11 Dec 2022 06:40:52 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4x8qdwJF5iRaIBwc2oHj0%2FLru9LAykqVnL0owz4OWiYfqOBMFyl8vtAXGJEAItY1RfKCRYHHystmtEGvM8suyAzqHoXl71llkALHijUGTmfpm0h%2BlPByEbEhgaw2Fx33bv4Y%2BcOXhyBGzU4OMVb6w%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-21-1.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0ccff54e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

Untitled-22.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/Untitled-22.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-22.jpg

69 KB
70 KB

143ms
142ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-22.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a879171a66a111d671f04e2cb962310a7150409181a57428a76e4bff9a6b5ae6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 217617
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 70843
pragma: public
referrer-policy
last-modified: Sat, 11 Dec 2021 06:38:24 GMT
server: cloudflare
etag: "114bb-5d2d91622361a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TStWLXTQUi2%2BwPjYNOsnE1ZncpnZJOwS%2FX7RJ3d%2BAtWczrOweVme%2F%2FBrGhiI2jyOrvFWTl2IZxTgdjwEGQiYNN4ZONQhv8w9JCaP1fXAqHE%2FfGG4wVCqLgvUCjpB1kNYNlE0c%2F4Qxaf%2Bx6x0oZMCRiivHNk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d69614e4f-FRA
expires: Sun, 11 Dec 2022 06:40:44 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfUZLG4eND1GUfmdrOQ0S3YgzAgTDnurAXV3xWh0kXtDpNil0iqAb6R5bppqc7BS5ghOd3XBcHBso2TuEYOtQX2x9A337dWeoLv1nZLwyHCcBo5OqLgcS5HwipRJNY6PGq%2FX7f5LYaAlQ0MSYvzabg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-22.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0ccff84e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

Untitled-23-350x250.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/Untitled-23-350x250.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-23-350x250.jpg

16 KB
17 KB

145ms
144ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-23-350x250.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d1f720c83939294288a639ba0c5ed441b4e3b794183a06922b1755b893528fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 217591
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16599
pragma: public
referrer-policy
last-modified: Sat, 11 Dec 2021 06:37:49 GMT
server: cloudflare
etag: "40d7-5d2d9141035e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nNftIAoDoObDx0WlEWYpK2DDwn0Vnwk5vsrpalBukWEq%2BNZoUj2KK74Iff4FFQl9hZsViHLvJzklBZ3KyXbLRpcjkqkmCqLC%2FxJ%2BqNUs9flQpl30FCgfpaV64JAu74S9efosoj9%2FjtQQXcxoJqqi%2Bi6SEnI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d69634e4f-FRA
expires: Sun, 11 Dec 2022 06:41:10 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fITRCr3ECVdwBNRvKL48StcWuXKoG%2FrTf00QEkNM1xog6rBv%2BRyBraUaF2ItBdT1bd3aja4%2FSDTplPsjcLF1wrxQ2uvjQ8NlZZjkxOkfXvPqvmKggN60CRuw%2Ft4ace4JzC4mQ%2BjbMTN86PMAAvru8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-23-350x250.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0ccff94e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3

200

Untitled-19-1-300x250.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/Untitled-19-1-300x250.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-19-1-300x250.jpg

26 KB
27 KB

144ms
143ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-19-1-300x250.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a138a96f11ae3681d0c1e058943c99b07593d743dba592b22ad2dad56eb8f71b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 217591
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26991
pragma: public
referrer-policy
last-modified: Sat, 11 Dec 2021 06:36:33 GMT
server: cloudflare
etag: "696f-5d2d90f878fca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEDzCU7OkMB9iuB%2BETz6rZFnIXJoGh6DjjORAFBxjF1Pp6UWIDGQFZVNocvJXRoFv9jy3MlcCqcdg2LCPHY4ukwVAuEyNjUBzPZOdv9TyXf417Nx49B6Z7QYYcFthM0jaH516LN9ZR31josaCEneFxpxnFY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0d69624e4f-FRA
expires: Sun, 11 Dec 2022 06:41:10 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w65ufEoQFDhQ%2BmaXiXLS%2BZJ%2F2LFjp5etD5vT7H3%2BOeJGEbTCikem3vaGQYM8xOGe9E1Up9fdc3o%2Fi7wOJ1JI%2BHcW9rrtZBMQLzmZMiftU0Pm2tZJbxQO%2Ftb%2FHSk1S3RB1cxNy696GuT3neilki2rCA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Untitled-19-1-300x250.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0ccffb4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:40 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DE1F 100 KB
32 KB 845ms
844ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8187176395&adk=1477350333&adf=1664212563&pi=t.ma~as.8187176395&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460638&bpp=2&bdt=476&idt=267&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yofYObC5gI&p=https%3A//www.sunnewsonline.com&dtd=299

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8026c981f557f8b0aa6f23bc42f126f51c8f7ef085d06bd9129e6c37949665ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 13 Dec 2021 19:07:41 GMT
server: cafe
content-length: 32719
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 13 Dec 2021 19:07:41 GMT
cache-control: private

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 34ms
19ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 574ms
559ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1963256682944755&correlator=691849038783228&output=ldjh&impl=fif&hxva=1&scor=4042556260567571&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211213&iu_parts=424536528%3A22535021215%2C1506806_ir_300x250_gt-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=refresh%3Dtrue&cookie=ID%3D395cd4a97f3f9c50-22cf25c406cd0005%3AT%3D1639422460%3ART%3D1639422460%3AS%3DALNI_MZPEqm6qy4YQqZtpUlrr9mWUp64vA&bc=31&abxe=1&lmt=1639422160&dt=1639422460999&dlt=1639422460162&idt=803&frm=20&biw=1600&bih=1200&oid=2&adxs=1160&adys=1147&adks=4014342231&ucis=1&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=315x0&msz=315x0&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

a9c00cd2aa794a4c3ba057148c8ba0142731a9492d540d522f4f2c3acf93d724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
11 KB 352ms
337ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1963256682944755&correlator=691849038783228&output=ldjh&impl=fif&hxva=1&scor=4337681557959068&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211213&iu_parts=424536528%3A22535021215%2C1506731_ir_970x250_gt-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&prev_scp=refresh%3Dtrue&cookie=ID%3D395cd4a97f3f9c50-22cf25c406cd0005%3AT%3D1639422460%3ART%3D1639422460%3AS%3DALNI_MZPEqm6qy4YQqZtpUlrr9mWUp64vA&bc=31&abxe=1&lmt=1639422160&dt=1639422461006&dlt=1639422460162&idt=803&frm=20&biw=1600&bih=1200&oid=2&adxs=125&adys=2971&adks=932121934&ucis=2&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1350x0&msz=1350x0&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=true&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

67022dd84cd67017dfcab4819f83bc49963b89a148b39cc90c4a2fc5dd9faec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11687
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sunnewsonline.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 775ms
761ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1963256682944755&correlator=691849038783228&output=ldjh&impl=fif&hxva=1&scor=875994161306282&vrg=2021120601&ptt=17&sc=1&sfv=1-0-38&ecs=20211213&iu_parts=424536528%3A22535021215%2C1506802_IR_728x90_GT-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=refresh%3Dtrue&cookie=ID%3D395cd4a97f3f9c50-22cf25c406cd0005%3AT%3D1639422460%3ART%3D1639422460%3AS%3DALNI_MZPEqm6qy4YQqZtpUlrr9mWUp64vA&bc=31&abxe=1&lmt=1639422160&dt=1639422461008&dlt=1639422460162&idt=803&frm=20&biw=1600&bih=1200&oid=2&adxs=125&adys=3613&adks=3440488223&ucis=3&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1350x0&msz=1350x0&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=true&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

eef13f112d8cb82209eb83bcd24d0ac5b8f13f17d1b549a6f40db9bbf3a74626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8627
x-xss-protection: 0
google-lineitem-id: 5790154998
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138364097717
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1F17 6 KB
4 KB 71ms
16ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 13 Dec 2021 19:07:41 GMT
expires: Tue, 13 Dec 2022 19:07:41 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 554A 0
0 600ms
600ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=2252910165&adk=2627293903&adf=3013028438&pi=t.ma~as.2252910165&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460717&bpp=1&bdt=555&idt=303&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D395cd4a97f3f9c50-22cf25c406cd0005%3AT%3D1639422460%3ART%3D1639422460%3AS%3DALNI_MZPEqm6qy4YQqZtpUlrr9mWUp64vA&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90%2C660x280&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=8xZzxVGw8u&p=https%3A//www.sunnewsonline.com&dtd=309

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 13 Dec 2021 19:07:41 GMT
server: cafe
content-length: 10547
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 13 Dec 2021 19:07:41 GMT
cache-control: private

GET
H3 200 vdo.min.js Show response
a.vdo.ai/core/dependencies_hbv4_latest/ 385 KB
121 KB 61ms
46ms Script
application/javascript 2606:4700:3033::ac43:de92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.1
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-sunnewsonline/vdo.ai.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:de92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ede50788bfddf15e5f2b2efd0cf1cdf5e8ef979c865edd3707a41db0483e72c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 528
cf-ray: 6bd17a0dafe242d5-FRA
x-cache: MISS
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 10 Dec 2021 15:08:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blyr7k7ILL2KEl6qPH8fyObSLUXcD%2BWGVL6boKEtcCPLzIYMX%2BVQV0qY7hFNiEKb9bRXnG5RtdlaMcFkIqvB5R3mT28WIcP%2B0%2F03AqdSg9HnDhz%2FAhoIBxQrFnmLC1MneQy3Pik7vA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 38285930
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 375 KB
124 KB 86ms
38ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-sunnewsonline/vdo.ai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b666cd4fde0554c6dbd946339abca10c1aba4fd4ebebc434e7fe38aa32b301e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126530
x-xss-protection: 0
expires: Mon, 13 Dec 2021 19:07:41 GMT

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 54D5 5 KB
2 KB 11ms
11ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1639422461.cds140.fr8.hn,1639422461.cds226.fr8.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame 212D 180 B
359 B 305ms
95ms XHR
application/xml 146.20.132.68
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1153680&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62285%2C1%2C&c5=&c6=62285&rnd=79502161&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.68 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 150

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 2819 5 KB
2 KB 22ms
10ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1639422461.cds140.fr8.hn,1639422461.cds226.fr8.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame A316 2 KB
2 KB 296ms
96ms XHR
application/xml 146.20.132.68
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1153679&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62285%2C1%2C&c5=&c6=62285&rnd=63275306&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.68 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: f099665125f72f80838efc25d3b354820dcc576de6f5d79af7f95dfe96ba956f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1359

GET
H3

200

2-1-12.jpg
www.sunnewsonline.com/wp-content/uploads/2020/11/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2020/11/2-1-12.jpg
https://www.sunnewsonline.com/wp-content/uploads/2020/11/2-1-12.jpg

40 KB
41 KB

24ms
23ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2020/11/2-1-12.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a48570cfc133b372a1e604cd87fcf5f7d0f0bbdd22acb14961a2919c98c86b62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9652210
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 41145
pragma: public
referrer-policy
last-modified: Thu, 26 Nov 2020 23:55:40 GMT
server: cloudflare
etag: "a0b9-5b50b47f41700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbloBj9emK3x5oHV87EDRUkpEbwnHP%2BwNukhpw2IgMVCS%2FyMQNA56qZQrWQI6S3AvNzglN75Iev3KuJhnTfKBaGTFUb1l4B7sraKCmfIYnwfdS5KbmNRfLhgx89%2BYioWdDMQ9QLJEytr6rqH1HKwCYebMGU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a0e8bd74e4f-FRA
expires: Wed, 24 Aug 2022 01:57:31 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o78IlM0ruDyf6qkZWm7w0XP%2F8Yi5DHKbBeMqLFlfgQg6otP1ErJUFAwjP0MzYRNEcsSeD3ik%2FWccgoUDfT74gXvFykFnGG8IttEixWGXmkR4r42CjFLJ0rUf%2BpjGo7OKUSBVMwYxbp72KmhbRUrxbw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2020/11/2-1-12.jpg
cache-control: max-age=3600
cf-ray: 6bd17a0dea884e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:41 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 15ms
15ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1219105699&t=event&_s=1&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=vdoaijs&ea=loaded&el=v-sunnewsonline&_u=aGDACUABBAAAAC~&jid=373543137&gjid=1745598423&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&_r=1&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=661174699

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 97ms
97ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Dec 2021 19:07:41 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H3 200 vdo.player.js Show response
a.vdo.ai/core/assets/ 651 KB
180 KB 74ms
74ms Script
application/javascript 2606:4700:3033::ac43:de92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/vdo.player.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:de92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e32695eb554644820130b6b6c39187282bfaef34cf5b88b9a8c9b10d2da1e03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 527
cf-ray: 6bd17a0faf3b42d5-FRA
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 23 Jul 2021 13:25:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pT6nBLmkJZXdCH%2BBDFswoIE0U3OM2A2HAMP8qFs6sqO%2FPt7ScgsDx%2BVqR772bT0wxHf2cvGPWLvdgEBTQrITEbDsX0MkhRNE0p6Du5%2BwXa5LCUQsWSQvZkbvrLhSfftBwpEQSI9AHA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 67183419 61522121
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 rtb_v4.js Show response
a.vdo.ai/core/assets/ 428 KB
125 KB 55ms
55ms Script
application/javascript 2606:4700:3033::ac43:de92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/rtb_v4.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:de92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c4ff337fe4b852c5c7cd04d2230b3879009a55373cf624a2b564189260f6e2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 526
cf-ray: 6bd17a0faf3e42d5-FRA
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 07:22:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8ot8crYIDmHMszxZ1s5%2FwQSo4oChT0yAapkMiZgLXFHjNOwbo%2BZmxsfSHlVS%2BewnQ0NS6ReSAtSI%2FXhWUMAXHmz4b%2FJznTSDczf5EWKp2kAL227Qcx40s%2ByYS4EDWD1H%2FNmZ4cqEw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 66504070 61725838
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=985109990

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75977
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=2&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=initVdo&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=534365550

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75977
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cs
cs.lkqd.net/ Frame 54D5 43 B
309 B 301ms
91ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 54D5 43 B
308 B 302ms
92ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 54D5 43 B
308 B 304ms
94ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 54D5 43 B
308 B 304ms
94ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 54D5
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3462075458361632950

43 B
308 B

97ms
91ms

Image
image/gif

146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3462075458361632950
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3462075458361632950
pragma: no-cache
date: Mon, 13 Dec 2021 19:07:41 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame 2D90 189 KB
55 KB 72ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 519648
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Tue, 07 Dec 2021 18:46:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Dec 2022 18:46:53 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 2D90 13 KB
5 KB 82ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 506525
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Tue, 07 Dec 2021 22:25:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Dec 2022 22:25:36 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 2D90 89 KB
28 KB 88ms
28ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 521470
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Tue, 07 Dec 2021 18:16:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 07 Dec 2022 18:16:31 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 2D90 5 KB
2 KB 92ms
31ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 187506
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Sat, 11 Dec 2021 15:02:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Dec 2022 15:02:35 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 2D90 40 KB
13 KB 92ms
32ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 162966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Sat, 11 Dec 2021 21:51:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 11 Dec 2022 21:51:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2D90 6 KB
669 B 49ms
27ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 18:07:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 19:07:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 19:07:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2D90 4 KB
618 B 48ms
26ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 18:39:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 19:07:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 19:07:41 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 2D90 36 KB
37 KB 42ms
13ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQJYaNDP3CRCRW3okggiIGz5NDZXyvE-4M5sbZCpKqAx8M-jPlnvxACHGvP-g&usqp=CAI

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c002033dc1786c188abba1b97aea814ef0945b03e5d3858dfc753e8063169a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 19:07:36 GMT
x-content-type-options: nosniff
age: 172805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36912
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 10:29:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 11 Dec 2022 19:07:36 GMT

GET
H3

200

16954104317476786032
tpc.googlesyndication.com/simgad/ Frame 2D90
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCr6PbFiwEQnQkYnQkyCKuj71APLB1M
https://tpc.googlesyndication.com/simgad/16954104317476786032

34 KB
34 KB

29ms
7ms

Image
image/png

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16954104317476786032

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

847d2854bb34bc89ab8514267909dbec0fe245278448227d23714781f9dfab71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 00:58:34 GMT
x-content-type-options: nosniff
age: 410947
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34759
x-xss-protection: 0
last-modified: Wed, 13 Mar 2019 08:47:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Dec 2022 00:58:34 GMT

Redirect headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 13:21:12 GMT
x-content-type-options: nosniff
server: cafe
age: 20789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/16954104317476786032
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 12 Jan 2022 13:21:12 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2D90 0
0 65ms
62ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CoGSG_Zm3Ye-bBIK5lQeA67LwBu-7oulmjdfv1p8MrtT-4JgWEAEg6qekV2CV4pCCoAegAdKf8NsDyAEGqQIiqE3Hl--yPuACAKgDAcgDCqoEpAJP0Ijeb63fOM0bLbr6QHOzqfqGzsHXK_vtMBg6mr_9wrA-6VlUSDwNDCMk9Mt4YKZFSic1SKFtj8qQFS7IzwEkv9QoLY1BNqd6eKBrpqap3oo5HiSlh2mZXTRpSSMVg9r3RIrypp6ck140TP6XsAWP0ToaaCGbaOj_FuqVBuImkxR-JvYhbpY-6GK6xx3NGxBDDlXvLSufNS_qMU6ZqStbq_tT2gyVzC6GpitkQxngzMqNsPP_BicU8Brz5-z3BLOImHRo-8HDqRFh9NbsPEeoupjLrSAtotblKHAPJojTEvNI-SBY6iAnZPGB9ibwi2U4k0cVX2hVx1a3qi73K4m-3N18XNtXdV_sC0atVlxIPXLSMLI0k-Uo-X5uNyuPStxuoGRSwASz9Y_ziwLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHluCPJKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAfIHBBCGogbSCAkIgOGAEBABGB2ACgPICwHYEw2IFALQFQGYFgGAFwGyFx4KHAgAEhRwdWItNzk0NTA0NDg2Mzg3NDc4NxjAmhg&sigh=W2iQt05UzyQ&uach_m=[UACH]&template_id=493&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2D90 2 KB
3 KB 63ms
11ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 12 Dec 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 82345
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 13 Dec 2021 20:15:16 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2D90 295 B
757 B 63ms
11ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 48247
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 14 Dec 2021 05:43:34 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 7288 0
168 B 298ms
97ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:42 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 303ms
92ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:41 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 298ms
92ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:41 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

POST
H2 200 t Show response
t.lkqd.net/ Frame 40D3 0
169 B 297ms
96ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:42 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 343B 230 KB
61 KB 15ms
13ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1639422461.cds140.fr8.hn,1639422461.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

GET
H2 200 cs
cs.lkqd.net/ Frame 2819 43 B
308 B 230ms
100ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 2819 43 B
308 B 224ms
94ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 2819 43 B
308 B 224ms
95ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 2819 43 B
308 B 224ms
95ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 2819
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886

43 B
308 B

97ms
92ms

Image
image/gif

146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886
pragma: no-cache
date: Mon, 13 Dec 2021 19:07:41 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
DATA 200
OK truncated
/ Frame 2D90 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f1f5c9503316e2857c0485e17897d36d4a457647789f2875e37734529df4721

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 2D90 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sunnewsonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 01:54:06 GMT
x-content-type-options: nosniff
age: 494015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 01:54:06 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 2D90 16 KB
16 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sunnewsonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 05:33:18 GMT
x-content-type-options: nosniff
age: 480863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 05:33:18 GMT

GET
H3 200 jegicon.woff
www.sunnewsonline.com/wp-content/themes/jnews3/assets/dist/font/ 7 KB
8 KB 22ms
22ms Font
application/font-woff 2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sunnewsonline.com/wp-content/themes/jnews3/assets/dist/font/jegicon.woff
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/wp-content/themes/jnews3/assets/dist/frontend.min.css?ver=1.0.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede

Request headers

Referer: https://www.sunnewsonline.com/wp-content/themes/jnews3/assets/dist/frontend.min.css?ver=1.0.0
Origin: https://www.sunnewsonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3952041
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy
server: cloudflare
etag: W/"1be8-5b100476d1200-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOx%2BaoJpPfQDhO4OmE4oDeZuwiDOWWSw61WCQIoDzbOZRLpoJunuL%2F6uIHt7dpdodbaV4qKcbydEA8zcr4ypGwUQf8fB2Ywp%2BrlexDoZ3Xbp6Q1y%2BMYsJc4ZXVK22f7CO%2BaTYA7ksu9W4ROHEwRoeiSwOVw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: public, max-age=31536000
cf-ray: 6bd17a10d98d4e4f-FRA
expires: Sat, 29 Oct 2022 01:20:20 GMT

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/webp

GET 185292643845051503
tpc.googlesyndication.com/simgad/ Frame 79FE 0
0

GET abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 79FE 0
0

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 3BF1 5 KB
2 KB 12ms
12ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1639422461.cds140.fr8.hn,1639422461.cds226.fr8.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame 343B 89 KB
6 KB 236ms
235ms XHR
application/json 146.20.132.68
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1153679&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62285%2C1%2C&c5=&c6=62285&rnd=63275306&m=&rtv=1&thost=www.sunnewsonline.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.68 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 2e1757bc29902d8a5fe2b37730889a243f140b067f61e5f0da57ab715fe999c8

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 5851

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 292ms
98ms Preflight 146.20.132.68
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1153679&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62285%2C1%2C&c5=&c6=62285&rnd=63275306&m=&rtv=1&thost=www.sunnewsonline.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.68 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:42 GMT
content-length: 0
access-control-allow-origin: https://www.sunnewsonline.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 55ms
28ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b3936700e2210aabe50261a52445f9b73801fe843117ed624e56f385279bd6ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
expires: Mon, 13 Dec 2021 19:07:41 GMT

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html
9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0EBE 0
0 24ms
8ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 13 Dec 2021 19:07:41 GMT
expires: Tue, 13 Dec 2022 19:07:41 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 7ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.4.2&blog=108871697&post=252974&tz=1&srv=www.sunnewsonline.com&host=www.sunnewsonline.com&ref=&fcp=751&rand=0.7908653042150668
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 13 Dec 2021 19:07:41 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 484C 21 KB
10 KB 634ms
624ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7cdba9178cece3f6a4219c9685547ada86ee47ba48fe928316b5e474eae97f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 13 Dec 2021 19:07:42 GMT
server: cafe
content-length: 10411
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D8AE 6 KB
3 KB 17ms
17ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 13 Dec 2021 19:07:41 GMT
expires: Tue, 13 Dec 2022 19:07:41 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E7BD 21 KB
10 KB 654ms
650ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

291393add7441fcfc3260bc3cc21cfaa232e99ceeeda60384e589d9844167b80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 13 Dec 2021 19:07:42 GMT
server: cafe
content-length: 10370
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C58E 20 KB
10 KB 673ms
672ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79944b92e07248134a2a52bd6794a8c8c80bfbbd8084d6e48ed03719b2c67070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 13 Dec 2021 19:07:42 GMT
server: cafe
content-length: 10289
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

IPOB-Leader-Nnamdi-Kanu.jpeg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/IPOB-Leader-Nnamdi-Kanu.jpeg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/IPOB-Leader-Nnamdi-Kanu.jpeg

29 KB
30 KB

28ms
27ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/IPOB-Leader-Nnamdi-Kanu.jpeg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c494303c840bf72dbf0391137bdac5239f98f1d66a28eb3e2b3827b6e5fe0985

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11712
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29637
pragma: public
referrer-policy
last-modified: Mon, 13 Dec 2021 15:46:43 GMT
server: cloudflare
etag: "73c5-5d308fabea910"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3eyHuGAV%2BCQ%2FJ1dOjsuIS%2BJxVtRBAfGdQmIHwZOxNvyVKDagN1oNEVn6GJ3cWjZ88Tipor%2B5lL7RJA7LSvzrkGJd9Tle4gNa69lt%2BNQ%2FmxlpL5BbQN%2BKogn%2BVX1aQ%2BUapw1D1Uq1mLbh9aR%2FTO8IAmlkhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a157c5b4e4f-FRA
expires: Tue, 13 Dec 2022 15:52:30 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMphf1ZxiwheBg%2F1k721QIzXA6IfFOro80WASyHOn3DxwKx1W0WKb3%2B1Le4Wwhp3lHN%2FHoWkfICCjBW%2B%2FT6ojyYy77Xcvs8eB4aGCLoRPcrgGiAIBcAqVzmp3x3CyJcuSnM64Zvqq74h8zTJUy5DtA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/IPOB-Leader-Nnamdi-Kanu.jpeg
cache-control: max-age=3600
cf-ray: 6bd17a13f8964e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:42 GMT

GET
H3

200

IPOB-Leader-Nnamdi-Kanu-120x86.jpeg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/IPOB-Leader-Nnamdi-Kanu-120x86.jpeg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/IPOB-Leader-Nnamdi-Kanu-120x86.jpeg

4 KB
4 KB

28ms
28ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/IPOB-Leader-Nnamdi-Kanu-120x86.jpeg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2704d2088a5b5d086dd1807b74956a32f1491f263cf78afee0be311627fd887a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11401
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3931
pragma: public
referrer-policy
last-modified: Mon, 13 Dec 2021 15:46:44 GMT
server: cloudflare
etag: "f5b-5d308fac83e33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WICv42uzr7iZLpAadnl94adbzyi4DUB96BLDS6tjotJyDG4UZeymN2Fh3A73CpD%2Bz3%2FHUm86wBiCLIG2GVFeIm0%2FXYwUzO7EZx%2BxiYYD0UgmWRZ2B561hHihRQEl3GqFgMljiT4MYBtD%2FCM%2FudYfwUw%2Bkjo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a155c0e4e4f-FRA
expires: Tue, 13 Dec 2022 15:57:41 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDnhCJKKQW2tCVJugSAX7Bs2mhvkpgqz7aRwRc0YOeVevbjAQ%2BYss3XIFs5dwE%2Fa48nT4bhdMIwsoetB43aZOWbWmrW4FhUUsY%2B%2FBUVyP416c50dGME3G5ZaOSbZV6fLg9f9aNb%2FzexvO7qDaybUww%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/IPOB-Leader-Nnamdi-Kanu-120x86.jpeg
cache-control: max-age=3600
cf-ray: 6bd17a13f8984e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:42 GMT

GET
H3

200

gunmen3-120x86.jpg
www.sunnewsonline.com/wp-content/uploads/2021/07/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/07/gunmen3-120x86.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/07/gunmen3-120x86.jpg

5 KB
6 KB

26ms
25ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/07/gunmen3-120x86.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d326635e56937afa3a6d8ae58eb0c7962ff5443b5e5fc080db8f279934538430

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25527
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5106
pragma: public
referrer-policy
last-modified: Sat, 31 Jul 2021 13:32:43 GMT
server: cloudflare
etag: "13f2-5c86b5eed51c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMAX6Ztn%2BBYxduGuQYlwoarequesKDHONaCOBCmEwkeaRzHzudPUsJ4ZCsQzTFn8H1lpmA41n%2FSk1t9j6F%2Fd5tfPJmsBTvgkwHD27BGpVg2oXZTixb5cpeicySEF3PCI5jw12c1SHquW9zbuBqW66UyNcG4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a157c614e4f-FRA
expires: Tue, 13 Dec 2022 12:02:15 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4S7XRlmgbYWc0u2daaaL4hxm3q9H1aBbInAFUfwhTIvwAMUYvpSQW4PHHnWLbUnidhFBZ99%2FsNgXBK9jSamCYGvWq6sPjFU1QO9Hr3EfEytFYO28TGd0gGLIUc8Brs06HwZqum14pNM8ZGaurZaEdw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/07/gunmen3-120x86.jpg
cache-control: max-age=3600
cf-ray: 6bd17a13f89b4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:42 GMT

GET
H3

200

images-2-120x86.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/images-2-120x86.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/images-2-120x86.jpg

4 KB
5 KB

42ms
41ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/images-2-120x86.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08c431e1feb1cd291123f0750b5a08e1c166d45e4cab9f18342754beeee30c44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 48538
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4422
pragma: public
referrer-policy
last-modified: Mon, 13 Dec 2021 05:34:29 GMT
server: cloudflare
etag: "1146-5d3006d38736c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZKohe2T4GbVU9J2qAruXpwpwXC6uJpPRicWKQQHFTfbbxgM5tcz5bNWDILcr%2FKscr8L0eeHwJf2XJESYkEfxJAfk5QzjMwDmRMHGwl0gMDydB20g3RZSHAvAH924Ie8YtltF0aq0gyRTBnrs%2Bkuip7d7lc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a157c634e4f-FRA
expires: Tue, 13 Dec 2022 05:38:44 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWTVgOL2el6CANC7dsvEtFxL%2Bdxv1ZJYC8w3Vca4AY7DxzH2Bc85i0Vsp3N1w5DvsTOIZyiuoXiwJlJ276apJzzFvbrZlHb7VPAvFxibTqQtLGwUm4PNLXiYv51vP0K%2FmuPtXFCMwydhwfprgvnluQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/images-2-120x86.jpg
cache-control: max-age=3600
cf-ray: 6bd17a13f89e4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:42 GMT

GET
H3

200

Hadi-Sirika-120x86.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/Hadi-Sirika-120x86.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Hadi-Sirika-120x86.jpg

3 KB
4 KB

27ms
26ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Hadi-Sirika-120x86.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f3612bf25750515b739a4e06fbe81a492ff61ce1db452c2eb9f68269ce235a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55203
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3479
pragma: public
referrer-policy
last-modified: Mon, 13 Dec 2021 03:45:28 GMT
server: cloudflare
etag: "d97-5d2fee75dea1f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4R9i02GRc%2FcaHkkXXUnICvxHgGdyj7SDjK%2FvcpW2idAXr2Dzpj0tVQPrHXo4BwW7WV7M4Nhhf6HtYS2m9k8exuEoBYr8o3RZpOrAN5xO9bJh3YWUAvBrr7FCkUWNvG2sv%2F4HMtSaK5fRNMztsSbp1g54sEk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a157c6a4e4f-FRA
expires: Tue, 13 Dec 2022 03:47:39 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnueCDvL8Rw2TJxtKAtNZ2JCUo1SVN77Ok9WP2S5Yq3gtdm7wtq6gwZ%2FjoqbZnodSC5%2FX9tnP3zCm3rykq7b3hhM%2FHS9F30eAd6nxezyxMc5gJb2ZMpu4OpB7hmUadbXHN%2BDefecNsnFrDdnEU1Rmg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Hadi-Sirika-120x86.jpg
cache-control: max-age=3600
cf-ray: 6bd17a13f8a04e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:42 GMT

GET
H3

200

Ghaali-Umar-Naaba-300x350-1-120x86.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/Ghaali-Umar-Naaba-300x350-1-120x86.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Ghaali-Umar-Naaba-300x350-1-120x86.jpg

4 KB
4 KB

27ms
26ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Ghaali-Umar-Naaba-300x350-1-120x86.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e77bf595ec38754729a9d0fe5d33c71c6dac576a76972409e3ea3af7dd7d89a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54957
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3703
pragma: public
referrer-policy
last-modified: Mon, 13 Dec 2021 03:42:20 GMT
server: cloudflare
etag: "e77-5d2fedc22472a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oLxYDXGXwkC%2BmR8bXvf6cPQP2xqN2uzB3w7Qa20Etx0eQNaLKiL4aM7Z1m2sOaqWphXfXSGQL9oXXuaIcFxgoflXwR8F%2BQ%2FGkXGS7zt7s4ZBIgCvW7SId%2BK6cKQz2L%2FPgZCFEpSJgMHAL2jDSfT22UxgXE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a155c144e4f-FRA
expires: Tue, 13 Dec 2022 03:51:45 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbG96Vlg2JkTV1auxPHvV2oxYJp0VrnxPKTofT8UClzZAUHXi%2BgLH3cXKaozjS6VlvJmvPVs0rm4tROKXfFDJ6oLMYxpcfLRoOGpb5FV9XgbaIokMw%2FbR25MWcrZEFRH8akY4HzIpPDEVI1Z%2Floslg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Ghaali-Umar-Naaba-300x350-1-120x86.jpg
cache-control: max-age=3600
cf-ray: 6bd17a13f8a14e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:42 GMT

GET
H3

200

pjimage-18-2-120x86.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/pjimage-18-2-120x86.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/pjimage-18-2-120x86.jpg

3 KB
4 KB

37ms
33ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/pjimage-18-2-120x86.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0591755f89250c33625d47d23675218bbcaf5f677ff20bee0bf832c943f7fac0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3424
pragma: public
referrer-policy
last-modified: Mon, 13 Dec 2021 03:28:24 GMT
server: cloudflare
etag: "d60-5d2feaa4f5ca4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3W7djO221xfKkuD%2Fk87MFu84Ru%2F4b15WCHvWUXJgIR%2BdhEUhU%2Ft%2FxHAaSf8ON8ctoutNy7x62Porx%2BPSlt3NW1ErO9hN3X8XDkDQXsTTv7KpmyyHpag6u9aVUnstj6Xck76Jb16RkQGwByYmPnMCEcrr9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a157c424e4f-FRA
expires: Tue, 13 Dec 2022 03:42:49 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5DFG2ZkSaALAFbPTxbihHazjI56cSdSZ4tPOGCnSKEBYEH3tz77w4f%2BIv5PYzu1SmYhFvg51wICKFSCe2XDrguFNFbFuuTKsr%2B7vbV4pkZOD2TUQt1OZExMKExyqqikD2Xe%2BaCFBCbWTKUxhccf2hA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/pjimage-18-2-120x86.jpg
cache-control: max-age=3600
cf-ray: 6bd17a13f8a34e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:42 GMT

GET
H3

200

efcc-edited-120x86.jpg
www.sunnewsonline.com/wp-content/uploads/2021/09/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/09/efcc-edited-120x86.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/09/efcc-edited-120x86.jpg

4 KB
5 KB

28ms
27ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/09/efcc-edited-120x86.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c567b905d6f2ff0a29572d7cb8c39e004d1016c3184afbf9f7f7746eebb2c90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56006
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4019
pragma: public
referrer-policy
last-modified: Fri, 03 Sep 2021 00:14:27 GMT
server: cloudflare
etag: "fb3-5cb0c2eb24a3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcajgGUKHuML7hTVC3%2BXj%2F1VAK0a1jffUQbCEAS4KTg1rCjGNw2RwrnZtlFazfXa5GrV%2FIxFR2eHEkw%2BjsKAmXbm%2FxUoiQmFEj3XeEWKOb0QFLStAdnLB%2FvnWTcAViUe74s0lEo4NzV3aRiQr1D2Tt5w%2BhA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a157c674e4f-FRA
expires: Tue, 13 Dec 2022 03:34:16 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOzq%2Bom287kAzxtIXecE1GGDs3vdRF%2F9UxTtRetBOZkpCHyzTOeUcOPIPutlxNUbuV4P%2BsRKztw62yDwTcoDpoN5M7p%2FjBI7E6Y3xABz%2FKh51zV4Di3Oyra7jiAc8BlbFoa%2BxVCK3BM2AhE0JL3RlA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/09/efcc-edited-120x86.jpg
cache-control: max-age=3600
cf-ray: 6bd17a13f8a54e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:42 GMT

GET
H2

200

cookie Show response
a.vidoomy.com/api/rtbserver/ Frame 8D50
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent

43 B
289 B

136ms
15ms

Document
image/gif

3.122.131.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.131.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-131-186.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
content-type: image/gif
content-length: 43
content-encoding: none
vary: Origin

Redirect headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=no-consent
content-length: 0
date: Mon, 13 Dec 2021 19:07:41 GMT
server: AC1.1

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=849032616.83711211527440386.34458625
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=849032616.83711211527440386.34458625
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3D80dcca2c-d676-49f5-a23a-0eb8ac5bfab...
https://x.bidswitch.net/sync?dsp_id=80&user_id=b8be61b7-99fe-4d00-bc17-b53262889e6e&expires=30&ssp=vidoomy&bsw_param=80dcca2c-d676-49f5-a23a-0eb8ac5bfab6&gdpr=&gdpr_consent=
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=80dcca2c-d676-49f5-a23a-0eb8ac5bfab6

43 B
368 B

7ms
7ms

Image
image/gif

3.122.131.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=80dcca2c-d676-49f5-a23a-0eb8ac5bfab6
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Server: 3.122.131.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-131-186.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
content-encoding: none
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

Location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=80dcca2c-d676-49f5-a23a-0eb8ac5bfab6
Date: Mon, 13 Dec 2021 19:07:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 ve
stg.vidoomy.com/api/rtbserver/ 9 B
90 B 179ms
14ms Image
application/json 99.83.189.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stg.vidoomy.com/api/rtbserver/ve?ad_type=Video&adomain=&c=DE&category=&crid=18450&deal=&domain=vidoomy.com&dsp=&dsp_ssp=&dt=1&gdpr=&gdprcs=&os=&p=&p_id=1&s=a&seat=1&size=&sspid=0&sync=0&zid=0&uimp=1
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.189.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae6a0aaac8071ff4b.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
content-length: 9
vary: Origin
content-type: application/json

GET
H3

200

265717848_129281402873069_4676259019752207854_n-360x180.jpeg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/265717848_129281402873069_4676259019752207854_n-360x180.jpeg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/265717848_129281402873069_4676259019752207854_n-360x180.jpeg

19 KB
20 KB

27ms
25ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/265717848_129281402873069_4676259019752207854_n-360x180.jpeg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f450685ea0f856215ba39ab2119ab6fc467f9151d7bc544ee1783dabe57003a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 178
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19449
pragma: public
referrer-policy
last-modified: Mon, 13 Dec 2021 18:59:49 GMT
server: cloudflare
etag: "4bf9-5d30bad52a635"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IrQm1dP9xwsHCqCSeCVX%2Fft8OaSIbog7FphBzDmUPSQtusmXm2Ryub8%2BQhEoz63cGY%2BhcXsjYRmCwMcvm06feFUfEYqGj9s73p%2BjlVDamRpJx5v6bkwHBH6fvQr%2FcmY%2FYV7rtM%2FimJLjaUl%2BFOJ7bg4kEWg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a157c6f4e4f-FRA
expires: Tue, 13 Dec 2022 19:04:44 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5GCpjcG928vPVt4S2QLOrCDy6jRF05flvRKjhn960Gx3Jsg3on0rBLJZc6kCdFexFasvW6CmsrcVOnb%2FKD7BlCcpLRiPSPJu6VUmb4UiMHUcSBwDhLuBiFWa8eKluik5bxgdTPjwx1Ejrenvrh7Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/265717848_129281402873069_4676259019752207854_n-360x180.jpeg
cache-control: max-age=3600
cf-ray: 6bd17a14392f4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:42 GMT

GET
H3

200

Plateau-120x86.jpeg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/Plateau-120x86.jpeg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Plateau-120x86.jpeg

4 KB
5 KB

26ms
24ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Plateau-120x86.jpeg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 286581662da8bca9cd145b8e17ce42675baf4c1664222a0dfbe3e0cc98912ab1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 178
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3959
pragma: public
referrer-policy
last-modified: Mon, 13 Dec 2021 18:52:33 GMT
server: cloudflare
etag: "f77-5d30b9356ad34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZjFuMzc%2FkgOch0YWFqEWTekiqOp4MOXJa56A8xLe714m8pYVcpG85DrftJomD4en2ldp7b%2Bz%2BTtHb%2FVPHbgLhhWrNBBAEJV6Xh3j7VBvnmJFzYLA%2BN0xkO8d%2FFGgzZd5UJi5DyA7A6vDOt9%2Biu425N4fAo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a157c704e4f-FRA
expires: Tue, 13 Dec 2022 19:04:44 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwNZ19W3cuZh4O9uqTZH90ZNyLMErSq6HK%2B%2BU4Fk84EOJV85h71XlYQ1d0e5uRkcJw1rH8xdMokxRxWW9owyawdGopUnEHkwOmSUuEM%2B955078JlF542tJr2UVmNcYfsG6Z6n6epY0y95UByAAyrDg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Plateau-120x86.jpeg
cache-control: max-age=3600
cf-ray: 6bd17a14493c4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:42 GMT

GET
H3

200

Ogun-pensioners-120x86.jpeg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/Ogun-pensioners-120x86.jpeg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Ogun-pensioners-120x86.jpeg

4 KB
5 KB

28ms
26ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Ogun-pensioners-120x86.jpeg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e768459111b9115b7e773728a9a1ed464223625c6e2259e9134f2afe8b3b0495

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 747
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4426
pragma: public
referrer-policy
last-modified: Mon, 13 Dec 2021 18:32:43 GMT
server: cloudflare
etag: "114a-5d30b4c6adfd5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aps6OR8zHqzdFDoMAFdMwfWGHHpZp%2FuvDGF1NUKCxXSJ3tUXIRnpit8LVfqlG5cUL%2Fkc4h8IzC8nmPPNl8go9ztMXLBJS%2FkTyINp8Dk%2BUxXNHvRcm6shEAO9scebhf8IrxtZkUQ66wvm362oKvYe6FsYTqI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a157c714e4f-FRA
expires: Tue, 13 Dec 2022 18:55:15 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FGNb2ZMiQ2LDRTG7qElyzpZF55289BkQ8v00e7aWdsG54INtMVgHwE%2B68%2BJY9Vq5eMGYYhFG%2BKz6XlG04D51k60CePhJkkq75FhU1yPuaOO9leSrrE5j2Jj0x6SXPsVbIzxRr6QMFifptXO8G8KwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Ogun-pensioners-120x86.jpeg
cache-control: max-age=3600
cf-ray: 6bd17a14493f4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:42 GMT

GET
H3

200

sen-Gyang-120x86.png
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/sen-Gyang-120x86.png
https://www.sunnewsonline.com/wp-content/uploads/2021/12/sen-Gyang-120x86.png

24 KB
25 KB

28ms
26ms

Image
image/png

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/sen-Gyang-120x86.png
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f850f6688128ee7eb5db514514c97b1ec19ae0189486f8c4dd8c9776f23d9501

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12574
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24920
pragma: public
referrer-policy
last-modified: Mon, 13 Dec 2021 15:34:57 GMT
server: cloudflare
etag: "6158-5d308d0a32603"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWl8v7MXGU5Writvvm7o6lD0beQad7upEnG%2BJwOLY%2B9TmBkY9wbDkIH8rJup0RmnTVMRGd4I3TT7tSnYtMmFzYRFcPbZuCE98yIJp5XIddsV1BDlKB7jS%2FHYGMwdD2wO67pFFbN5W7zDVRdHvltBCmtdnB0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a158c7d4e4f-FRA
expires: Tue, 13 Dec 2022 15:38:08 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SeWLNK4efJ5ZGKkBZ5Ztb2LUlGbVue9TQA%2Bas8fA9WKjgwHwBGOcKsd04%2BaiFzgshnYGU8DegKakL843Ub646g0YPRI9IWqyZwV4bDqS6xGs%2FCzZg%2FQNPtPHp%2BQC1G62Xw27FHNJuvAwd2Pq38XRXA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/sen-Gyang-120x86.png
cache-control: max-age=3600
cf-ray: 6bd17a1449414e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:42 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4F5A 0
0 44ms
43ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEtntj_ptJGMGi_B32fe7qJ-6HHOzWvA86mOwtU8r3uMJoKhlPyInd25jYwq2_hC3O2eBAR9qAFNgMxxndlS149wvfsZ2G1ABUdpVc-MoWoZCfPlnuKv2om93OfHod3btJJNlejo8F9O1oqpadQCfnXpF_6_JpiBV0G00l633SfytGeGP8rXhUxCiehH_HNQjVb54l70v-rPcO2pUThx3q0SXIP3VhDDK99lgPHz3vZmyZ7LSa--rRo939Va66ItwA7DbbW-zN8cfg0GcRG1IjgINhX_eJr-DtxPwjt9rrie9251oq1PJC3wVXo7ktC8jwYk0quaq8YWc&sig=Cg0ArKJSzAZElwuevclAEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK a1506801.js Show response
js.genieessp.com/t/506/801/ Frame 4F5A 0
285 B 884ms
276ms Script
text/plain 222.230.178.131
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.genieessp.com/t/506/801/a1506801.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.131 Obihiro, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 19:07:42 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: nginx
Connection: keep-alive
Content-Length: 0
Warning: 199 - "You are prohibited from visiting this website due to GDPR compliance requirements."
Content-Type: text/plain

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F5A 119 KB
36 KB 78ms
62ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 19:07:42 GMT

GET 16388516019461aee4118882a.png
vhs.vdo.ai/uploads/thumbnails/ 0
0

POST
H2 200 t Show response
t.lkqd.net/ Frame ADFE 0
168 B 99ms
97ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:42 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
93ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:42 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H3 200 18316280573801185961
tpc.googlesyndication.com/simgad/ Frame C068 11 KB
11 KB 23ms
22ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18316280573801185961?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk4BoLe5DttBdCnzbX3u5a-_VBh9w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=90&slotname=7302666336&adk=770366950&adf=2369281301&pi=t.ma~as.7302666336&w=970&lmt=1639422160&psa=0&format=970x90&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460436&bpp=7&bdt=274&idt=368&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=315&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gy81gyRDvh&p=https%3A//www.sunnewsonline.com&dtd=371

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57872629913f02ec5d88b1fa4103bfd5f1566f1b36a24c2c35dd1094b63f36ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 10:43:37 GMT
x-content-type-options: nosniff
age: 289445
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11137
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 13:17:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Dec 2022 10:43:37 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame C068 19 KB
8 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 18:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 18:51:18 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame C068 2 KB
1 KB 33ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 19:05:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C068 119 KB
36 KB 39ms
32ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 19:07:42 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame C068 15 KB
6 KB 33ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 18:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 18:49:47 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame C068 27 KB
11 KB 33ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cc36b7e19b912c6d09739d2c3edbbb05a272be96736ae9fb0b0a70c2a331d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:23:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11415
x-xss-protection: 0
server: cafe
etag: 3382072337847676073
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 16:23:28 GMT

GET 16388516019461aee4118882a.m3u8
vhs.vdo.ai/uploads/videos/ 0
0

OPTIONS 16388516019461aee4118882a.m3u8
vhs.vdo.ai/uploads/videos/ Frame 0
0

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 2D90
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

73ms
73ms

Image
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date: Mon, 13 Dec 2021 19:07:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E99B 42 B
63 B 57ms
55ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AIMlkHROopS0zpc6HaCmYPjEP9Mc72VfEgOQ5qTzppN1RzMtL5YhjfQHU_8RIDwlM6eDpYk7kjwqVsX4G7I5MOSzO_Vt5URB-BI0Qd00_16JoOxdU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=90&slotname=5247484779&adk=3007378855&adf=1881412065&pi=t.ma~as.5247484779&w=728&lmt=1639422160&psa=0&format=728x90&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460894&bpp=2&bdt=732&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=3643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=P37kt1qyDA&p=https%3A//www.sunnewsonline.com&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E99B 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 19:05:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E99B 119 KB
36 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 19:07:42 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E99B 15 KB
6 KB 17ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 18:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 18:49:47 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C0D2 3 KB
579 B 21ms
20ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8218178373&adk=2033062148&adf=2621076951&pi=t.ma~as.8218178373&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460554&bpp=2&bdt=392&idt=292&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WyFRi4xKFR&p=https%3A//www.sunnewsonline.com&dtd=298

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 18:36:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 19:07:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 19:07:42 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame C0D2 1 KB
880 B 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 19:05:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C068 0
0 68ms
59ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBlvK_Jm3YavDOr-A29gPj-SQiAbfiriDZPb-77ycDv_Ror3AARABIOTm7QNgleKQgqAHoAG8tcfTAcgBAqkC9tRk-93gZz6oAwHIA8kEqgSNAk_QTV_Gp_B0b_C_ubsT5B05GcXJTTstTmcSSG__evV3cs5AiEqOEYTVqdmsnThBQIT-i5Zi9hcJUSGsPtUeN8HBSwl6B2we8JBW4j9wnVRvIEkSzjn_5r4XVSpZns8UFdWHN6x1nxbR0jpljGkBlFzLVn39pte3qkABtNWzRzr2a4fMKcpdVU9xAtZukPPiHHw-NRg0l7pd-ROEQpmp3aC-1Es4rj0YAZVQbbM1KxLDvuN2yZu7gilFOcDjCmqsH9j6Mlj4qw5TWSU76UxdCueTjWUSQNtMpY2fJQRM9NcnzrAnshzbDlw-z6-YwAyft9b9c2_3fT3nWEnN1f4sGX_srdoLx7bOa-kzmRaTwASq2cHx2AOSBQQIBBgBkgUECAUYBKAGAoAHrMq4rAKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCNowTSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNDQ1NDY4NjcyOTcwNjM1ORgA&sigh=Qk8Eh4ovong&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=90&slotname=7302666336&adk=770366950&adf=2369281301&pi=t.ma~as.7302666336&w=970&lmt=1639422160&psa=0&format=970x90&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460436&bpp=7&bdt=274&idt=368&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=315&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gy81gyRDvh&p=https%3A//www.sunnewsonline.com&dtd=371
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 13 Dec 2021 19:07:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
BLOB 200
OK f1a43aa6-6333-4f70-ad45-a02a9754b266
https://www.sunnewsonline.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sunnewsonline.com/f1a43aa6-6333-4f70-ad45-a02a9754b266
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13578d1af4231b0fe1dce97d8c588932ffd2f70cd593575640a8315463bd2c37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 5417
Content-Type: application/javascript

GET
BLOB 200
OK 35278d27-4305-4b7b-b2a6-50b7cd44cfc9
https://www.sunnewsonline.com/ 75 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sunnewsonline.com/35278d27-4305-4b7b-b2a6-50b7cd44cfc9
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 77017
Content-Type: application/javascript

GET
BLOB 200
OK f6a44e17-840d-4062-9dbe-7ff217b37c7a
https://www.sunnewsonline.com/ 75 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sunnewsonline.com/f6a44e17-840d-4062-9dbe-7ff217b37c7a
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 77017
Content-Type: application/javascript

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame 2D90 36 KB
36 KB 47ms
13ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQJYaNDP3CRCRW3okggiIGz5NDZXyvE-4M5sbZCpKqAx8M-jPlnvxACHGvP-g&usqp=CAI

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c002033dc1786c188abba1b97aea814ef0945b03e5d3858dfc753e8063169a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 19:07:36 GMT
x-content-type-options: nosniff
age: 172806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36912
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 10:29:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 11 Dec 2022 19:07:36 GMT

GET
H3

200

16954104317476786032
tpc.googlesyndication.com/simgad/ Frame 2D90
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCr6PbFiwEQnQkYnQkyCKuj71APLB1M
https://tpc.googlesyndication.com/simgad/16954104317476786032

34 KB
34 KB

15ms
14ms

Image
image/png

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16954104317476786032

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

847d2854bb34bc89ab8514267909dbec0fe245278448227d23714781f9dfab71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 00:58:34 GMT
x-content-type-options: nosniff
age: 410948
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34759
x-xss-protection: 0
last-modified: Wed, 13 Mar 2019 08:47:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Dec 2022 00:58:34 GMT

Redirect headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 13:21:12 GMT
x-content-type-options: nosniff
server: cafe
age: 20790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/16954104317476786032
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 12 Jan 2022 13:21:12 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2D90 2 KB
2 KB 26ms
21ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 12 Dec 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 82346
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 13 Dec 2021 20:15:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2D90 295 B
320 B 26ms
21ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 48248
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 14 Dec 2021 05:43:34 GMT

GET
H3 200 bridge3.491.0_en.html
imasdk.googleapis.com/js/core/ Frame B5C9 128 KB
0 46ms
11ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198240
date: Sat, 11 Dec 2021 21:08:33 GMT
expires: Sun, 11 Dec 2022 21:08:33 GMT
last-modified: Wed, 08 Dec 2021 17:44:52 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 165549
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 2609ms
2543ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 19:07:45 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 95ms
94ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Dec 2021 19:07:42 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H3 200 logo.svg
a.vdo.ai/core/assets/img/ 1 KB
1 KB 27ms
27ms Image
image/svg+xml 2606:4700:3033::ac43:de92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vdo.ai/core/assets/img/logo.svg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:de92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 529
cf-ray: 6bd17a164c0942d5-FRA
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 02 Mar 2020 08:12:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rc0XW54joac3ICQYofu7gVhGrNLeYgLL%2B%2BNHab272bEJz0HH3wGYezc5ncY4rqtSyYsKq%2B%2FLs%2Bt14OuOuEqn30tiAsQ2MahjtCIIxHDDzTkORAXjhHqkT1RhpABPbE1%2BVEP%2Fw6LqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 37744895 37744525
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
access-control-allow-credentials: true
content-type: image/svg+xml
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 17930618756056698201
tpc.googlesyndication.com/simgad/ Frame DE1F 36 KB
36 KB 20ms
20ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17930618756056698201?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnvAGxMmZjbsUkrQTh2Ws6yfFOlxA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8187176395&adk=1477350333&adf=1664212563&pi=t.ma~as.8187176395&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460638&bpp=2&bdt=476&idt=267&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yofYObC5gI&p=https%3A//www.sunnewsonline.com&dtd=299

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c4954f5085d109f7a501ebf1349153e9133f1aa1b21926d918ed7b0a4a3402

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 08:00:08 GMT
x-content-type-options: nosniff
age: 472054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36735
x-xss-protection: 0
last-modified: Mon, 17 Aug 2020 11:36:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Dec 2022 08:00:08 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame DE1F 19 KB
8 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8187176395&adk=1477350333&adf=1664212563&pi=t.ma~as.8187176395&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460638&bpp=2&bdt=476&idt=267&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yofYObC5gI&p=https%3A//www.sunnewsonline.com&dtd=299

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 18:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 18:51:18 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3D7F 624 B
297 B 39ms
26ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQlL6EARjroISZATAB&v=APEucNXbDp2Xzi883K_8ySgaI94v6wWn06LLunJ7FivARz7nrL_5VZfJgLATzk-mReyhXYcXKTTbI_7zuNc02qbZ7rJuxUHbWN7VgyQMHMaIvcre985scO7pcHDe68S82C5d9x5s7iE7P97BfrXC4JshRXLTx3rBlB3TpWVOU9V6aPAVq8LM1qs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=90&slotname=5247484779&adk=3007378855&adf=1881412065&pi=t.ma~as.5247484779&w=728&lmt=1639422160&psa=0&format=728x90&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460894&bpp=2&bdt=732&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=3643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=P37kt1qyDA&p=https%3A//www.sunnewsonline.com&dtd=4

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 13 Dec 2021 19:07:42 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E99B 78 KB
31 KB 79ms
67ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BaUR5pkaAzTZ5S4yX0bQ6MPDXdhlr2VTvpJUwpb3yyZhZ-07U8xcUmgCg9tbpZrRFB_HyOoo5R-yktTe9N9XtcgGG1EiToXcObnNCkZellyZEBFotswtmC19d0j-_nOaFV2f0fw9PT7g0HGwtPiHYJD9VA_g&dbm_d=AKAmf-C4zVP1CUkLVuxSihaqcfsvgrRWW8l2UcYPvaGtucCCuAikl_tWK0co9GCCUl4AUDdPe1-RgsuDYwxg9GEW6c5XamTlbpvVdhAt2F-47A6vEVsRplBWUnV0fFqntgSXw6q1ntvXJNHsIcheaAfycfrcNg38yzRu0jxrxGVRfdDHMxw_Bp72yqhPFIdrxr1-69WuzF1HkKkSeylSdr0FkOgBWL84Z79RayEl8_ngw0xkfJSjvilo6YB6zRW9TBYHnbP0Z5fU3kEfLVgCTzoP4ijit7nWEz3JJs0SDIm4q7l6d3KOisHuMsfTsSrE9_GioiK9dSL-sB7nA5RkYhU7zWW5iY6cOyTROuaQkQcu1d0ylPJA5Mdr_nWUqTZANqXeL79Qpoyhz5ADtrodZv6vvBO0bAHGIgl6tZ5aw5zaMk8WM4_An2Kjpbt5Zpw60mgFd14LYRWXTUPED2Bie6oDDXxiXr0JIOE1OvGE8zRRZN7A3OcJapF9iMoxNK53_eQqs7gyYjQa_aAJfePPNd9h8afp9ZcCtq0sMgh1-B7BN3PYxl4T1RtM5CHUB6xTXLNSKFFR_5WJ2VTuGVgd1Rf07pkBy_iUgFt_ZN3k4J1bRmxmGYy23yUpzQAtwXVXo6MNdDYhhkmJ25B-j_SqdMOgfK5Ior2q0loiwSrXWxohtd2mv373RG1Tn2ucfX1hRbbzXVz0l_CL-EyeKMkMQ392mdlAunsMHGUpsBE-UopqrN6SvQPgwqndkIrSlt6qLWm7joJk0-ZWYzgMnx9oOobX1M0Qhm7meTJtFEHr1WesOUy36zlm2OWElYz1pka-ubhY739G2Yvg-GwQ-i-RgX_ak3vx7lv6DfnlZX2TEHwksANVHjORoDjTUQPOHdOvJKsdF7GHIRmO49NVJ92uXADT4U9_ZO5Jj-51jsjms7fQtJL6IK1Ak1iNQPYA8TA2sZn2-5wfk7pddDWx7hoPCbUfxVvx79sDcegexhomiwcNOkCjjh5xxaVu7z_0F2ICJJymmOjVAI8g5DNfcMJCYyGZTEZOaTW39prGIJoXGeDjCjp_ZDVDUQUKoCBrGa11-Bs9KD39tgO3pU-yis1m0iDRjnl0Cj-H-NBhK5gXht2e_dn-tVcwqJsgWhR8hxL8AkYH1GAmQgeiZSAH2v3tvXkuFma3MJCnym0p4WijVJbY46rnGpCxNSHLBwhuzysiIv8FEK5Mubp35ld1utJqAETExS4eqEKsGREwrucJWc-gShiVfaJ76OcA-G_tHw4dSVfACyiTuA-iOLWg2oUdhql-UQ4galBSSRx8hTV_wiZwqGZ3gsEYzkpU6vSrnuVXqdhRISGLV4QMzDGWXD04CalMo58zC-p607iUAz73pE8xfrI04GvXZrQ9autDXZ7nbV9Alqh07WQDBNtavZWQcG7-klWFDKIjvN4KJOVp7y3FVDdaQvw1FK6PSpeA7GvUkUdZ6OeVI3SIlTVCbGcWyiVpQALrgGh_ohW-e9Ii-uTsoEl8ySzfuNYxe4IfoovZ3_KA6WDREV8JAT-v7hrwa1EvBOSHrkbSJ5HbUc030FpIZAnpKZnWKXcEKJqFlUE3cEBn4nnk5CtYNoBy9Hwu2vnWba4K4X5oMnNgydiIoV14EgIBGu6cfD6s9Yn9zKoi4tzJatG2V-vM5i5M_Wh6umPE8fsH-JJMHICafYhsCMKfIQ_INI3MSMMphjV-9o0c6fmWzIbbbcRCJ4Ue9MOsY3sLeVDsWNzGfZiZxn49mAPKuBSzgfYJ9fKzByIy-CyKRGZwUHzTwNbPKsARHeX_RtSZBCIUld4rtwGLbpll4T4R2_zX4i9UPtWN_QB2LpNnYnhM6qczhKOaEa1uEPE3TqahkH99MlUsjzHE77JgM0SMdP6T7geYDAa051pC0J9kvsYjnpIq2qwWYTrte-B8TmaC0SSCBaTpWyuLeKF4z8UKomHdO9pZgi4t0d6ZBZr0Ls_ogFIf9EqpDMn7S3PbmJrw45U39mXe1DoC3c1r5gMY7F5eYcdb5ZDhCENwRyx0hsKutcRshvc1YovC4AaLORaRs8GvMxqf0QHfyPmPLcFVRQwZJFWLvGXFwO_2EWt23mO6i5EV7E49B-5PVChNIHs_gxiAE4hw48cGtk15phB5ceRn57oHKBTBItF_0ycuHovaQMuabeup8e3vMG2oB0aCLTGRJuc6tVqaWjLhuzwBCTNbYq4VsX_2vQ7uKH78dulMmgvIA73_iE7SsJil_caPcaKXDcGGpOvM9gvoDm53I1i4R9tbn2EqKCslT3SnBUm4xu-vm-uSFTiBj_UrJm2LPSR1qhq8GKFXcrKduuSNCXWikMYe-9Co-cUnlHNM9G5p3pvuPVBiQK8XS0sNoLuvhIrJzD9MAwinH915REpPenbbG__iuk2x_PPMlCpmgBBb795qWWlKpkfK9xd8v14JdEQXmli6DlX44mmRTRPgTBeWKyyVfIqvv4fAWHIKOAbN_-hk3LLmWx0NoHSamcU23sno93wE0yALDOEflfxzMqaG7W78Pdf0rAKZZ_QBTYUMs4UPXTdfoTU_K3uu0nOmK262Lh0bAdUbztGv2nVJT07UUkk7YX5yfW9uGCtKk81CmhNsaKD7IYgfQiVfevoy0MkeDhb1U_400zTE2m1KkWZBJjGY0vU5bTBfdFboE6pg41qxTc6BRUdL5GJRjHuSmz-SLYPcIsYayeGp39fIcfKNcjeWbvjJtSb-4EC5xLD4SKbc-heNQmsAXU_IjzNveCgFxz8EXWJYOvPfzFb-tpgaQRij2xWtCtgMWRdQD9DwLSD90fr_KC2T4sFQxar6dVClvW1F2gGWGMufOwLDYs1HD32cUsc8KCD1UmmoHRjti2S-E_gY3QRy4hNcs4vwzNKQE7cexk1wsfgqRjoSXGrIBMRFI8MmtHm7DwlKZqJJk4UOZI3D9bbr_fZI5AYzZZZkRh_fvXjlFtgfdXZtN68xPlvB74ahWrB7xfDbJdtffj73y-rAnFMmBPezrDrhs0-4uYQO3Yc3pyFpbnDF8Qsc3hdFWTOzTxQIyw1zG0fLrMX_vctjYITlqCdYyD5248xlLIBVvOR8tND4IoWkUVoSW08FvjGPAkwMTl2dBmopKWCGg2uv&cid=CAASEuRo4yNFykv5bUEk7ilrFYg1uA&rfl=1%2Chttps%253A%252F%252Fwww.sunnewsonline.com%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e94d6a3d8f161cc306ddabb1ac1a4e84f3954fb0dd279413a8311f3019b358cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=90&slotname=5247484779&adk=3007378855&adf=1881412065&pi=t.ma~as.5247484779&w=728&lmt=1639422160&psa=0&format=728x90&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460894&bpp=2&bdt=732&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=3643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=P37kt1qyDA&p=https%3A//www.sunnewsonline.com&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31297
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame C0D2 19 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 18:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 18:51:18 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame C0D2 2 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 19:05:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C0D2 119 KB
36 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 19:07:42 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame C0D2 15 KB
6 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 18:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 18:49:47 GMT

GET
H2 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame C0D2 27 KB
12 KB 42ms
13ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 14:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 12 Mar 2022 14:47:32 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/dc05ba20/www-widgetapi.vflset/ 148 KB
48 KB 32ms
10ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/dc05ba20/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1532c83a8f3a0da783ad1f65510b3d387200c9c6f34982293ce00c4470be5674

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:02:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49297
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 00:07:31 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 13 Dec 2022 19:02:23 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12656307429540424824/ Frame C0D2 9 KB
9 KB 16ms
10ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12656307429540424824/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89efa6f3c7df1e983c818b3f09515515a7095c5a0db4ef51de37ae3beb924e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 09:51:08 GMT
x-content-type-options: nosniff
age: 465394
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9087
x-xss-protection: 0
last-modified: Mon, 23 Sep 2019 09:25:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Dec 2022 09:51:08 GMT

GET
DATA 200
OK truncated
/ Frame C0D2 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7B6F 143 B
163 B 12ms
11ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=90&slotname=7302666336&adk=770366950&adf=2369281301&pi=t.ma~as.7302666336&w=970&lmt=1639422160&psa=0&format=970x90&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460436&bpp=7&bdt=274&idt=368&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=315&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Gy81gyRDvh&p=https%3A//www.sunnewsonline.com&dtd=371

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 13 Dec 2021 19:04:34 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 188
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DE1F 0
0 58ms
57ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8fr__Zm3YcTNBc_k2gTV74SoDsPS45FnstrIrqwOoIeA7JACEAEg5ObtA2CV4pCCoAegAYbX170DyAECqQIcIRu3xe6yPqgDAcgDyQSqBPwBT9BdeQ3FBWYl8cxlnQR_TFiIo06kEft_i1YVxCypmy7P5mo0y0cuj944J7fVNV6eCCp9szB39HezdVSfBbXdqL6Ld2j4fZyzYZoWooyK-RZnEu5ehO-GRCH4ktowkHbfJiHEOSm-jOwK7YbPbySmV2fbId9BdHQz-ae2K4yqEcULRnl4Fru9zXZj4tssKFB8QGGmQjU9tUGAaJLUz6AUfQGYlBf596SYhQx0vFcyWYLjvAV3mxo5fJ-xMW46XuqpupCvicPvAYgBCJFrvuQGHX6NIq60qsM1hr-DRvpz36fQX_Q7Kz3G8VWY6LCm1rJetSuzCk-dFomuXUfMwAS2y4qb4gOSBQQIBBgBkgUECAUYBKAGAoAH4qioQqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEMHhCNIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi00NDU0Njg2NzI5NzA2MzU5GAA&sigh=lUzb8WFAKyc&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8187176395&adk=1477350333&adf=1664212563&pi=t.ma~as.8187176395&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460638&bpp=2&bdt=476&idt=267&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yofYObC5gI&p=https%3A//www.sunnewsonline.com&dtd=299

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8187176395&adk=1477350333&adf=1664212563&pi=t.ma~as.8187176395&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460638&bpp=2&bdt=476&idt=267&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yofYObC5gI&p=https%3A//www.sunnewsonline.com&dtd=299
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 13 Dec 2021 19:07:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame DE1F 2 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8187176395&adk=1477350333&adf=1664212563&pi=t.ma~as.8187176395&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460638&bpp=2&bdt=476&idt=267&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yofYObC5gI&p=https%3A//www.sunnewsonline.com&dtd=299

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 19:05:50 GMT

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame DE1F 67 B
97 B 27ms
25ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8187176395&adk=1477350333&adf=1664212563&pi=t.ma~as.8187176395&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460638&bpp=2&bdt=476&idt=267&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yofYObC5gI&p=https%3A//www.sunnewsonline.com&dtd=299

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 05:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 48941
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Tue, 14 Dec 2021 05:32:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE1F 119 KB
36 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8187176395&adk=1477350333&adf=1664212563&pi=t.ma~as.8187176395&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460638&bpp=2&bdt=476&idt=267&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yofYObC5gI&p=https%3A//www.sunnewsonline.com&dtd=299

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 19:07:42 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame DE1F 15 KB
6 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8187176395&adk=1477350333&adf=1664212563&pi=t.ma~as.8187176395&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460638&bpp=2&bdt=476&idt=267&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yofYObC5gI&p=https%3A//www.sunnewsonline.com&dtd=299

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 18:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 18:49:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DE1F 0
0 56ms
24ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBKavLreq1oLTJp3Rb2B8DruzzuJ2QvXX9Ocg0HqWCPUpvSPjfA5_rW0nY45k_dvTFBVy89ATZJN3CZ1K2xlnemVg-SQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8187176395&adk=1477350333&adf=1664212563&pi=t.ma~as.8187176395&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460638&bpp=2&bdt=476&idt=267&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yofYObC5gI&p=https%3A//www.sunnewsonline.com&dtd=299
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame DE1F 27 KB
11 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8187176395&adk=1477350333&adf=1664212563&pi=t.ma~as.8187176395&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460638&bpp=2&bdt=476&idt=267&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yofYObC5gI&p=https%3A//www.sunnewsonline.com&dtd=299

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cc36b7e19b912c6d09739d2c3edbbb05a272be96736ae9fb0b0a70c2a331d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 16:23:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11415
x-xss-protection: 0
server: cafe
etag: 3382072337847676073
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 16:23:28 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C0D2 0
0 55ms
49ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Chg2N_Zm3YfGFAcih2wSg-p6gAuL2-_VZ8pPDrs0JtrS_yuQMEAEg5ObtA2CV4pCCoAegAaj6rdADyAEJqQIcIRu3xe6yPqgDAcgDywSqBJICT9Aacr5uj_xemW7viEQTVw66apgB0Ep62GyvQJqlHdboNGr3aKuZILkGrXO5jyEIDADxjIxTKmrmOdHa3hK7JBF8dO2VJpMeTZPaU7zmZgr6bPElUYII866F8sIHJ1ORZSlf57TdRn4AdyNt3ZMkwP__4qu6DcbJtDo4QH1DipZXIkgfLK-HCM29UfQCXDQuRIlWJG0RTGKUg8zYZZqnmfDgtGGQlFMT3q7XFdtTsJ_yh-abB5diQOpBJTwslmgy8_n2LmLnYg-iUQlL7FiW_OIl1Oo-MjWqPRNvfOixlCj2Me2UmUUtkTxgTk_pyPY-G1PQfoWVUjpx_AzZZGtFNL9Dc1BmwTSfYvgCyv3pVndOQMAEpIz2tOsBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8CF0i-oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDkxi3SCAkIgOGAEBABGB-ACgHICwG4E4gn2BMN0BUBgBcBshccChoIABIUcHViLTQ0NTQ2ODY3Mjk3MDYzNTkYAA&sigh=A7v5B3w2gAM&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8218178373&adk=2033062148&adf=2621076951&pi=t.ma~as.8218178373&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460554&bpp=2&bdt=392&idt=292&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WyFRi4xKFR&p=https%3A//www.sunnewsonline.com&dtd=298
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 13 Dec 2021 19:07:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8E3D 640 B
316 B 26ms
23ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNVo4Yifkwbja9fcEjGMIyvtGsA7M7y_RQbI2BQTzxIRd4XIyWx4pnNR21Qivrxdcon5iviFbhyKaIbz-IQJEdClmgOsVND3uyFS5kydhioAP0TxELhiJnCDVhBuMnIQgXEMH0vD3KNfneNAIXFjBhdgDioEQ3qnXb5TQUQMDrZEEn2m-5E

Requested by

Host: 9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com
URL: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 13 Dec 2021 19:07:42 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D8AE 72 KB
30 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D6NVNLITia5UP7EiC3C8kRsVwY_WDmSeGnyDoAJPvPHpbrCJkPHY91FhOqroGJdidiA7AhK6KYpSA3uPuZcAmEBl3jYibZC3PR_wvn4CcjWfQzJkNTPezdMnqb9I1-57-ijpsz9CyaKBuWor79nEYEHj6UOA&dbm_d=AKAmf-ClBBXj2oGV2dF58iFma1mf6nHWFLWdmiAMLh8yu_YodjE0AAnFutuNf6LJ7guIXOBPl4qI9z61gfS1cph9WMeT9C9LXjGVp3lJfzUnWb5EK7Iy0Ulyi97DwYzMbjuk2--NkQgKbW15yDsI7SIwwsdoCsXcDJSN8md_5BMv-g9GLfDIbxd5MjQlZ2pHQlxsxWVaLVUWd4zGWfYb6Mjcti4q18ozwv3rXHf1a0RUtc2XcURDlSNgHLDOGZEDAHcX4TvMEsNSRP-3YFOzWgNTiYFTQO1KisV9GbGQYhHA8v4A3KON3p-n1HkwXa9RIq_hNIHpwOyL_QQaq-D_W7gWLzrT_gE3aLtNMIJVX2kx5P1mwwjBLOKKpQBO59mvn2rQ8R8vnUPKbZdAFnR9SzbBeDil92jibVhxvFt9sJ0Rwny84GYN_82SwRC8ElwgFp5NFOGpxE2ueSSOafKRxsPQwGxMrA1pqDw3q5A6pZBGr1yM1rt4hI8pzYmQArPTJBObxGCqa8sPft7xlTz4roy3rnmgWzB8tLUI6Q3b_JAhaEjmZZxlklITQggka2RYorr9yKF7Llxha8nluwvAYaYOx5PcsqlJO8RQeq23lPXquCTkjNq0VAtj6RCyG07hMxWlxLp5o8-YmesW8OpKfEwnFdAlLA1d0e37jr4zRKEURFunH8C7dqv35in2vSike7TfBONfEhBNV7jOhVbe3q3E1PKs1dPlOjc_8a6MEeyBtc91B9vfwKeuOzZidG2iyER6CM-V45BIPBfp_8T1rd-3LO8McBEX4F5dPu9fvbYAHonkkl2_KxHM1qLqdirdtoRS579jq9ymx91U6WRE2Hs2RvyP-DU_-RTI18C7mOpw3DNZ53aBM25mxRZSF757bze5udatcaUTwephNAuJfCw0L5Ysh6S4GCQeoU-Fk1gCZShBZh6XNKz22Ze8GOicIN6L-4-U1l7KJaj6244smU2UMRprSQYdX48t8q4j5SvcTXrFrOPAZXQKFgb32vqzvTdsZhAEcawDJhTjplfOkm512MEymlRBYZgbMo1Sg_7YM7Pq_HLZlb0V8oFpz1f4YHnYZNXoTP4z7UyK_p0OyxsP5Q56zGkVXpNxVEXwzW23n9Xt7WM9GQF8QK5PmM9wXDhYtqkoC9mF8sjqVOF4J6AycJfscWA6am3sStE7qRxVhFHERqjYabZmsyII2VYLdM7TFacnB8Gtv_1ioBxJxJqCgW67hZsZvI7YdlGG_0dn00iHWURApJ0fah4st0-mKvJCfXCi7jId9E42M2YWGPU9vjECgaCDTrpjV-xYZGLgOFw-XOBh6pQVu6BuuVZHaj00IuS7fIaRGeP8miQy_aEZNsc49ulaWcGfih-ABkQOubD9JNaibcXoEPODpQXTu7ncaR1RtYbh6DVo6LM9rGo1jdytP2bOg_MASSVTyMdFg-7BbG_rhmGZqzcAj0W6zmiVTwWxoRxglmn-OMhBTC_WCDvrddYHwB_vjhLoB5ps3rTli8qiXazwnQllEim7t8su64QT0QxZWhG00uo0AWEQGi-9O-QVPfpQxmdPaqU1eaiT-Y1MudjoT7Q89kBv5qa2w6YrAzSzUfRSi4DmBzLDkcSLxq552dUGI3NtO_sZr-N2fsQUywgQ1RqJ96uLjQ9YSzFsIzRsqXVK-ZHfDCMPdjCsnb6aTeahY6WonCo8t0xkXNP5T2LnlBY0mDIvlGWL2CQoPPZjjo_SK_IkOJ6kxtESX4zZiunvzpICspLhb3qe-DkQRslAquj6Yq9l5brGcKvxE7XCx29vWqlxlp7c2DWd2MOfmHjRl2HhTvitZb9JeksNOllKjOLByM0aao2t7OAsT24jr57Prrx0omA7hqE33xDu3nl2mvsVK8ro4s7ld0KHrx5uL5joccUSTwa16kDaFiidxXAz_gzi3c0xMY-LqQAcJ4_bprskdy-hszUpvSkolOoFhJqYcF2jMPZGcU1yta1HU7IJruw4qW3gNTaWco1LGp88LYH5nY0aGetmjhBTJCF13KUM-Kbe9MvtGumWGqSBN5ofxKugMM_jrDs8AIKnxshnQncEcKWDAZc3Dtv_8Oi1q40IW6srFOrUO9LzX_EWmcdd8EIa1_FHKduLcA0IYyBOoBKal6iNETTHwnD5OEd-01UbJdGZ3Xz52IUiwChc2ML8X6bafDWrL6kblwJ0m6qjTHWzDEYKl596rmPl2njlk1M2m5nAm2y5eEWvqD1v7TZX422dnGhsMQtdl5hvEeYRh4mzcEdSilqws3P1SgRtbBK-u5S2fYNrPuFBpp8K2N7RHIwZ8ilDmGwJvx-_ENO9QGRmJ1DmlQVbgYVgAwe4ov1fre1W_ZTam_N-DNsXqd_bzaFaZu9d9-n5qWqhO5ug8JYbjZf57dt8-jdK5s-lI72R7V0Tulq-Qbz3RFiJzYiiLnqV0lWt9zcUY9Er9dUmbNNxFtaITB4nTABVWRnN3wQcMnNvNv3FLklhl-2bHv89rY8IxQihd--e2GYmUe2XxzY6z65afdDuh-xSo5uXujJTlB3tSiI8tD7iUV7YvW5tRAgI0AbG_i2jDA1JftPxptiS1Byx3uER0dFliJJtYbHb-gzvLJYGw9Ddf49MMJ-19gYrm-GyPS6qfoqsARFo-AHnPy1w-zZ4DayWLH7n4aNoDnDQYy6WaE1AJEeVTqyXA0ugHGjOqdr0UOSnAT90sYXC3fHq31gDozufzhDV9WtK6-kPfDW5HYjHmDrlDd-x-HK6hE5GFZSlVxg-a6Y5VY4_cdwLTqj8Ja7TT6h1rUxh2EOea6oXbktO3nZZJsexzHrPTB-9MZU6pq8I2__bjEdHwwBMN-I70SmrRyRUjRA-nYPzw2x0I2guaUBz4jCaCEX6TwzcSppHllrBnEiay3k2UojfOA4z9z8BlFmx-6e_zEr610q0WnT6Y2DJiSBqHxQy1_d9eqX64bjpGoRuZ0t2hGdlYbW9VUh-Zn3ZxfaEGKQz1_zziT0zwFmMm-D0G93cEWUZM366wLdheJ1g5BEtPbVg3_cBNlPVzsKteMIAYV1wp9hExyFZWkuk8gNt9I47fTt2eX_0ur_90djyHzhHiZjAtEfxE3uulmnfbDjPHo7hExMDQeOvLZu4GyAE7xqTKFpFr66-z8ujejeu-2xs_6rCjc1qprsG-Z9-TsPvu7qJhrK_ssJFlFuOQidzHbxHyDXfFKcAv1nYiJG6_snj5J3eAbvDMADVXKqCncCHaH6GuPY9ESXRornFsXkygjFTJdWFqe1-ZomMfqsM_msWMFjjsbtWOXXrRYwKi1VsoBdpQXZW9nUzLlaK7XJfFs9PvrHGTe-NcQDZvMV8ThvVpxoqzZY56uXPkEifaPqbKAmh1fJsHc1cT2wA&cid=CAASEuRo5tFCDqP_rUme8MXxQ2kCpg&rfl=1%2Chttps%253A%252F%252Fwww.sunnewsonline.com%252F%240

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3a6b52281723025c65dabcc7ad9a983004c70717e67704d6d6b25b01c67534d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30594
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D8AE 42 B
63 B 45ms
44ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dp6xawjZA_Vu4NkPTMptneu3SXQJIrt9Juw-RQpCDlDO34pRH2LVGCjwvY13Ec-5yYR5euEeMl02ool7pgARXuESA4Ly-qkneL-nK6nR3E2gwHu1E

Requested by

Host: 9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com
URL: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame D8AE 2 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com
URL: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 19:05:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D8AE 119 KB
36 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com
URL: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 19:07:42 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame D8AE 15 KB
6 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com
URL: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 18:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 18:49:47 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 94ms
94ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Dec 2021 19:07:42 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 190ms
96ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Dec 2021 19:07:42 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 281ms
95ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Dec 2021 19:07:42 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 272ms
93ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Dec 2021 19:07:42 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a

Request headers

Referer
Origin: https://www.sunnewsonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
10ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=3&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=pageview&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1985670744

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75978
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
12ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=4&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=website_pageview&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=522104135

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75978
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
12ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=5&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=began_btf&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=49021962

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75978
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
653 B 201ms
152ms XHR
text/xml 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.sunnewsonline.com%2F

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
723 B 220ms
217ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=0&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C10720129634345943198692857244%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:42 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639422462729030-388
Expires: Mon, 13 Dec 2021 19:07:42 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
723 B 173ms
127ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=0&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C43459431986928572441370361095%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:42 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639422462767029-427
Expires: Mon, 13 Dec 2021 19:07:42 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
652 B 232ms
186ms XHR
text/xml 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&t=2

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 995 B
871 B 128ms
36ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C43459431986928572441021382728%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c5c872efcd40bf95ffacbadaefb31eed30094992908d7cf7b5b00c74ee435c93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:42 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 610
expires: Mon, 13 Dec 2021 19:07:42 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 78ms
36ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C9751530654345943198692857244,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 46fd794594d2e7812dc66743e584ee40a6ab470408332106702690836c6cccd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:42 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1156
x-sticky-vk: 1639422462503014-384
Expires: Mon, 13 Dec 2021 19:07:42 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 78ms
32ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C43459431986928572442103033418%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ccf614182676ac274a01b2c3e0919fe59361d83e319ab1015fe40ff9dc72afdc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:42 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1192
x-sticky-vk: 1639422462700090-423
Expires: Mon, 13 Dec 2021 19:07:42 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 125ms
61ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C4345943198692857244502887984%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6ae709e6a05010fb606069e88a308928c3a9bad8bfeecc796b17a88b980c918f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:42 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1190
x-sticky-vk: 1639422462740069-381
Expires: Mon, 13 Dec 2021 19:07:42 GMT

GET
H3 200 omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E47B 37 KB
0 12ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 18:48:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 13 Dec 2021 19:48:50 GMT

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs= Show response
ads.adaptv.advertising.com/a/h/ 249 B
551 B 276ms
222ms XHR
text/xml 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1295746392&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.sunnewsonline.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62285&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-205-242.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4650 143 B
163 B 8ms
8ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8187176395&adk=1477350333&adf=1664212563&pi=t.ma~as.8187176395&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460638&bpp=2&bdt=476&idt=267&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yofYObC5gI&p=https%3A//www.sunnewsonline.com&dtd=299

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8187176395&adk=1477350333&adf=1664212563&pi=t.ma~as.8187176395&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460638&bpp=2&bdt=476&idt=267&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yofYObC5gI&p=https%3A//www.sunnewsonline.com&dtd=299

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 13 Dec 2021 19:04:34 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 188
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DEFB 1 KB
749 B 8ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8187176395&adk=1477350333&adf=1664212563&pi=t.ma~as.8187176395&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460638&bpp=2&bdt=476&idt=267&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yofYObC5gI&p=https%3A//www.sunnewsonline.com&dtd=299

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 13 Dec 2021 13:26:12 GMT
expires: Tue, 14 Dec 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 20490
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1C05 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 13 Dec 2021 13:26:12 GMT
expires: Tue, 14 Dec 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 20490
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cs
cs.lkqd.net/ Frame 3BF1 43 B
308 B 92ms
91ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 3BF1 43 B
308 B 94ms
93ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 3BF1 43 B
308 B 92ms
92ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 3BF1 43 B
308 B 93ms
93ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 3BF1
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886

43 B
308 B

92ms
91ms

Image
image/gif

146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:43 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886
pragma: no-cache
date: Mon, 13 Dec 2021 19:07:42 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
DATA 200
OK truncated
/ Frame C068 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d9a143285e5bd82df6d96b21d54f5c19b08dbe41ec0774ee28951682f85505f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3D7F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOA7z96ulZdzSDOJNBcfpAY&google_cver=1

43 B
1014 B

77ms
40ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOA7z96ulZdzSDOJNBcfpAY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQlL6EARjroISZATAB&v=APEucNXbDp2Xzi883K_8ySgaI94v6wWn06LLunJ7FivARz7nrL_5VZfJgLATzk-mReyhXYcXKTTbI_7zuNc02qbZ7rJuxUHbWN7VgyQMHMaIvcre985scO7pcHDe68S82C5d9x5s7iE7P97BfrXC4JshRXLTx3rBlB3TpWVOU9V6aPAVq8LM1qs
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 13 Dec 2021 19:07:43 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOA7z96ulZdzSDOJNBcfpAY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3D7F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YbeZ-x.qV.BQvM.QozvQXAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOA7z96ulZdzSDOJNBcfpAY&google_cver=1&google_hm=2

43 B
894 B

30ms
29ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOA7z96ulZdzSDOJNBcfpAY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQlL6EARjroISZATAB&v=APEucNXbDp2Xzi883K_8ySgaI94v6wWn06LLunJ7FivARz7nrL_5VZfJgLATzk-mReyhXYcXKTTbI_7zuNc02qbZ7rJuxUHbWN7VgyQMHMaIvcre985scO7pcHDe68S82C5d9x5s7iE7P97BfrXC4JshRXLTx3rBlB3TpWVOU9V6aPAVq8LM1qs
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 13 Dec 2021 19:07:43 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOA7z96ulZdzSDOJNBcfpAY&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3D7F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFglTXMH3SwfrBPr_N3sA_E&google_cver=1

43 B
1006 B

30ms
17ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFglTXMH3SwfrBPr_N3sA_E&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQlL6EARjroISZATAB&v=APEucNXbDp2Xzi883K_8ySgaI94v6wWn06LLunJ7FivARz7nrL_5VZfJgLATzk-mReyhXYcXKTTbI_7zuNc02qbZ7rJuxUHbWN7VgyQMHMaIvcre985scO7pcHDe68S82C5d9x5s7iE7P97BfrXC4JshRXLTx3rBlB3TpWVOU9V6aPAVq8LM1qs

Protocol

HTTP/1.1

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:43 GMT
X-Proxy-Origin: 185.232.23.180; 185.232.23.180; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8aadf9ad-78bc-4d7a-87f9-06dec031a706
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFglTXMH3SwfrBPr_N3sA_E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D7F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ3NDM3ODE2ODA1NzI3NjM2Ng%3D%3D

170 B
188 B

19ms
19ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ3NDM3ODE2ODA1NzI3NjM2Ng%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:43 GMT
X-Proxy-Origin: 185.232.23.180; 185.232.23.180; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9d2a28d9-5c15-49a8-b871-ce5d4be976de
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ3NDM3ODE2ODA1NzI3NjM2Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame D8AE 106 KB
38 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/
Origin: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70171
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 23:38:12 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame D8AE 8 KB
3 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D6NVNLITia5UP7EiC3C8kRsVwY_WDmSeGnyDoAJPvPHpbrCJkPHY91FhOqroGJdidiA7AhK6KYpSA3uPuZcAmEBl3jYibZC3PR_wvn4CcjWfQzJkNTPezdMnqb9I1-57-ijpsz9CyaKBuWor79nEYEHj6UOA&dbm_d=AKAmf-ClBBXj2oGV2dF58iFma1mf6nHWFLWdmiAMLh8yu_YodjE0AAnFutuNf6LJ7guIXOBPl4qI9z61gfS1cph9WMeT9C9LXjGVp3lJfzUnWb5EK7Iy0Ulyi97DwYzMbjuk2--NkQgKbW15yDsI7SIwwsdoCsXcDJSN8md_5BMv-g9GLfDIbxd5MjQlZ2pHQlxsxWVaLVUWd4zGWfYb6Mjcti4q18ozwv3rXHf1a0RUtc2XcURDlSNgHLDOGZEDAHcX4TvMEsNSRP-3YFOzWgNTiYFTQO1KisV9GbGQYhHA8v4A3KON3p-n1HkwXa9RIq_hNIHpwOyL_QQaq-D_W7gWLzrT_gE3aLtNMIJVX2kx5P1mwwjBLOKKpQBO59mvn2rQ8R8vnUPKbZdAFnR9SzbBeDil92jibVhxvFt9sJ0Rwny84GYN_82SwRC8ElwgFp5NFOGpxE2ueSSOafKRxsPQwGxMrA1pqDw3q5A6pZBGr1yM1rt4hI8pzYmQArPTJBObxGCqa8sPft7xlTz4roy3rnmgWzB8tLUI6Q3b_JAhaEjmZZxlklITQggka2RYorr9yKF7Llxha8nluwvAYaYOx5PcsqlJO8RQeq23lPXquCTkjNq0VAtj6RCyG07hMxWlxLp5o8-YmesW8OpKfEwnFdAlLA1d0e37jr4zRKEURFunH8C7dqv35in2vSike7TfBONfEhBNV7jOhVbe3q3E1PKs1dPlOjc_8a6MEeyBtc91B9vfwKeuOzZidG2iyER6CM-V45BIPBfp_8T1rd-3LO8McBEX4F5dPu9fvbYAHonkkl2_KxHM1qLqdirdtoRS579jq9ymx91U6WRE2Hs2RvyP-DU_-RTI18C7mOpw3DNZ53aBM25mxRZSF757bze5udatcaUTwephNAuJfCw0L5Ysh6S4GCQeoU-Fk1gCZShBZh6XNKz22Ze8GOicIN6L-4-U1l7KJaj6244smU2UMRprSQYdX48t8q4j5SvcTXrFrOPAZXQKFgb32vqzvTdsZhAEcawDJhTjplfOkm512MEymlRBYZgbMo1Sg_7YM7Pq_HLZlb0V8oFpz1f4YHnYZNXoTP4z7UyK_p0OyxsP5Q56zGkVXpNxVEXwzW23n9Xt7WM9GQF8QK5PmM9wXDhYtqkoC9mF8sjqVOF4J6AycJfscWA6am3sStE7qRxVhFHERqjYabZmsyII2VYLdM7TFacnB8Gtv_1ioBxJxJqCgW67hZsZvI7YdlGG_0dn00iHWURApJ0fah4st0-mKvJCfXCi7jId9E42M2YWGPU9vjECgaCDTrpjV-xYZGLgOFw-XOBh6pQVu6BuuVZHaj00IuS7fIaRGeP8miQy_aEZNsc49ulaWcGfih-ABkQOubD9JNaibcXoEPODpQXTu7ncaR1RtYbh6DVo6LM9rGo1jdytP2bOg_MASSVTyMdFg-7BbG_rhmGZqzcAj0W6zmiVTwWxoRxglmn-OMhBTC_WCDvrddYHwB_vjhLoB5ps3rTli8qiXazwnQllEim7t8su64QT0QxZWhG00uo0AWEQGi-9O-QVPfpQxmdPaqU1eaiT-Y1MudjoT7Q89kBv5qa2w6YrAzSzUfRSi4DmBzLDkcSLxq552dUGI3NtO_sZr-N2fsQUywgQ1RqJ96uLjQ9YSzFsIzRsqXVK-ZHfDCMPdjCsnb6aTeahY6WonCo8t0xkXNP5T2LnlBY0mDIvlGWL2CQoPPZjjo_SK_IkOJ6kxtESX4zZiunvzpICspLhb3qe-DkQRslAquj6Yq9l5brGcKvxE7XCx29vWqlxlp7c2DWd2MOfmHjRl2HhTvitZb9JeksNOllKjOLByM0aao2t7OAsT24jr57Prrx0omA7hqE33xDu3nl2mvsVK8ro4s7ld0KHrx5uL5joccUSTwa16kDaFiidxXAz_gzi3c0xMY-LqQAcJ4_bprskdy-hszUpvSkolOoFhJqYcF2jMPZGcU1yta1HU7IJruw4qW3gNTaWco1LGp88LYH5nY0aGetmjhBTJCF13KUM-Kbe9MvtGumWGqSBN5ofxKugMM_jrDs8AIKnxshnQncEcKWDAZc3Dtv_8Oi1q40IW6srFOrUO9LzX_EWmcdd8EIa1_FHKduLcA0IYyBOoBKal6iNETTHwnD5OEd-01UbJdGZ3Xz52IUiwChc2ML8X6bafDWrL6kblwJ0m6qjTHWzDEYKl596rmPl2njlk1M2m5nAm2y5eEWvqD1v7TZX422dnGhsMQtdl5hvEeYRh4mzcEdSilqws3P1SgRtbBK-u5S2fYNrPuFBpp8K2N7RHIwZ8ilDmGwJvx-_ENO9QGRmJ1DmlQVbgYVgAwe4ov1fre1W_ZTam_N-DNsXqd_bzaFaZu9d9-n5qWqhO5ug8JYbjZf57dt8-jdK5s-lI72R7V0Tulq-Qbz3RFiJzYiiLnqV0lWt9zcUY9Er9dUmbNNxFtaITB4nTABVWRnN3wQcMnNvNv3FLklhl-2bHv89rY8IxQihd--e2GYmUe2XxzY6z65afdDuh-xSo5uXujJTlB3tSiI8tD7iUV7YvW5tRAgI0AbG_i2jDA1JftPxptiS1Byx3uER0dFliJJtYbHb-gzvLJYGw9Ddf49MMJ-19gYrm-GyPS6qfoqsARFo-AHnPy1w-zZ4DayWLH7n4aNoDnDQYy6WaE1AJEeVTqyXA0ugHGjOqdr0UOSnAT90sYXC3fHq31gDozufzhDV9WtK6-kPfDW5HYjHmDrlDd-x-HK6hE5GFZSlVxg-a6Y5VY4_cdwLTqj8Ja7TT6h1rUxh2EOea6oXbktO3nZZJsexzHrPTB-9MZU6pq8I2__bjEdHwwBMN-I70SmrRyRUjRA-nYPzw2x0I2guaUBz4jCaCEX6TwzcSppHllrBnEiay3k2UojfOA4z9z8BlFmx-6e_zEr610q0WnT6Y2DJiSBqHxQy1_d9eqX64bjpGoRuZ0t2hGdlYbW9VUh-Zn3ZxfaEGKQz1_zziT0zwFmMm-D0G93cEWUZM366wLdheJ1g5BEtPbVg3_cBNlPVzsKteMIAYV1wp9hExyFZWkuk8gNt9I47fTt2eX_0ur_90djyHzhHiZjAtEfxE3uulmnfbDjPHo7hExMDQeOvLZu4GyAE7xqTKFpFr66-z8ujejeu-2xs_6rCjc1qprsG-Z9-TsPvu7qJhrK_ssJFlFuOQidzHbxHyDXfFKcAv1nYiJG6_snj5J3eAbvDMADVXKqCncCHaH6GuPY9ESXRornFsXkygjFTJdWFqe1-ZomMfqsM_msWMFjjsbtWOXXrRYwKi1VsoBdpQXZW9nUzLlaK7XJfFs9PvrHGTe-NcQDZvMV8ThvVpxoqzZY56uXPkEifaPqbKAmh1fJsHc1cT2wA&cid=CAASEuRo5tFCDqP_rUme8MXxQ2kCpg&rfl=1%2Chttps%253A%252F%252Fwww.sunnewsonline.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 19:06:37 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame D8AE 24 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 19:06:39 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 99ms
98ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Dec 2021 19:07:43 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
10ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=6&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=m3u8_fail&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=888963597

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75979
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
10ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=7&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=replay&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1039581458

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75979
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 16388516019461aee4118882a.png
vhs.vdo.ai/uploads/thumbnails/ 86 KB
86 KB 377ms
34ms Image
image/png 51.77.119.11
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vhs.vdo.ai/uploads/thumbnails/16388516019461aee4118882a.png
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.77.119.11 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31094366.ip-51-77-119.eu
Software: nginx/1.12.2 /
Resource Hash: a57fd4180e4e71f5df4ef7cce909eaf91c363ac25866f5a41590a016ce704cee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 19:07:43 GMT
Last-Modified: Tue, 07 Dec 2021 04:33:22 GMT
Server: nginx/1.12.2
ETag: "61aee412-156b6"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87734

GET
H3 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame E99B 169 KB
59 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:38:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70144
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 23:38:39 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame E99B 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BaUR5pkaAzTZ5S4yX0bQ6MPDXdhlr2VTvpJUwpb3yyZhZ-07U8xcUmgCg9tbpZrRFB_HyOoo5R-yktTe9N9XtcgGG1EiToXcObnNCkZellyZEBFotswtmC19d0j-_nOaFV2f0fw9PT7g0HGwtPiHYJD9VA_g&dbm_d=AKAmf-C4zVP1CUkLVuxSihaqcfsvgrRWW8l2UcYPvaGtucCCuAikl_tWK0co9GCCUl4AUDdPe1-RgsuDYwxg9GEW6c5XamTlbpvVdhAt2F-47A6vEVsRplBWUnV0fFqntgSXw6q1ntvXJNHsIcheaAfycfrcNg38yzRu0jxrxGVRfdDHMxw_Bp72yqhPFIdrxr1-69WuzF1HkKkSeylSdr0FkOgBWL84Z79RayEl8_ngw0xkfJSjvilo6YB6zRW9TBYHnbP0Z5fU3kEfLVgCTzoP4ijit7nWEz3JJs0SDIm4q7l6d3KOisHuMsfTsSrE9_GioiK9dSL-sB7nA5RkYhU7zWW5iY6cOyTROuaQkQcu1d0ylPJA5Mdr_nWUqTZANqXeL79Qpoyhz5ADtrodZv6vvBO0bAHGIgl6tZ5aw5zaMk8WM4_An2Kjpbt5Zpw60mgFd14LYRWXTUPED2Bie6oDDXxiXr0JIOE1OvGE8zRRZN7A3OcJapF9iMoxNK53_eQqs7gyYjQa_aAJfePPNd9h8afp9ZcCtq0sMgh1-B7BN3PYxl4T1RtM5CHUB6xTXLNSKFFR_5WJ2VTuGVgd1Rf07pkBy_iUgFt_ZN3k4J1bRmxmGYy23yUpzQAtwXVXo6MNdDYhhkmJ25B-j_SqdMOgfK5Ior2q0loiwSrXWxohtd2mv373RG1Tn2ucfX1hRbbzXVz0l_CL-EyeKMkMQ392mdlAunsMHGUpsBE-UopqrN6SvQPgwqndkIrSlt6qLWm7joJk0-ZWYzgMnx9oOobX1M0Qhm7meTJtFEHr1WesOUy36zlm2OWElYz1pka-ubhY739G2Yvg-GwQ-i-RgX_ak3vx7lv6DfnlZX2TEHwksANVHjORoDjTUQPOHdOvJKsdF7GHIRmO49NVJ92uXADT4U9_ZO5Jj-51jsjms7fQtJL6IK1Ak1iNQPYA8TA2sZn2-5wfk7pddDWx7hoPCbUfxVvx79sDcegexhomiwcNOkCjjh5xxaVu7z_0F2ICJJymmOjVAI8g5DNfcMJCYyGZTEZOaTW39prGIJoXGeDjCjp_ZDVDUQUKoCBrGa11-Bs9KD39tgO3pU-yis1m0iDRjnl0Cj-H-NBhK5gXht2e_dn-tVcwqJsgWhR8hxL8AkYH1GAmQgeiZSAH2v3tvXkuFma3MJCnym0p4WijVJbY46rnGpCxNSHLBwhuzysiIv8FEK5Mubp35ld1utJqAETExS4eqEKsGREwrucJWc-gShiVfaJ76OcA-G_tHw4dSVfACyiTuA-iOLWg2oUdhql-UQ4galBSSRx8hTV_wiZwqGZ3gsEYzkpU6vSrnuVXqdhRISGLV4QMzDGWXD04CalMo58zC-p607iUAz73pE8xfrI04GvXZrQ9autDXZ7nbV9Alqh07WQDBNtavZWQcG7-klWFDKIjvN4KJOVp7y3FVDdaQvw1FK6PSpeA7GvUkUdZ6OeVI3SIlTVCbGcWyiVpQALrgGh_ohW-e9Ii-uTsoEl8ySzfuNYxe4IfoovZ3_KA6WDREV8JAT-v7hrwa1EvBOSHrkbSJ5HbUc030FpIZAnpKZnWKXcEKJqFlUE3cEBn4nnk5CtYNoBy9Hwu2vnWba4K4X5oMnNgydiIoV14EgIBGu6cfD6s9Yn9zKoi4tzJatG2V-vM5i5M_Wh6umPE8fsH-JJMHICafYhsCMKfIQ_INI3MSMMphjV-9o0c6fmWzIbbbcRCJ4Ue9MOsY3sLeVDsWNzGfZiZxn49mAPKuBSzgfYJ9fKzByIy-CyKRGZwUHzTwNbPKsARHeX_RtSZBCIUld4rtwGLbpll4T4R2_zX4i9UPtWN_QB2LpNnYnhM6qczhKOaEa1uEPE3TqahkH99MlUsjzHE77JgM0SMdP6T7geYDAa051pC0J9kvsYjnpIq2qwWYTrte-B8TmaC0SSCBaTpWyuLeKF4z8UKomHdO9pZgi4t0d6ZBZr0Ls_ogFIf9EqpDMn7S3PbmJrw45U39mXe1DoC3c1r5gMY7F5eYcdb5ZDhCENwRyx0hsKutcRshvc1YovC4AaLORaRs8GvMxqf0QHfyPmPLcFVRQwZJFWLvGXFwO_2EWt23mO6i5EV7E49B-5PVChNIHs_gxiAE4hw48cGtk15phB5ceRn57oHKBTBItF_0ycuHovaQMuabeup8e3vMG2oB0aCLTGRJuc6tVqaWjLhuzwBCTNbYq4VsX_2vQ7uKH78dulMmgvIA73_iE7SsJil_caPcaKXDcGGpOvM9gvoDm53I1i4R9tbn2EqKCslT3SnBUm4xu-vm-uSFTiBj_UrJm2LPSR1qhq8GKFXcrKduuSNCXWikMYe-9Co-cUnlHNM9G5p3pvuPVBiQK8XS0sNoLuvhIrJzD9MAwinH915REpPenbbG__iuk2x_PPMlCpmgBBb795qWWlKpkfK9xd8v14JdEQXmli6DlX44mmRTRPgTBeWKyyVfIqvv4fAWHIKOAbN_-hk3LLmWx0NoHSamcU23sno93wE0yALDOEflfxzMqaG7W78Pdf0rAKZZ_QBTYUMs4UPXTdfoTU_K3uu0nOmK262Lh0bAdUbztGv2nVJT07UUkk7YX5yfW9uGCtKk81CmhNsaKD7IYgfQiVfevoy0MkeDhb1U_400zTE2m1KkWZBJjGY0vU5bTBfdFboE6pg41qxTc6BRUdL5GJRjHuSmz-SLYPcIsYayeGp39fIcfKNcjeWbvjJtSb-4EC5xLD4SKbc-heNQmsAXU_IjzNveCgFxz8EXWJYOvPfzFb-tpgaQRij2xWtCtgMWRdQD9DwLSD90fr_KC2T4sFQxar6dVClvW1F2gGWGMufOwLDYs1HD32cUsc8KCD1UmmoHRjti2S-E_gY3QRy4hNcs4vwzNKQE7cexk1wsfgqRjoSXGrIBMRFI8MmtHm7DwlKZqJJk4UOZI3D9bbr_fZI5AYzZZZkRh_fvXjlFtgfdXZtN68xPlvB74ahWrB7xfDbJdtffj73y-rAnFMmBPezrDrhs0-4uYQO3Yc3pyFpbnDF8Qsc3hdFWTOzTxQIyw1zG0fLrMX_vctjYITlqCdYyD5248xlLIBVvOR8tND4IoWkUVoSW08FvjGPAkwMTl2dBmopKWCGg2uv&cid=CAASEuRo4yNFykv5bUEk7ilrFYg1uA&rfl=1%2Chttps%253A%252F%252Fwww.sunnewsonline.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 19:06:37 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame E99B 24 KB
9 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 19:06:39 GMT

GET
DATA 200
OK truncated
/ Frame C0D2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 064e3b6316d70280aa108cc9e48e78e1a50ca5542f84de69077800dc6bc0b065

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4F5A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74ab92dc46f44488e8d778df80a76886d5d1cb874071097414b37db078cf25cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4F5A 0
0 58ms
43ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukVskgTC8Fuo1i63uRGXns9_Oe2TCkaGQRy5zezE7pxMS3DiXWjtwh-SVNF6EnrCsPI0NTPpDku9ezmli-gI6WZab3Cllom8vyB_Xf4wHNTREb13bom5Bg0oELycQtakDPc0-pq8a5H9McGtShCzEtHTjWxxRznbjMfcAasnm2jY_aQqfOV614yqNVkT2vjHusQfqSPtMU7XjyoSvIM1QXh7KtmEEReUjT6mB3T4NprVrZFnFIr0fZOQGedWzim4dW4sE43UHzGBAx69pvQDJzMksEb-iNUxrp-bshGUduHCuCioCA_c5dz9NfHRvT03AVnykrFJuvlK15CA&sig=Cg0ArKJSzFoeunyU1SWKEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 13 Dec 2021 19:07:43 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
91ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:43 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

POST
H2 200 t Show response
t.lkqd.net/ Frame ADFE 0
168 B 140ms
140ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:43 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame A647 152 KB
36 KB 63ms
63ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C43459431986928572441021382728%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:43 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame C0D2 21 KB
21 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 10:56:24 GMT
x-content-type-options: nosniff
age: 547879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 10:56:24 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame C0D2 21 KB
21 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 20:07:29 GMT
x-content-type-options: nosniff
age: 514814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 20:07:29 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 8E3D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBvoa9isksice5iFsG0qBXw&google_cver=1

43 B
61 B

31ms
21ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBvoa9isksice5iFsG0qBXw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNVo4Yifkwbja9fcEjGMIyvtGsA7M7y_RQbI2BQTzxIRd4XIyWx4pnNR21Qivrxdcon5iviFbhyKaIbz-IQJEdClmgOsVND3uyFS5kydhioAP0TxELhiJnCDVhBuMnIQgXEMH0vD3KNfneNAIXFjBhdgDioEQ3qnXb5TQUQMDrZEEn2m-5E
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
via: 1.1 google
server: OXGW/16.221.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBvoa9isksice5iFsG0qBXw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 8E3D 43 B
306 B 42ms
17ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNVo4Yifkwbja9fcEjGMIyvtGsA7M7y_RQbI2BQTzxIRd4XIyWx4pnNR21Qivrxdcon5iviFbhyKaIbz-IQJEdClmgOsVND3uyFS5kydhioAP0TxELhiJnCDVhBuMnIQgXEMH0vD3KNfneNAIXFjBhdgDioEQ3qnXb5TQUQMDrZEEn2m-5E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 8E3D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEJBTJgS7vT2SpzuKKgfiXkE&google_cver=1

23 B
172 B

57ms
55ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEJBTJgS7vT2SpzuKKgfiXkE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNVo4Yifkwbja9fcEjGMIyvtGsA7M7y_RQbI2BQTzxIRd4XIyWx4pnNR21Qivrxdcon5iviFbhyKaIbz-IQJEdClmgOsVND3uyFS5kydhioAP0TxELhiJnCDVhBuMnIQgXEMH0vD3KNfneNAIXFjBhdgDioEQ3qnXb5TQUQMDrZEEn2m-5E
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 13 Dec 2021 19:07:43 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEJBTJgS7vT2SpzuKKgfiXkE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 8E3D 23 B
172 B 153ms
58ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNVo4Yifkwbja9fcEjGMIyvtGsA7M7y_RQbI2BQTzxIRd4XIyWx4pnNR21Qivrxdcon5iviFbhyKaIbz-IQJEdClmgOsVND3uyFS5kydhioAP0TxELhiJnCDVhBuMnIQgXEMH0vD3KNfneNAIXFjBhdgDioEQ3qnXb5TQUQMDrZEEn2m-5E
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 13 Dec 2021 19:07:43 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

OPTIONS 16388516019461aee4118882a.m3u8
s.vdo.ai/uploads/videos/ Frame 0
0

GET 16388516019461aee4118882a.m3u8
s.vdo.ai/uploads/videos/ 0
0

GET
DATA 200
OK truncated
/ Frame DE1F 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7dbd4a51eaa3c1cd59c2ffe2bfbeabbd15a4b93464adde0bf10d58cd90d371ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 t Show response
t.lkqd.net/ Frame ADFE 0
168 B 103ms
98ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:43 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 102ms
102ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:43 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 342C 499 B
334 B 19ms
18ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNW3p4XI22l-8mtsPUHwCq2aQoEEZ-JLyYH_35kQjlBvBswcHSasKHFZXF_zg66aq2Q7vH9jYihFZ4vG2ihm4b10-p1X9uCaRGwqD1Oy_iE_pD11wUA8v5Va3702RTiSqm8uRDrz8Un-0cXi_WLK2S6IDbp7HxgD9ZIzw-4TMKbmv7DRONo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=2252910165&adk=2627293903&adf=3013028438&pi=t.ma~as.2252910165&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460717&bpp=1&bdt=555&idt=303&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D395cd4a97f3f9c50-22cf25c406cd0005%3AT%3D1639422460%3ART%3D1639422460%3AS%3DALNI_MZPEqm6qy4YQqZtpUlrr9mWUp64vA&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90%2C660x280&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=8xZzxVGw8u&p=https%3A//www.sunnewsonline.com&dtd=309

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=2252910165&adk=2627293903&adf=3013028438&pi=t.ma~as.2252910165&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460717&bpp=1&bdt=555&idt=303&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D395cd4a97f3f9c50-22cf25c406cd0005%3AT%3D1639422460%3ART%3D1639422460%3AS%3DALNI_MZPEqm6qy4YQqZtpUlrr9mWUp64vA&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90%2C660x280&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=8xZzxVGw8u&p=https%3A//www.sunnewsonline.com&dtd=309

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 13 Dec 2021 19:07:43 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1729 72 KB
30 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CoYTLP5fXX3Jzsl2DOGbOZLv8WqZJb4SeqXwpjBeGIbjUKCUdPJi3TMu8KxOzKg2jJlnBsfkZAber3TDmDTZuNJhvvtPpnYj_L2Le6EbtJbaO3aW8FmeWa2l2D0pJ13hm_i906-EOnwbBbzr9i-4BQnZrlug&dbm_d=AKAmf-DDtt1S1_k3poIk1ut0WEWth-8OW8vvmkXw3aGPRhzidIX8jxvhphilNAEl53ndI6u9pgUd1IZFyf-cYCSAKrwpug302foOSPMkYPTS1X8njAUukvrZ5Mc_gbgpKAGT5c88m7Ui_HLX-0wWX3L1AIlX-Xfw2xK_EiIrlLPQhwj6hylVp2L8yhWIH-RQU3bVmaVeoS7836DeWlCiDkqVBpy6fBfx1-b4Art2lfcmotwkLfLCkJBc3OF8EeLks1aKjoqVbkxQAWe774X7jKxiWyxMfon5FhuBzNpGs3179i3a8o9QjccxBsU61NN-BjJp4MesBO9NYaT-cP5ifZuqRw12Bn9-k0sjYXyofrQ-ab-j4qJ-BPMBFzrNGxeNfwAdbT6G67gpGsHawe4dzt6imtqZpcr3wR65ILRUFnCGYJQ_2Fo271RBNbZI-7lp6DFdyEQQmRqkUT2CaophCp9IpDpZlH2SU_g87b-f2aZ5s2gCp4i3dy-3aGYcFGZU1MCUijOuIHnesLTRMzHpYfXVjVW6mUwTZSFr7sucVuY87xS2zgcGq7JN4VIITr7ygZhxarYgacQj6g73rDcU4sk6SUO51-ta47glPr4_NhzvLQ_s56V3XaLYxWW7mPmelyIw7K6Nk28HNg0mTcdf-1S6hQB1r8uph6d6vcpv1_rMowIIfHT5exWH8O-z61TZTE9zPCrdQ_LOhQm33jfQieAi2X8zT0PBou40Ebiy_bTUyd-04UufnmmtgWQ91zYR62e_9LKhBovI9TPJ1sCAVSfFQu1gklPsZQgoazsLSIl_dlLB44kekdq1orCH7zLIUZEdgoVSD3yS8UdxwdnQuglcyF-EJhS73qpN3rJu7uvXhXGt0b2axDNmOrQsw4qG_z1WjXyZhsqdiFfRSbhOK671U1qnqtRuHqoTVdmJ5VJCdliEqD5WSa79ZKFpeaEffH9QCu_W_L4NEZPfrTQKJMcLdJTCKRDQW22uJN-1_XkWGDG0KgXWZG7bT-ZEACpLyxjoAf_p7-nUTdWLR9aBe60U-RigfsLZBw4VJP96EMfBInF640g3iZ_sjPQTTJvzYdNN8IBo3q4LOWXNwxF6YdN05EYRA6vUZpgb2ciXrmDBgbdo3JhmiQZiVEFjRPpd6gfekPMZDEXkLB-jUxRmUlmsmcy3OcGK8BdQxTRc4EcfyV6Ap_Cr9-1Vx8vBan2hSBUa34MW4-gUlgh9EsvOB31iYYRQONo2iiUAfh8mTddGZArdidV-M1uhXk2cuRtErJ_ZyDyDGR3Re-QM6mVk_lZUcRbpXoMuJUt9JsVYyBKYYFasXdYh3qZo0qNTPl-WOSXngV_yp5lnAl3pZZP8qQCOgnAxyNFVzV1ha4zMnBsbDTWbPrJGUnsi1qPLTylqaiOfAOTPWJa1EQPsqzVUqgAVTRiAKhDj6Ckb47V6NBmE3HAMYJXsGKH1sejTJz7FOZzKjk-evD7Y9npFU7t9PRDrXK5yiJZxg2pw42QOQ0QkTsmwY788LV1DPoo-PUeYMXpxSbDzgz79kQvx43-1upvkHHdRtmJdCW3fRJUYjcqDzLkg3TSlr19qXpOPQLsc8rN_PWL1UeunBaBFpdm2SkLOT0GKC0Y1mv1POTukQqxPA-_FpOusVGtN3-kdEqJYjdsuOK_OjA65Hg5MYTIRWBbB3eP7-dNgTf9ygXfk7wJUwZgkCu2j7a1conXHGVgAUvc32PIk2DgOwVW5_N6LSLjVmEXRVgxfaqw1owcuM0ABL6QVdjdBY_1rCDR69VgX7x4UHsTvotxKw_pavTT6JIOZzvZgaz0vcpwQV-G6Yq9udaNhbNJ06M2hxs2IUKzRaZyvqSuj2udfg4KAwJFtX5fh6NCrMdhII1lvEU9OvI4ZR5XZANYBbLiodNY4oUuWVGlBJZO-qMUkssb4ugQ8v4KmxDcx2trTWWoKzV6f22Joq2ExkdNItwGslyFdmcOV4pQPFj4YDxZnWfjIt_7GU3IXdPqefCO7Z3mVqo88nbH2dPWG12DP3J3TudpZB2-8CZC-Y7InwPzpoYW7uTE1Ch-T02fFvpXM7yiqxPIAXfTSThGDUqKbr7RWe_itBURNXTHnsSXoxQlMfMzSymADEHUZ9HEALkANVx8GfCUJM8IiEI1mRjAuDi6aZgG6Eq0-K7ZM80zJWx2q4AhMpLaxv6URzp11J3MM_sbX2attV7fzeY2lKa0biDV2bjY8Bp6WqDZIbSb2qwab02SlpriQL1ZAPLBXe27oV-GO1L9CiGgJOUd6jXrKq0O0oCZjsl-dwiWM6iBEZvgDQyMDAl820vBEEj-LTLvz-xDndlwbiV745H9ctmNCAaRuP0eOeBtcwLqvRqMkfOIOKu9LdR8IU4hudvleDeezAIu8PxbAQG_z2GIl8vv08WPbckBWNpJaP6ObUGwN6Zl4QoEz4hFH6hvHVbpi6za-YIS6QcXoOI7LHa40pk72r3T8m3DHN8XinoQqfiGExQU5XSQWDhD4qP8ojdCJhZdZOJQf9ycT2IED1iCLNvCIZP7OsrnuznVlX7xcpqRgW27PTnxVv6MxpUpcUMwkNu4SyNtevS5oSIQoJ9Ne-jGBlV2Jks8LarKoSNiyVSvm1m-IG8ijTcgrmKG4pegNnILkFLdqqlLfh7ZzUH0I4Oxm9s1XggtXI4aQAhUFo89nfd3Og2sMa0xwo4eSJqWPGPuJRxOtkK7kDhLnB_6YG5MXh38hMyFy9PmM_dgXwIR07zllttH1_ES4hhmA9_tIwGhDMX5336T6ogTEaityNqlAetqP6tSvdxSVl-BD4JrewQkC5u_OniSwnLjXJwUZqGwxsre5-po9qtX_hQhzpf0EL9dOfFUPIzwEKMU9qg36EhZ2FAw3xft7bdgCmgcuVexuVkR5_gPuOFWSLuP18oh49DINbdsAxMxM4RaNmPrDlD0SLnTdnpu2CmX6ZSM-oD6t_mWoEW4VNY2T5fznw6sWkM5HmVp2PDtfonfqrGs5kXSJpEyC0PLBm0-f_XcALeTDM6lmpeCEAWXnilfp5G-LBCeoqtQcZNTXSEJCD4pqM7mmXmCjF1hMFXuNMaHSpwl2s6gDIGzol_AaWy-GUwR6SMkjlAuHgVtGLs5XDzyPIfrs2CTRDiOYrRuOMDXkAlNiJoPHSfwGdzhV3PFfr5WdDJCrwbqNYv_Q0hpncOych3AQUbVIJ2lrdhPDhguUcNRUyQR0XI2R7Qx223TxZz1dmz7iq48lzVYdwv1OoPumn0KN6_NVTj7T3QjUVHiEz6cJVbF1piukX2hTlH3Pm_Euwxt0nUMiUmHG88v23FqzhbxLXw3dV52a_HpMOnDhLJI-Ls3H9q1nlI1Cgf6VDeVZud6SGeziXOLn1ZpCA09Fj7cT21vtQ1mDq2B28-lenjkWTA&cid=CAASEuRofj37fP9XE1F09KZhTMg97Q&rfl=2%2Chttps%253A%252F%252Fwww.sunnewsonline.com%252F%240

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a109f00170ce2ef5fc5b05fb04e6f6a11e7f1e3be8c513f137569f74741a783a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=2252910165&adk=2627293903&adf=3013028438&pi=t.ma~as.2252910165&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460717&bpp=1&bdt=555&idt=303&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D395cd4a97f3f9c50-22cf25c406cd0005%3AT%3D1639422460%3ART%3D1639422460%3AS%3DALNI_MZPEqm6qy4YQqZtpUlrr9mWUp64vA&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90%2C660x280&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=8xZzxVGw8u&p=https%3A//www.sunnewsonline.com&dtd=309
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30565
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1729 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 19:05:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1729 119 KB
36 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 19:07:43 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1729 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 18:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 18:49:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1729 0
0 15ms
14ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTygLSFdCAV24G9ROTK5aeFJiOqCcvxxhgvLy8mFYgNSGta-DY04GpwsOiqjQ4zqWTrn4GZ07HDHwOy7gZo4TtS_i8j7A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=2252910165&adk=2627293903&adf=3013028438&pi=t.ma~as.2252910165&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460717&bpp=1&bdt=555&idt=303&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D395cd4a97f3f9c50-22cf25c406cd0005%3AT%3D1639422460%3ART%3D1639422460%3AS%3DALNI_MZPEqm6qy4YQqZtpUlrr9mWUp64vA&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90%2C660x280&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=8xZzxVGw8u&p=https%3A//www.sunnewsonline.com&dtd=309
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1729 42 B
63 B 39ms
39ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bc_xOK8dwoZdUgWT9B8UVvhb1wIpfBSdBop5crJkIbXiHvgEfm_DE_OX9PahB4oyXd5e8bHH_ROq3G940G6dYAUYqSljkGNZzeqAymb__Ht2S5ba8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5133 499 B
334 B 20ms
20ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNU9EPD08I5rKz046DejlkL10705ARe_KrXNr1V9ElcJyZw6J8yxzMMlEynl1PStsSo86EAtahHJ7ut_QXVx9z3dRsHQiQr54_uYBRgeKjTuoDt2alGn2vqZtySXU24f66CDycUPXjSPNIU2Eq3jtpybGm3IBo_vEWcP5JhHgt1xxIffaNQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=7228661401&adk=2972760969&adf=1413519997&pi=t.ma~as.7228661401&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460775&bpp=2&bdt=613&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3311153261771&frm=20&pv=2&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=1192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=X4T5mPPx2j&p=https%3A//www.sunnewsonline.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=7228661401&adk=2972760969&adf=1413519997&pi=t.ma~as.7228661401&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460775&bpp=2&bdt=613&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3311153261771&frm=20&pv=2&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=1192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=X4T5mPPx2j&p=https%3A//www.sunnewsonline.com&dtd=7

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 13 Dec 2021 19:07:43 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame EEDC 72 KB
30 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dyv52Q7Y3KMnb4baAmwr28rztBtnq1teIwnNGfSuFkEzs6qUgtXnCqo4CiXf8TITPMvaUy6j6QlP8-QeOzaTHqkq9DFSo2L1apyGwhlcvx9V3wO6z5v5E2xsVxWu5KB7c--agfGzkbCbvYX7uyD5gIFBlePw&dbm_d=AKAmf-AhmBy_WyWQOWQMNumEHBQMbIcl84apvuANhCb6uERxenSAB8LVKwFqOhiiqJeBGDMN4M78RLVaueUKZy2AcqEwys2Z98kNvTDoDaruXT4Qo4gvZcjXthzdJ1oPxqmcGMycZR6eCScglmhsjtG3awBtGCuHBd4O3CCSjMK-ThktUZs85EYoEdrpDx0F37pLMC767mmX3owY43XJIYBykQ5KZ_Aqw5lkvVygtvQV5DfFqDakecfJe3_hh3Yr6R-MBzKL-9TiKAY3ML2hkUGmXkXCx7kOHdI7v2xqyKwF2tbcUkSZEMkhN80BXcrf3ZO1CR7fMZZPliZ4YNhicS-JNV7GzwtxH6m2fbPVKfmroc6C9G2Z1UuLHJ5SxARxTHngBNXFHGncjfhBN4OkCdPJIyZ86OnSfr4R6Ogo9yW0ms5bJz-JUhv23gdIC6qbKuVBpIx9PjolVKVI59b6kFmc8BGlyoSgIMaCKRBN5JDb1TKiWfXhxa49xRMm9MwX4h37hqX5pamGrh4y-I1nRolyqgSuazfLE9iAH-I4NOvayjTFBYGs2azYtvUSBJV23MAmjf-_NfVbO1Axil7bZ3Rpm9JLmhpseELABYFh3mGPsyzymDALXEpfo84QeL84e0CBbY42V4kRJWiXGvJUS7F9eZ27oP7OnuFOjOG2Vsyn-b0-s8N9himwx7fHp13PrMqVc-5LwqEQtfTl4iKf4k8AqbyLuMBP3ypy3-lY-J1WBcgc_iDYLnXq84FXxXePKs53XI5VQNTvizJ8fNDkRzC3pFLgIfkez8qPmY202RlkzKVZmHmmG8FUOHKFDuTy_HyzAO9-lH9kNtLG8G4Hjfvtv4JFg99x7LE3T4l2RcQwfxcNFbE69z4iUGwEehZHmVAchGhBnqhhJfb_An8jzwROvdvit98l8_0uA_4oAVHYMpADSbbOtgpowim1F2V1WOCDPXLnkXPufDYboHZlNHCMYl_DS_ZMqVi02jGUUZpL9Ag3B2Dt7C3ASL5P4vSHSGnaVARgbqQJuMdVg9UwRGBmZoy08XkDXhvK0r4zTLYLvQJitQyxTa5ffMyzg7rfqLXW5Br5jq5g5wuJhlcT-Nm-FN-x_gYvID6-UhG290WzLUiWQnnIjrtn7DnmFMlFW5ZzRR-IQUK8EL42r2RnappfyDB5Np64fOAMFUaxITuyFwBp-0Gl7irt3aZ1f04Jyk-nTedVWyQU5n1Zz6V7KQoFQ8YqCc-9piek25VD1kZbBbTLmSSX0B5TftRhI0Y3LatFDIPniQiC1C093-z6dO6z88elT3_R977qvpgCcZRkoeASkP8yCo2VanjG5gXPrOO3PAIQ4zmVRpF6CmSFQMS8yMqZXYxnoSccnBD45ufNf5D1ZBy0o7qBvTOoDGGrGVhAtx8mey0GtR9p-lbbO2NCHQpz9k7JgAegyE_lm-_Nf5PDJtOIwzbopf2jqc5lullBZajODkbPO9dkpOXMUd11FgQtmrIq_ZIKHCII0celM2HS60gR5lhcDi_nQxAU6wdKib3yhGILbJ24DXB4Hn_elECU0xC3PyJARyihImSJk-cu0_JR3YS5OtNuXD7Gv2gidBkbW3ZryRuSRwPRHYI6CQnwDeIJniZAxgkd5T4HRZPZ3eO5WFz0CypSjORhxKZmirM0lMpGjNSgqoyOFq6MA4t-CEtDpOg6AnAz_Uhf5cBPOYCTg86bSr8GFntdERYFAmf59at61NayRKojhgU79XiXdIkqxVvzy6vbLl0ZX5ZpAccF67bSqsXxnNUuLgHnjO3hj5gnHdo7VyoqYaCRId1lICP_Q68E8QOujP9eLdRogXSKE5wLGXFwj8oW0e8GqKIDA4DufEaasSQjyd-INCX3U48Nf6arvBjajktPd1Mi4F8OWuONuT51k-c96I1lj_29DbMaXu3ucKdnooU6gkIRNCNJ1wMdtlVyGEug5j6MQ7iWJh63yIewval11Q9_sbErNHxrohTd-aw7wo0DBLhJWlZKKCaNKIHky8G5-nK9v7aUhw2XiNA8mzQLBKj_KscnaRulbTya8otCugAXgRde2KmNjypOY8DAgGcsq3SqHaaLk7lBZy5ItJmj0E18Pf3ucuqzWu70adi-6tgx-Yyvkc1bUnRJa9ncnLVmEftba5C7vq2pdqCgpfSfOLxD7yphqEC6ZcZRmzIXTJBxYO00BVMOUSCWFLfy8KXY8CY701bExXR4C56qbcuMhoK0cawchFIX3j6NtBsKY9F_4egIPoLqgvRen_flFyD78FzcYCNXi4sbr3aYUiv6U-QinwaZop9SPm57Kki6tqllI7jSXj9ttvVhxRYFO-DjJcnmOKr1i_FBuLJ_nKrrFy0VLn85NJS-LCJ4PWRAr5iwUbxUMavliQJFbQz6YNCInBTqeEqOsEjrrFEozaOPdvoYJ6Zkyv4Y5LLaexG299kB2Hp-9XbW4QAqAe2kJ6xRogKTqwMpw8ubr5rGd9xoTV1ecY-grasM6WSnIXgjUyd6v4g3YDPvCMq22siQWNw4Hg06JBYIuYWfwv5rogNK3NW7MH_jzb1AXgHjiBRYfqDwHf3W--L6hZZkAD8LYxu__SqA1zpn7PPnR6BkmjxjliaJVzqpQxo2K_L8Z5k0FcmHbwNj549l-4Zj80GO63fD7STHC7P-RHhD0UXpIDjXzslkikPkY3GpyE6AqUl6dMbu0DnhAfyHjg4xEbCwRmQOZomcffI8XjluLs5cPOGZSY2e4PbwLNrD2tMJoJYAM7R0m5j142p3xqlGIMZrBuJmivpvReT-wuI3Mw_wFJJwxwu7-cw6thYyZrnLZxEK4-nBzHxWrWISuyBqtwqVfQj0mze_SOwVvLSaWvR7tQV3Jy7uhsKYFX3dKwmmLoQhZTfDNKhcziO05gCqjOLs3SVewyVO17JuecA56GHoZ6GOHvVhbGYcOXGqJRde_eLshYEAOx-wBfozZiBdTELZFHFbFB3z_OpF85GSESINjz8ttNflZuaE0fmTz0u0866enFOm3Sik-KlwVw_R_v14cbD9mR-Iv1RsZmBJhUYF3hOjnH20a_Acj15kHCSqN9utfndYv8DBTTmcYhT6BJFW72Crppn-oY4IDChyetDzGpdk-2j5OX6D3pufeuYVH8X4xcRaUyrsMfJwVjNrLnkZqvIY8BV4CjgiCdSSMFsQT3oGiCLgt8TA2QIHcekjE1UpMxrF6pNQILxhxiJarCDKt13p6NdIhdgEj7VC6Fg_jRULnwpcfVB_4Y7bDF33iTCIebWIDF_2HhZwP2bbOQ90Td-EmVTTXEKhHktWGCSdIHDzzL-qhp8vli3AcFI6tEaLD6DglpHvtdmBuNH7A3j12I_d8U-xnTKs6ySubanMXtWIUfOByTcsPIjbsS57f8d2tb-tDpdD_IQQsQg_U_mWsBEpBTawKg-3-IQ&cid=CAASEuRoESlZIGkON8iaNQCWWPFshw&rfl=2%2Chttps%253A%252F%252Fwww.sunnewsonline.com%252F%240

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

604b9516de6269a392ee157e8146c79d44428608fb3607d6bb1e659812ecc8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=7228661401&adk=2972760969&adf=1413519997&pi=t.ma~as.7228661401&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460775&bpp=2&bdt=613&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3311153261771&frm=20&pv=2&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=1192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=X4T5mPPx2j&p=https%3A//www.sunnewsonline.com&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30616
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame EEDC 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 19:05:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EEDC 119 KB
36 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 19:07:43 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame EEDC 15 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 18:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 18:49:47 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EEDC 42 B
63 B 42ms
42ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D50MsF6VogBfT0P7z7SKFk5DMW7pSc3rTziw4jzwMBaJkCbFaLjqHKk0QnVe_6wgtmgqM3ERsSLUhVH8MffESSLSPEkbQwsSAIwPi2wIo0CBfz2d0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B7D5 499 B
334 B 27ms
26ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNWn_5jSzqJsXxp-BQtfzZqvK1VWl7w2n68FJ9f4Fhcwk4PiBDD4Eczda34MisXpUfmQLBRR_-V8jxJfapSyIbzl6c6UsLlWy_f7RD4d4jzfoEKUs8qUnKaXNIhzyRcWQ-2kUFQX7cZdc_AmHZ_gdqkKcfzmpq3iGH7kcI_rZXEHijc2QxM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=8187176395&adk=1961058974&adf=4137666700&pi=t.ma~as.8187176395&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460787&bpp=1&bdt=624&idt=1&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=1539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=1&fsb=1&xpc=K9rwXAImFL&p=https%3A//www.sunnewsonline.com&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=8187176395&adk=1961058974&adf=4137666700&pi=t.ma~as.8187176395&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460787&bpp=1&bdt=624&idt=1&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=1539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=1&fsb=1&xpc=K9rwXAImFL&p=https%3A//www.sunnewsonline.com&dtd=13

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 13 Dec 2021 19:07:43 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A6EA 72 KB
30 KB 70ms
68ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Awx9P-QbvEXavVQZkfXvflLum23yPd_9KBiY8UgrqXQ01wTPZu7flBLcIoUzpVVWttMoVyLH8Bf4kBx2prvYEqx5V6ucOevtMc-NeqTKl4NEkCAzebV4iRV-HZ3ka9Duo0kyf6hpu3dwzQKdRs8M3mIGKWsA&dbm_d=AKAmf-CSPqn5F5sVHhLJGu0JT-2MhbCQfMxqBGx_w7XUOs5AF_0YwBUL9AxP-aai1WYAGzqG5_g4rbhQQmDH8cuwhN2BkvMCHXifgECtdnVkCDUr6FAxPJk9_c2WMF7T-8txqnbW4PacIRYU-E02fvU79Gj5ATGgrRcqKjBkj4Mw4dU3vqiHxW-gftwSSgy4IgP-eDlB5mC29gjPKItiLGgSZHJockE9clNDonCvFqgb82B7lOseYvWT7SPJ9pEgXebaxW4m3t_40JqSbhek-PYb5lkwjvKHJFpA4iIGv0LzmkmCXVMSTKQMgvXd05etXTo8eU6mCh0mi5jn_tGcLI5Foz1sUBMcrPpwd6CSUMnQmq7fvw2pTfpMkwZor_DcJ5rrBf9S88QWv_-h8gkc7OCGHR7P_xu96kDJlEy9fMGT2oehy96ezRt6Yyg8huZ9qdQKcXq3JgSoml59S-xitU1S7XW71VSFglCkpP7nWmdUc0pyxhqZQD9L9tkIAg6d9zpTLV1aIMr3QhATs_fVE9cVkxMCx1xsS0SsLeRDrrhNYSjPPFKY06G2cr-6a44-6BqRQEptLORQFdZwJXpwJrnLSXBLTQRkIU2xKVG9p9sUlV7FV0XQeSVvlcjBoZYSKdk0VHDkmnb84DRo50o_M9sEImM9Q32qBHC63xH8feDcpy2y8trYgVeIlDfy9fQ0Bxq9I0AV_NJv4_-nIiqNLdxCuAuRGA9G6UGENMvtYzcZs7Xi4W-BTgI3kbjH8d7iH_GnKoyRoRyq3GZJwIoWn9Xh9FmzgR_OrAFq3dHoZ4N5CYy84V3JObOWWhkjHBTwI_WYrB53wExa3CsQrMZdhxWWeHg0jZs06JFWfC5T8W-oRZc_u0uc1shEUIGXHitNXnnboK_FvHiod6QH3GfgF_DNJ72OcosE82t4XVuV6-JUKpZWRSX3j6ElGG5QK7xj2zo8_tD2rxtIqwd5pmZAhN7HCIvqhXT-fWjl1A4QCXB5yagaOKos_HalZ4kSLQjjAYu4eSXbqtUlTZdE5rStNTG3Dyo0-olV1hhQCI2q6KyU9e9yjbNbAstcmmt675asQw31WCvL0xoRT7DEqDdjtcc3nkMLFYZAQxR2vd51QDRhCkwmo71W7sHSZQxPU8ER_NI0xhE10KheLjFIqUDTmXKIj4TBML8TyFiHTHsPmF-olektZz4CJbsGSxdxL4ezSTv8hfcfX3ozmg-JQ_T6dNfrciNdTsAv3eBKnLjwjugXSF0V55j6xXSWvYrSPiRGAUcJSUMEhq9QWL0Lz-0TTBy6N7zguJbQmTPOgCYD8tezA7S4fGiZ9bGGroE4b14gaHTWc3frWlk1LkWqENqa3QN0fA6fWeaHnYiQruXYVb6j4cBKQ3ar2tVzh4CwJBV7TC0inm-ghRF-R2SQw9uWmYsnsNT4hDpc0iQzSSaNp_HPAQjVlfXq32yG8Mh6UrzqSgUrgdCASVyyr_EGrGLckHoYTuWFLKCxz6-6f1hN7-ell6jEoMDTT9BTp7_F5F1X557038TbmLn3DEAizABID1_bEcHypJgkYJoWiuX6LdNA5B8Mp27nhDK_0lU54QEfb5oa5b8qSkVnq-nHmmf11dineIFvXelxNQzFKCifk12Cvvap1EE8eyYgp_XHOnI9FInEC2hZGiLQaQAu8qKvydDKKxlzUJvSVVy1nJUC34Hbw22_2ZjripfVkjcUFydX26HL8P-7p49di9kzboc3FtWqwgXXg9H0RbtU-8DW3xDfQVExC7D39Epy8telqR_jkfpcg9hh_81-Yf1-hwlcBAjXz-puIiQGzWSLjKhBB1hBE6rGnvMtw5nCbquUI87TmbU-1cxMsyH6Twd5TXL4P_UDt4NVDsMJLa2jw5dq33h7fpMD2LN5qh_VLq2GwxUCstLo0zvYzgaJ5t2d0E1HeGwfvPvDAMxa59zjei9TKK4kiUtUewJnCDYsAr8s0Unj-KtjhRsglwjJ_q_gwccmNWyQU38Vd71u76I-N_wKVIckrfbOHI5VHcLjJLzTHJc3oaSOMYLI3h2qOurrPQiW9-p9r2jFg7HRNap-0n4TfJfB3c-0w4UJ7OEvfWN3CgAW7y_K5E1MOAaYOFpjJwMP8Rsn_dv6SQGCrtpgkPUk-I69jVGFW3PYqYgoQdPY6eBgLUbY2L4BrF8M8qT50qnE89t_qlkGqyeLlLJXeFJl5CiBdOi1eSwv1D4ymNc3S7iK2hu3vVIurQ1mQduJfJn0CrzIvsVy7-TCRuKRdWtyjCc6ialypf1aNy0sNENctR2rlA9Rq-9DLK7ecKnzcaKTLq7v59qx2GSzy7dTXu5IQs3GqEzM9c2yZzoBmZ0BtyWepIT5tP1PrRxq0Ce_KTiB-ZeDyGZIlitQURdBPsN_sWrChZm3WsNDVeO9Bm4zwuXg6AWc9ATfC4WVg-7TydmBmxelue_7JX2PPx-NOW0Oy74g9YzXk3VgvyeBwIN7ZQUy_F5Gm2VhWK6E_FDQt0sm-muPxIrEsUj6W6RVtmN4rfikTApmsgJj2-wmIJgdKQ38bmEZz661DV6eOB6pKpEQ3ACHHExwRhZ6Fy79NCJxG0AUPV__nEajc7TJJCe38H2wV6J9pDNnRDl3Q6R9OPr0RqhXqbI0oOIWyNbqUMdB-rANkz1atzh934XVd2b3RS1xiz9_XKhvraGNtkBbSO43Xw4eWn083DEswuxsu-1CRA-4rKRKj1zNQUFnaGlcRdJF8I0bIzyydSfsHtg_KJkJKeM7zsGoWFn0xkglCjDOhCgZmQsb5F8OOVOPDnVaso9ZILSS1_Q6KgUg7CeFcQzDt7kSlyoqrjbHgoAkp7b7dKfFcC35y3IWjh5ELQ5lZ_MhHEPQU3lTzQIo2Ni8wRf03ywSj6719TlR7_-rum1KigGtfs7dbHB_hNslPgCid1l2MR517Do23J4jVwZBpryR19K_YyYKJIqE6C10U2qtvgABdHnvfqnMVq1LGuuQhAm0rYHCw-gEwvHZMXoMZVE4vrmj6Jf8GZ8gEA72ZRE9FLjPDnNnLA6vCT4y2ZJOJjL0TRRHuBT_Gl9ukEbLZMu2DYogrUQRm74vRC5BeJ8Y4Di5-TTb7MTwgBYRXF3ErcqSvUAvsQyBZJXpL_Kbe2MUKNDXihhq8Smn9CEnL8OUaVJvp9vx6WjiiwuGz6mU4-ryJRWW30rWVBLgu3YQZh2uP8R7Ky-wZtYsnHcvJXVVJe6Y_2ZBKBKcGSz2ZgU_DAjGf6K8m-52Su3p7GLVmB_7N5tLZU5c97H4g8ZN1aWmuRLtDLkAGG1rYR31EajqN5QIv_9NaKXnltDTSZCmj3R9hJpNr5aRLxgh8XcqySjUqsIB9SHIzAJn5A5iAiBviNmaOxVe6rfCZYnU1g55r3nG3sSQsQej9QWhxvIAzxzZR4-JOifFcKSnFSQ&cid=CAASEuRo22oHSDAor0F2ltav1p5iMQ&rfl=2%2Chttps%253A%252F%252Fwww.sunnewsonline.com%252F%240

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e350296077add7888269c3002415c1e3ace7c53c57ba2f4816af61e1e31b538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=8187176395&adk=1961058974&adf=4137666700&pi=t.ma~as.8187176395&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460787&bpp=1&bdt=624&idt=1&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=1539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=1&fsb=1&xpc=K9rwXAImFL&p=https%3A//www.sunnewsonline.com&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30561
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame A6EA 2 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:05:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 19:05:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A6EA 119 KB
36 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Dec 2021 19:07:43 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame A6EA 15 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 18:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 18:49:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A6EA 0
0 23ms
22ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSKIp7b7IMtbNVOHAcPILcQl60OHgv590jdcJxDW0ngx6H8YftBlu73XwIucYB0y4yrkphTMvw4kA_BAUZ8SfCoQhTJIg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=8187176395&adk=1961058974&adf=4137666700&pi=t.ma~as.8187176395&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460787&bpp=1&bdt=624&idt=1&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=1539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=1&fsb=1&xpc=K9rwXAImFL&p=https%3A//www.sunnewsonline.com&dtd=13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A6EA 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A7c_rfxe8uZxKn11C05Q7kjSUU7OvF2pY38ff_KMA-3RNMmDxno32XEKTyDpQ52sm6c8cdfLggs_eg8bHy-MyZGmH2SYqqG19mHXp8nhPY4XlOZks

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK bf8e470e-9261-43af-bfa6-c650b767b81a
https://www.sunnewsonline.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sunnewsonline.com/bf8e470e-9261-43af-bfa6-c650b767b81a
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13578d1af4231b0fe1dce97d8c588932ffd2f70cd593575640a8315463bd2c37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 5417
Content-Type: application/javascript

GET
BLOB 200
OK 6a9c17c8-acde-4d65-b9ff-527cfef909a9
https://www.sunnewsonline.com/ 75 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sunnewsonline.com/6a9c17c8-acde-4d65-b9ff-527cfef909a9
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 77017
Content-Type: application/javascript

GET
BLOB 200
OK fc2c4453-1db5-4806-bced-56905ce701d4
https://www.sunnewsonline.com/ 75 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sunnewsonline.com/fc2c4453-1db5-4806-bced-56905ce701d4
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 77017
Content-Type: application/javascript

GET
H3 200 bridge3.491.0_en.html
imasdk.googleapis.com/js/core/ Frame C320 128 KB
0 18ms
13ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198240
date: Sat, 11 Dec 2021 21:08:33 GMT
expires: Sun, 11 Dec 2022 21:08:33 GMT
last-modified: Wed, 08 Dec 2021 17:44:52 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 165550
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 101ms
96ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Dec 2021 19:07:43 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10854603187357092472/ Frame B32A 11 KB
3 KB 23ms
7ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faee908c3c6c520580b45261c3453f787874e263befbed4a555741be85ea548c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 3342
date: Thu, 09 Dec 2021 15:48:14 GMT
expires: Fri, 09 Dec 2022 15:48:14 GMT
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 357569
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D8AE 0
571 B 97ms
50ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhIuSiDmgWM73Uiko4abC47NYN8CEPg3Tf8Tfx2jKoHyZRba2s9Cua8-QeGhNq7i29Rx8RcZOqax7Pqkb1AyHt3pP3-BEiKnfYXdbVyjS0e5dRnKKSa8Wn0YP5zH7G1-TGkT99XPZA-sMnBbwKxgHUtadnZfp3fYEKmzHUby-nzO-dGo028AyGIT3CKrlxz83MFgZtwbX9B8OJtOKstU12dCIabRFl3WMrvsS04giu2D4Fy6LPJGDGh9gCzRS3wsZhh0jeknQV_9dD1wWuOK3yb0PWZFTgTHUsvxXTzinNxhVW5eh5kBxQ2X7x_3hmN0MiBnvVXYUf3MvDB7DFqgD1fwKz_Q5o6gsPwHy7T_gfBt9D42pRl9lZAtR_fyN6hYlmoZ60gNyYhsiCcmcN9YbRCj3MDt3BCN_Vv_A9XzCX9TZAm5UzHx0znen12rwGm-yfwFBjF4O0ONQXWoeRSesz7mV8Mv4VnWFZp1uL1twrQUiOmtsKacWUwiD4TxSMb0IpL6qzOWciLNrYex-x7BkdUy3tBJulBS52BQFEVjEU407dLarTgURTlIA_ciQ3DUBbgPBy3vRkhDz1TPZFs6dmiZ7WyOWqKHXFGuMjTWkg9aLdxQptOEVFKbLmWJ_Bf66VxL9XwiAomBB_V9FNKCq884MaXNr7rMq1yzpU5GuqMCs05BRw8BbQRPocOKP8jPpLFViMSPL43RysWLcCEEaHqTE-zUvv0WX_-X8MBvuj49K2H9fq0grUhRe0PYmPsNpS87TSUyTXR8cazZGJ38E0gTxbhYklTKw9YgzzHByIchm0S9TyF4holKQdCYuLQ_7UGE9jZ_nmmq-hwUBWrRz-18rRwbVSkJoABFxqH-hwMLIiccdp_AkB_WIxDhgA-ZdSVHmFQB4GIBcToF935Qbmagx_63p2EfD1afJeDduSXwgk2MAvHKHWFV39jyUJzECS9SqzvUiKZMnMIJ6zJgr5mY7BJ812pCGA3bK8XFR3za9ALJNJAT8s94LKF3xAQH4NONbzMfvLBo46oFPsjtZAcTpRKxI6Qa6oPM1gg9dRLGmBaON-mMyeLrwXKlTh5nm8AvJPDk3zDohPXLJtxX4gwvmnvEhq8cniNSJboqJUXTERB1bZobOzYrnDk8YsqFgUny9IZtxprN_SwEcSY7nRA28B9QLHJ9-0BJCHTZ_mCj_fMDKRU5mLz1XvpKl0zm-qYFhC_7DU5NNOnArRlF5eDo8R_5TbxghYszdGUEzWzjyM-BZsFIp0INYGCDt5OS-O&sai=AMfl-YSI7316CkFNjck7Bz4xC7N1nryUysBB6FCi3mpROAtYyLnpAn7tfnyup6qQaK9R6fYcSpqIm8r_RwhMhHSszqKWKcwZXb8ivm7Z_xus2uXyfc8aAwuLvTqU31VeECZ4ia5G-fBBPG3dl_End8ujKj1SMJbjuQ&sig=Cg0ArKJSzO_WeKSD3BvcEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=427&cbvp=1&cstd=424&cisv=r20211207.45836&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 13 Dec 2021 19:07:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 728x090.html Show response
s0.2mdn.net/sadbundle/14129977134126465024/ Frame 90C3 43 KB
10 KB 16ms
16ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14129977134126465024/728x090.html?e=69&leftOffset=0&topOffset=0&c=gVkYHoJ33e&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23d078e0fd295ce67350e7e5c1a857f4d651984136a8006e3bdeafc236ec4261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:43 GMT
expires: Tue, 13 Dec 2022 19:07:43 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Oct 2021 07:34:26 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E99B 0
61 B 50ms
50ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstbh4zurxntmNk9SjeFpockkdsgUonIzh8eWywwI7Rq0_2mmzf62ON92Wp-GQa0NZRUybKKSYaDax35B5ep_L2SPdna_Aw5kH-MNaIUkOBBHC3tISEVIAC_rDuQhqoFxShpSS8Sb7EN-3v0_RElYWdGB6sYVCsvASC4hr3fggd6_PVv4Rl7INBzDyVbXLz5wUfDbvU0DKgBAQrz-SF13ZUd3aE9jMlxhF16VF8uF2hu3eLdOt2BmC5CMIkRkNG1l7p_VElWPG84X1hSDlVZ05NF6XqAtU5-hNjgImWH_sQLFOFwrhssj-s2kKYhf001Lq3cmEUP0T9ATIg15Qap0wBNBTGX1SeJ4kJykRN0tGwd0rMnpUwouk2k5wvb8NrmiphmFEREPox5O_UY-LMUn9MEChcq912eBc0bv1WJEE41nvo_G8ONU_PLRRM69NNombs-u5fMW82iuBjXJ9zzZxjQmloy1qwo01JplcontgpUMkNaz-xO8ulxYTBVue1YzAdpLSCjqKpVilCiexgoyd7iJJpnDLdvOp5BVWGDHMuHOvP_x95sxfUvKUkXPYXXl8yiDucdA-JP1YMp-jwtbqojENjFoQqVjZmpdAisl4JXQEsQAoelacIlkSV9lcpQ_SKGT_5c750EPScXAIRquz-floQYnmd6ZMqofk0ZVzBVMf3tpYh3OXytBs9fJOQD8tY1hLfbB71fmdGNoAAFeX3DRLyZF_LtgklGgDai5hNZGZYOIC_KbTrWajdX_iLJAZvLV9dnyjTuow77013XNQb1diwdwp7gMQGQE6tAKlEsLAx7fqIe7b-Sogd178SOC6Ve0H-nAxWpem7fcuQShsoT8RmyxUeulGPWJXPH7te9OX7M_TECTfvgdOHyrOIKcVQb1w79Ck2g8e-wTu2RHixThyKifCM4cxk8GrHKmOkY5BupFzeUDQqejP5r3Tv0dZVIlmgH9JC3o70uYIjsPFMTmCZDxnEiMApx1fFCny9Odf7bMEmUYZY0SRlD2OjmtrheaK8sE6SKazxdbafajp0V-2Rvi4bbkLDJF8rDlcSy9-dpm4-Jhd0VFBiC2n5eLZ7KHWq9aNg8RSbxNK8WEfukkTDY5uHFxxKLYIaQrnbz9Yb4m3U0XLZnvVjY0TCssoxUqdCPpWmC7OsN82v5R4g52VAJw8Ak_8oT8R_M9hQXdJXYMayBAoXUa5oGlf4gh33qlJOmlc-CN2AhxYRIBRdwadGT9UXDc3Mt8S40ag7kGgbpU4nt4lZNOLsKQAFirAdpd2A3KcpWEQE&sai=AMfl-YSDgSzB7XeFkRyRyr8QXPHl5Vp5VRCgpf9K8Z-i-KwgMHhNlxf9Lmnn6mxBdEtkPSWjb7mGYg1wQ2Z5nHa0dfanqpkIDL4W8_jYPxAjdDmrRFcXKcQYm8NMQ83ZehcVzxXmKdifu-8FemJCIWyg15yPlA-96Q&sig=Cg0ArKJSzOgFgVs6ZiHCEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=413&cbvp=1&cstd=404&cisv=r20211207.35215&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 13 Dec 2021 19:07:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 1729 106 KB
37 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70171
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 23:38:12 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame 1729 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CoYTLP5fXX3Jzsl2DOGbOZLv8WqZJb4SeqXwpjBeGIbjUKCUdPJi3TMu8KxOzKg2jJlnBsfkZAber3TDmDTZuNJhvvtPpnYj_L2Le6EbtJbaO3aW8FmeWa2l2D0pJ13hm_i906-EOnwbBbzr9i-4BQnZrlug&dbm_d=AKAmf-DDtt1S1_k3poIk1ut0WEWth-8OW8vvmkXw3aGPRhzidIX8jxvhphilNAEl53ndI6u9pgUd1IZFyf-cYCSAKrwpug302foOSPMkYPTS1X8njAUukvrZ5Mc_gbgpKAGT5c88m7Ui_HLX-0wWX3L1AIlX-Xfw2xK_EiIrlLPQhwj6hylVp2L8yhWIH-RQU3bVmaVeoS7836DeWlCiDkqVBpy6fBfx1-b4Art2lfcmotwkLfLCkJBc3OF8EeLks1aKjoqVbkxQAWe774X7jKxiWyxMfon5FhuBzNpGs3179i3a8o9QjccxBsU61NN-BjJp4MesBO9NYaT-cP5ifZuqRw12Bn9-k0sjYXyofrQ-ab-j4qJ-BPMBFzrNGxeNfwAdbT6G67gpGsHawe4dzt6imtqZpcr3wR65ILRUFnCGYJQ_2Fo271RBNbZI-7lp6DFdyEQQmRqkUT2CaophCp9IpDpZlH2SU_g87b-f2aZ5s2gCp4i3dy-3aGYcFGZU1MCUijOuIHnesLTRMzHpYfXVjVW6mUwTZSFr7sucVuY87xS2zgcGq7JN4VIITr7ygZhxarYgacQj6g73rDcU4sk6SUO51-ta47glPr4_NhzvLQ_s56V3XaLYxWW7mPmelyIw7K6Nk28HNg0mTcdf-1S6hQB1r8uph6d6vcpv1_rMowIIfHT5exWH8O-z61TZTE9zPCrdQ_LOhQm33jfQieAi2X8zT0PBou40Ebiy_bTUyd-04UufnmmtgWQ91zYR62e_9LKhBovI9TPJ1sCAVSfFQu1gklPsZQgoazsLSIl_dlLB44kekdq1orCH7zLIUZEdgoVSD3yS8UdxwdnQuglcyF-EJhS73qpN3rJu7uvXhXGt0b2axDNmOrQsw4qG_z1WjXyZhsqdiFfRSbhOK671U1qnqtRuHqoTVdmJ5VJCdliEqD5WSa79ZKFpeaEffH9QCu_W_L4NEZPfrTQKJMcLdJTCKRDQW22uJN-1_XkWGDG0KgXWZG7bT-ZEACpLyxjoAf_p7-nUTdWLR9aBe60U-RigfsLZBw4VJP96EMfBInF640g3iZ_sjPQTTJvzYdNN8IBo3q4LOWXNwxF6YdN05EYRA6vUZpgb2ciXrmDBgbdo3JhmiQZiVEFjRPpd6gfekPMZDEXkLB-jUxRmUlmsmcy3OcGK8BdQxTRc4EcfyV6Ap_Cr9-1Vx8vBan2hSBUa34MW4-gUlgh9EsvOB31iYYRQONo2iiUAfh8mTddGZArdidV-M1uhXk2cuRtErJ_ZyDyDGR3Re-QM6mVk_lZUcRbpXoMuJUt9JsVYyBKYYFasXdYh3qZo0qNTPl-WOSXngV_yp5lnAl3pZZP8qQCOgnAxyNFVzV1ha4zMnBsbDTWbPrJGUnsi1qPLTylqaiOfAOTPWJa1EQPsqzVUqgAVTRiAKhDj6Ckb47V6NBmE3HAMYJXsGKH1sejTJz7FOZzKjk-evD7Y9npFU7t9PRDrXK5yiJZxg2pw42QOQ0QkTsmwY788LV1DPoo-PUeYMXpxSbDzgz79kQvx43-1upvkHHdRtmJdCW3fRJUYjcqDzLkg3TSlr19qXpOPQLsc8rN_PWL1UeunBaBFpdm2SkLOT0GKC0Y1mv1POTukQqxPA-_FpOusVGtN3-kdEqJYjdsuOK_OjA65Hg5MYTIRWBbB3eP7-dNgTf9ygXfk7wJUwZgkCu2j7a1conXHGVgAUvc32PIk2DgOwVW5_N6LSLjVmEXRVgxfaqw1owcuM0ABL6QVdjdBY_1rCDR69VgX7x4UHsTvotxKw_pavTT6JIOZzvZgaz0vcpwQV-G6Yq9udaNhbNJ06M2hxs2IUKzRaZyvqSuj2udfg4KAwJFtX5fh6NCrMdhII1lvEU9OvI4ZR5XZANYBbLiodNY4oUuWVGlBJZO-qMUkssb4ugQ8v4KmxDcx2trTWWoKzV6f22Joq2ExkdNItwGslyFdmcOV4pQPFj4YDxZnWfjIt_7GU3IXdPqefCO7Z3mVqo88nbH2dPWG12DP3J3TudpZB2-8CZC-Y7InwPzpoYW7uTE1Ch-T02fFvpXM7yiqxPIAXfTSThGDUqKbr7RWe_itBURNXTHnsSXoxQlMfMzSymADEHUZ9HEALkANVx8GfCUJM8IiEI1mRjAuDi6aZgG6Eq0-K7ZM80zJWx2q4AhMpLaxv6URzp11J3MM_sbX2attV7fzeY2lKa0biDV2bjY8Bp6WqDZIbSb2qwab02SlpriQL1ZAPLBXe27oV-GO1L9CiGgJOUd6jXrKq0O0oCZjsl-dwiWM6iBEZvgDQyMDAl820vBEEj-LTLvz-xDndlwbiV745H9ctmNCAaRuP0eOeBtcwLqvRqMkfOIOKu9LdR8IU4hudvleDeezAIu8PxbAQG_z2GIl8vv08WPbckBWNpJaP6ObUGwN6Zl4QoEz4hFH6hvHVbpi6za-YIS6QcXoOI7LHa40pk72r3T8m3DHN8XinoQqfiGExQU5XSQWDhD4qP8ojdCJhZdZOJQf9ycT2IED1iCLNvCIZP7OsrnuznVlX7xcpqRgW27PTnxVv6MxpUpcUMwkNu4SyNtevS5oSIQoJ9Ne-jGBlV2Jks8LarKoSNiyVSvm1m-IG8ijTcgrmKG4pegNnILkFLdqqlLfh7ZzUH0I4Oxm9s1XggtXI4aQAhUFo89nfd3Og2sMa0xwo4eSJqWPGPuJRxOtkK7kDhLnB_6YG5MXh38hMyFy9PmM_dgXwIR07zllttH1_ES4hhmA9_tIwGhDMX5336T6ogTEaityNqlAetqP6tSvdxSVl-BD4JrewQkC5u_OniSwnLjXJwUZqGwxsre5-po9qtX_hQhzpf0EL9dOfFUPIzwEKMU9qg36EhZ2FAw3xft7bdgCmgcuVexuVkR5_gPuOFWSLuP18oh49DINbdsAxMxM4RaNmPrDlD0SLnTdnpu2CmX6ZSM-oD6t_mWoEW4VNY2T5fznw6sWkM5HmVp2PDtfonfqrGs5kXSJpEyC0PLBm0-f_XcALeTDM6lmpeCEAWXnilfp5G-LBCeoqtQcZNTXSEJCD4pqM7mmXmCjF1hMFXuNMaHSpwl2s6gDIGzol_AaWy-GUwR6SMkjlAuHgVtGLs5XDzyPIfrs2CTRDiOYrRuOMDXkAlNiJoPHSfwGdzhV3PFfr5WdDJCrwbqNYv_Q0hpncOych3AQUbVIJ2lrdhPDhguUcNRUyQR0XI2R7Qx223TxZz1dmz7iq48lzVYdwv1OoPumn0KN6_NVTj7T3QjUVHiEz6cJVbF1piukX2hTlH3Pm_Euwxt0nUMiUmHG88v23FqzhbxLXw3dV52a_HpMOnDhLJI-Ls3H9q1nlI1Cgf6VDeVZud6SGeziXOLn1ZpCA09Fj7cT21vtQ1mDq2B28-lenjkWTA&cid=CAASEuRofj37fP9XE1F09KZhTMg97Q&rfl=2%2Chttps%253A%252F%252Fwww.sunnewsonline.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 19:06:37 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 1729 24 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 19:06:39 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame EEDC 106 KB
37 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70171
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 23:38:12 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame EEDC 8 KB
3 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dyv52Q7Y3KMnb4baAmwr28rztBtnq1teIwnNGfSuFkEzs6qUgtXnCqo4CiXf8TITPMvaUy6j6QlP8-QeOzaTHqkq9DFSo2L1apyGwhlcvx9V3wO6z5v5E2xsVxWu5KB7c--agfGzkbCbvYX7uyD5gIFBlePw&dbm_d=AKAmf-AhmBy_WyWQOWQMNumEHBQMbIcl84apvuANhCb6uERxenSAB8LVKwFqOhiiqJeBGDMN4M78RLVaueUKZy2AcqEwys2Z98kNvTDoDaruXT4Qo4gvZcjXthzdJ1oPxqmcGMycZR6eCScglmhsjtG3awBtGCuHBd4O3CCSjMK-ThktUZs85EYoEdrpDx0F37pLMC767mmX3owY43XJIYBykQ5KZ_Aqw5lkvVygtvQV5DfFqDakecfJe3_hh3Yr6R-MBzKL-9TiKAY3ML2hkUGmXkXCx7kOHdI7v2xqyKwF2tbcUkSZEMkhN80BXcrf3ZO1CR7fMZZPliZ4YNhicS-JNV7GzwtxH6m2fbPVKfmroc6C9G2Z1UuLHJ5SxARxTHngBNXFHGncjfhBN4OkCdPJIyZ86OnSfr4R6Ogo9yW0ms5bJz-JUhv23gdIC6qbKuVBpIx9PjolVKVI59b6kFmc8BGlyoSgIMaCKRBN5JDb1TKiWfXhxa49xRMm9MwX4h37hqX5pamGrh4y-I1nRolyqgSuazfLE9iAH-I4NOvayjTFBYGs2azYtvUSBJV23MAmjf-_NfVbO1Axil7bZ3Rpm9JLmhpseELABYFh3mGPsyzymDALXEpfo84QeL84e0CBbY42V4kRJWiXGvJUS7F9eZ27oP7OnuFOjOG2Vsyn-b0-s8N9himwx7fHp13PrMqVc-5LwqEQtfTl4iKf4k8AqbyLuMBP3ypy3-lY-J1WBcgc_iDYLnXq84FXxXePKs53XI5VQNTvizJ8fNDkRzC3pFLgIfkez8qPmY202RlkzKVZmHmmG8FUOHKFDuTy_HyzAO9-lH9kNtLG8G4Hjfvtv4JFg99x7LE3T4l2RcQwfxcNFbE69z4iUGwEehZHmVAchGhBnqhhJfb_An8jzwROvdvit98l8_0uA_4oAVHYMpADSbbOtgpowim1F2V1WOCDPXLnkXPufDYboHZlNHCMYl_DS_ZMqVi02jGUUZpL9Ag3B2Dt7C3ASL5P4vSHSGnaVARgbqQJuMdVg9UwRGBmZoy08XkDXhvK0r4zTLYLvQJitQyxTa5ffMyzg7rfqLXW5Br5jq5g5wuJhlcT-Nm-FN-x_gYvID6-UhG290WzLUiWQnnIjrtn7DnmFMlFW5ZzRR-IQUK8EL42r2RnappfyDB5Np64fOAMFUaxITuyFwBp-0Gl7irt3aZ1f04Jyk-nTedVWyQU5n1Zz6V7KQoFQ8YqCc-9piek25VD1kZbBbTLmSSX0B5TftRhI0Y3LatFDIPniQiC1C093-z6dO6z88elT3_R977qvpgCcZRkoeASkP8yCo2VanjG5gXPrOO3PAIQ4zmVRpF6CmSFQMS8yMqZXYxnoSccnBD45ufNf5D1ZBy0o7qBvTOoDGGrGVhAtx8mey0GtR9p-lbbO2NCHQpz9k7JgAegyE_lm-_Nf5PDJtOIwzbopf2jqc5lullBZajODkbPO9dkpOXMUd11FgQtmrIq_ZIKHCII0celM2HS60gR5lhcDi_nQxAU6wdKib3yhGILbJ24DXB4Hn_elECU0xC3PyJARyihImSJk-cu0_JR3YS5OtNuXD7Gv2gidBkbW3ZryRuSRwPRHYI6CQnwDeIJniZAxgkd5T4HRZPZ3eO5WFz0CypSjORhxKZmirM0lMpGjNSgqoyOFq6MA4t-CEtDpOg6AnAz_Uhf5cBPOYCTg86bSr8GFntdERYFAmf59at61NayRKojhgU79XiXdIkqxVvzy6vbLl0ZX5ZpAccF67bSqsXxnNUuLgHnjO3hj5gnHdo7VyoqYaCRId1lICP_Q68E8QOujP9eLdRogXSKE5wLGXFwj8oW0e8GqKIDA4DufEaasSQjyd-INCX3U48Nf6arvBjajktPd1Mi4F8OWuONuT51k-c96I1lj_29DbMaXu3ucKdnooU6gkIRNCNJ1wMdtlVyGEug5j6MQ7iWJh63yIewval11Q9_sbErNHxrohTd-aw7wo0DBLhJWlZKKCaNKIHky8G5-nK9v7aUhw2XiNA8mzQLBKj_KscnaRulbTya8otCugAXgRde2KmNjypOY8DAgGcsq3SqHaaLk7lBZy5ItJmj0E18Pf3ucuqzWu70adi-6tgx-Yyvkc1bUnRJa9ncnLVmEftba5C7vq2pdqCgpfSfOLxD7yphqEC6ZcZRmzIXTJBxYO00BVMOUSCWFLfy8KXY8CY701bExXR4C56qbcuMhoK0cawchFIX3j6NtBsKY9F_4egIPoLqgvRen_flFyD78FzcYCNXi4sbr3aYUiv6U-QinwaZop9SPm57Kki6tqllI7jSXj9ttvVhxRYFO-DjJcnmOKr1i_FBuLJ_nKrrFy0VLn85NJS-LCJ4PWRAr5iwUbxUMavliQJFbQz6YNCInBTqeEqOsEjrrFEozaOPdvoYJ6Zkyv4Y5LLaexG299kB2Hp-9XbW4QAqAe2kJ6xRogKTqwMpw8ubr5rGd9xoTV1ecY-grasM6WSnIXgjUyd6v4g3YDPvCMq22siQWNw4Hg06JBYIuYWfwv5rogNK3NW7MH_jzb1AXgHjiBRYfqDwHf3W--L6hZZkAD8LYxu__SqA1zpn7PPnR6BkmjxjliaJVzqpQxo2K_L8Z5k0FcmHbwNj549l-4Zj80GO63fD7STHC7P-RHhD0UXpIDjXzslkikPkY3GpyE6AqUl6dMbu0DnhAfyHjg4xEbCwRmQOZomcffI8XjluLs5cPOGZSY2e4PbwLNrD2tMJoJYAM7R0m5j142p3xqlGIMZrBuJmivpvReT-wuI3Mw_wFJJwxwu7-cw6thYyZrnLZxEK4-nBzHxWrWISuyBqtwqVfQj0mze_SOwVvLSaWvR7tQV3Jy7uhsKYFX3dKwmmLoQhZTfDNKhcziO05gCqjOLs3SVewyVO17JuecA56GHoZ6GOHvVhbGYcOXGqJRde_eLshYEAOx-wBfozZiBdTELZFHFbFB3z_OpF85GSESINjz8ttNflZuaE0fmTz0u0866enFOm3Sik-KlwVw_R_v14cbD9mR-Iv1RsZmBJhUYF3hOjnH20a_Acj15kHCSqN9utfndYv8DBTTmcYhT6BJFW72Crppn-oY4IDChyetDzGpdk-2j5OX6D3pufeuYVH8X4xcRaUyrsMfJwVjNrLnkZqvIY8BV4CjgiCdSSMFsQT3oGiCLgt8TA2QIHcekjE1UpMxrF6pNQILxhxiJarCDKt13p6NdIhdgEj7VC6Fg_jRULnwpcfVB_4Y7bDF33iTCIebWIDF_2HhZwP2bbOQ90Td-EmVTTXEKhHktWGCSdIHDzzL-qhp8vli3AcFI6tEaLD6DglpHvtdmBuNH7A3j12I_d8U-xnTKs6ySubanMXtWIUfOByTcsPIjbsS57f8d2tb-tDpdD_IQQsQg_U_mWsBEpBTawKg-3-IQ&cid=CAASEuRoESlZIGkON8iaNQCWWPFshw&rfl=2%2Chttps%253A%252F%252Fwww.sunnewsonline.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 19:06:37 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame EEDC 24 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 19:06:39 GMT

GET
H3 200 omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4536 37 KB
0 11ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 18:48:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 13 Dec 2021 19:48:50 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B388 38 KB
14 KB 27ms
26ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C43459431986928572441021382728%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=52114
expires: Tue, 14 Dec 2021 09:36:17 GMT
date: Mon, 13 Dec 2021 19:07:43 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame A647 38 KB
14 KB 34ms
34ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C43459431986928572441021382728%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:43 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=52114
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Tue, 14 Dec 2021 09:36:17 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7B6F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

69ms
67ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 13 Dec 2021 19:07:43 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 13 Dec 2021 19:07:43 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 13 Dec 2021 19:07:43 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4BC0 35 KB
13 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 17:23:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 17:23:57 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame DEFB 35 B
465 B 44ms
10ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMkdiezOD22HzGxuRkJVg6w&google_cver=1&google_push=AYg5qPLwKSyjF1iCW07BpDcQ_tmNCQg9PC4dj8KZoaniJu18NlGl4sUUoZGeFci4EbaT8w8UQE7RFna_p3hmpIi1bqL86wQ_ZkgK

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8187176395&adk=1477350333&adf=1664212563&pi=t.ma~as.8187176395&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460638&bpp=2&bdt=476&idt=267&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yofYObC5gI&p=https%3A//www.sunnewsonline.com&dtd=299

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DEFB
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJWSfoBYGYL_nn3eBPPZ_2-SbDVNsCAuDRta1GHgabSOJmLqa9VlvU9ZXdUXEBUn5szkKbt24xv0cWkPfTG3NuptXb8Mx0&google_gid=CAESEGa7da071TBOdkBqRWl_9uU&goog...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCP-z3o0GEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBKV1Nmb0JZR1lMX25uM2VCUFBaXzItU2JEVk5zQ0F1RFJ0YTFHSGdhYlNPSm1McWE5Vmx2VTlaWGRVWEVCVW41c3prS2J0MjR4djBjV2tQZl...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwU1QwUEdYYjQ2Uk5Kdl83OUFtdElmZ1ZqUGNGMHVKZW9kV004MlQ5Skctcw==&google_push

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwU1QwUEdYYjQ2Uk5Kdl83OUFtdElmZ1ZqUGNGMHVKZW9kV004MlQ5Skctcw==&google_push

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:43 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwU1QwUEdYYjQ2Uk5Kdl83OUFtdElmZ1ZqUGNGMHVKZW9kV004MlQ5Skctcw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DEFB
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKRUWdu...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKRUWdu...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMTMxOTA3NDQwMDAxMjc4OTk3NzcwOQ%3D%3D&google_push=AYg5qPKRUWduvN5CZVK3vKyPFItrnXfikXO4w-_7Bc15z4fUVu9V_CZrmt3EZ5wNeB0p02...

170 B
188 B

20ms
20ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMTMxOTA3NDQwMDAxMjc4OTk3NzcwOQ%3D%3D&google_push=AYg5qPKRUWduvN5CZVK3vKyPFItrnXfikXO4w-_7Bc15z4fUVu9V_CZrmt3EZ5wNeB0p02g7WhO19Vq6EICWBJiEyqG0uUEXqUk

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMTMxOTA3NDQwMDAxMjc4OTk3NzcwOQ%3D%3D&google_push=AYg5qPKRUWduvN5CZVK3vKyPFItrnXfikXO4w-_7Bc15z4fUVu9V_CZrmt3EZ5wNeB0p02g7WhO19Vq6EICWBJiEyqG0uUEXqUk
pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Mon, 13 Dec 2021 19:07:44 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame DEFB 43 B
350 B 65ms
16ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIGX9fzUjoYRWnlLA_hXmg0&google_cver=1&google_push=AYg5qPIc1wDuSYUoiX8pdBX-Mhv5X9NOk_mKTIF4i_xDBxd1daOk_vUekzGY7KIix5NKkqP9UzSgThd3FO1BhRfnDzTkZR09NM5-
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8187176395&adk=1477350333&adf=1664212563&pi=t.ma~as.8187176395&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460638&bpp=2&bdt=476&idt=267&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yofYObC5gI&p=https%3A//www.sunnewsonline.com&dtd=299
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 7i3jhdtapnene6me3doiaarnqhk8t5pa

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DEFB
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Os1GSqMoTfSPGg3YlFZXrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Os1GSqMoTfSPGg3YlFZXrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKomPfrYWjQC7gatn3w4GCW_DaC9eqWX2lT4RuJWS4v0BIZSYv7LQhF8hD1ngx73EGN6Xbd7b_ldQjpEreeB2aArIjHwUn4

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Os1GSqMoTfSPGg3YlFZXrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKomPfrYWjQC7gatn3w4GCW_DaC9eqWX2lT4RuJWS4v0BIZSYv7LQhF8hD1ngx73EGN6Xbd7b_ldQjpEreeB2aArIjHwUn4
date: Mon, 13 Dec 2021 19:07:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DEFB
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDZM06DlmOlibyARiaIiwM8&google_cver=1&google_push=AYg5qPJ91dMeoqhlbb3ava_DhBa4-IeXGHLjgvFScCJPsedDhlG0-Oost8ZKxZv_3nVTdr-ldyi...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQxQUUtMjYtOFpE&google_push=AYg5qPJ91dMeoqhlbb3ava_DhBa4-IeXGHLjgvFScCJPsedDhlG0-Oost8ZKxZv_3nVTdr-ldyit3rgnRyh2O8LPHvJ0_lMFMZw

170 B
188 B

18ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQxQUUtMjYtOFpE&google_push=AYg5qPJ91dMeoqhlbb3ava_DhBa4-IeXGHLjgvFScCJPsedDhlG0-Oost8ZKxZv_3nVTdr-ldyit3rgnRyh2O8LPHvJ0_lMFMZw

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQxQUUtMjYtOFpE&google_push=AYg5qPJ91dMeoqhlbb3ava_DhBa4-IeXGHLjgvFScCJPsedDhlG0-Oost8ZKxZv_3nVTdr-ldyit3rgnRyh2O8LPHvJ0_lMFMZw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: dbbc2dbf689859fb5870b364473d5441
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame DEFB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmB...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame DEFB 0
12 B 28ms
26ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13It05QJX-GgO85XclETKcR1QAd5qgqCJZ10DNySxKrM3Y2z6irhUGvSO-gq0wtZ5mQ1lfHJ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8187176395&adk=1477350333&adf=1664212563&pi=t.ma~as.8187176395&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460638&bpp=2&bdt=476&idt=267&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yofYObC5gI&p=https%3A//www.sunnewsonline.com&dtd=299

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 1C05 35 B
464 B 28ms
12ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELWxfp4x0SezWMcR0tek6NM&google_cver=1&google_push=AYg5qPLXcvETb73YhWUMMajy-zbUsCKy933Nd_7s6AeeKQ0ZyQRrEV0neNgXZNgKH78fMmhSJ2jQ68PyayrR5Oy1KuWnSToMcCk

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 1C05 43 B
134 B 52ms
18ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKKImsWAVnOkwoOLMXtymxA&google_cver=1&google_push=AYg5qPL5Q1a8XTmfF-IVoc5UxRM2vQgQz4da-MXaEQJ9ca9qZhKNaPoucwSBXBMMf-EB_z4QEt_aEYFOSrnlAODCdQwVN43X-S0S
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8218178373&adk=2033062148&adf=2621076951&pi=t.ma~as.8218178373&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460554&bpp=2&bdt=392&idt=292&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WyFRi4xKFR&p=https%3A//www.sunnewsonline.com&dtd=298
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:42 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: a2uelfthvsm78kneoh5ukv21uc5e2eoa

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C05
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=418SZD5RRQGVgO0B5qokUg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=418SZD5RRQGVgO0B5qokUg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPINH77EIyPJuxy63bYG5LFsS-fa5aoreTXjaLM-fQXdC2k5VWV_sZOEQ9ms0zDCpfPXhftEq23evw5dEOTUmf1Vn5PaCOQ

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=418SZD5RRQGVgO0B5qokUg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPINH77EIyPJuxy63bYG5LFsS-fa5aoreTXjaLM-fQXdC2k5VWV_sZOEQ9ms0zDCpfPXhftEq23evw5dEOTUmf1Vn5PaCOQ
date: Mon, 13 Dec 2021 19:07:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C05
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELtX9bKpRH1XdGXVXuFfntI&google_cver=1&google_push=AYg5qPIAfruZtn4foqVNoJOYIGtnVLHy5lwFS6k1-zAup45HEqK67HEbU_mUtkwzKfhyiuao1ny...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQxQjgtRi1IVERG&google_push=AYg5qPIAfruZtn4foqVNoJOYIGtnVLHy5lwFS6k1-zAup45HEqK67HEbU_mUtkwzKfhyiuao1nybMDNs86B6sikXECsFHUI4pdIU

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQxQjgtRi1IVERG&google_push=AYg5qPIAfruZtn4foqVNoJOYIGtnVLHy5lwFS6k1-zAup45HEqK67HEbU_mUtkwzKfhyiuao1nybMDNs86B6sikXECsFHUI4pdIU

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQxQjgtRi1IVERG&google_push=AYg5qPIAfruZtn4foqVNoJOYIGtnVLHy5lwFS6k1-zAup45HEqK67HEbU_mUtkwzKfhyiuao1nybMDNs86B6sikXECsFHUI4pdIU
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 750589468d5634b7e99830971becaf64
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 1C05
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 1C05 43 B
297 B 165ms
28ms Image
image/gif 2a05:d01c:1d8:8101:fca3:6f47:214a:2d54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHoDzTAds9rK9_c6z3Zt3sE&google_cver=1&google_push=AYg5qPL7PLCHnAiCY-BH0UeZaM7OWXHiYSa0mureXLDSKTDWhdeDhlCjqPlZgNaC8Xt5a1ILzWKvGQuSwM-Aikgm92SEnxnHyBFQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8218178373&adk=2033062148&adf=2621076951&pi=t.ma~as.8218178373&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460554&bpp=2&bdt=392&idt=292&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=WyFRi4xKFR&p=https%3A//www.sunnewsonline.com&dtd=298
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:fca3:6f47:214a:2d54 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C05
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMdmSiORPt5BCFd023hbeK8&google_cver=1&google_push=AYg5qPKR7ug5y_KrNeEJlTT-...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKR7ug5y_KrNeEJlTT-bYpUz8_tWafaM27sF3w4urkeSLC3tXzuiq0opUfc8D7x8DAYQPr5eI8njIDqcopZZsIPfUJE1veu&google_hm=

170 B
188 B

22ms
21ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKR7ug5y_KrNeEJlTT-bYpUz8_tWafaM27sF3w4urkeSLC3tXzuiq0opUfc8D7x8DAYQPr5eI8njIDqcopZZsIPfUJE1veu&google_hm=

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKR7ug5y_KrNeEJlTT-bYpUz8_tWafaM27sF3w4urkeSLC3tXzuiq0opUfc8D7x8DAYQPr5eI8njIDqcopZZsIPfUJE1veu&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 12 Dec 2021 19:07:43 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1C05 0
12 B 28ms
16ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K9kLiKm98Aa1vFDFqiu17GR6OxHuL_CyTwQFKm6cNSEn11ZIZixL0EmQ2h1_BaXcw7vjZQcw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 342C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECxtF4d1ejSjVyS3YRRI5bY&google_cver=1

43 B
548 B

52ms
19ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECxtF4d1ejSjVyS3YRRI5bY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNW3p4XI22l-8mtsPUHwCq2aQoEEZ-JLyYH_35kQjlBvBswcHSasKHFZXF_zg66aq2Q7vH9jYihFZ4vG2ihm4b10-p1X9uCaRGwqD1Oy_iE_pD11wUA8v5Va3702RTiSqm8uRDrz8Un-0cXi_WLK2S6IDbp7HxgD9ZIzw-4TMKbmv7DRONo
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 19:07:43 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 97
Connection: keep-alive
Content-Length: 43

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECxtF4d1ejSjVyS3YRRI5bY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 342C
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZjM2ZTFlZGItNWM0Ny0xMWVjLTg2MzctMTBhMGNjYTgwMTA2

170 B
188 B

20ms
20ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZjM2ZTFlZGItNWM0Ny0xMWVjLTg2MzctMTBhMGNjYTgwMTA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNW3p4XI22l-8mtsPUHwCq2aQoEEZ-JLyYH_35kQjlBvBswcHSasKHFZXF_zg66aq2Q7vH9jYihFZ4vG2ihm4b10-p1X9uCaRGwqD1Oy_iE_pD11wUA8v5Va3702RTiSqm8uRDrz8Un-0cXi_WLK2S6IDbp7HxgD9ZIzw-4TMKbmv7DRONo

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 13 Dec 2021 19:07:43 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZjM2ZTFlZGItNWM0Ny0xMWVjLTg2MzctMTBhMGNjYTgwMTA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 118
Connection: keep-alive
Content-Length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 342C 0
446 B 95ms
24ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:43 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame A6EA 106 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70171
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 23:38:12 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame A6EA 8 KB
3 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Awx9P-QbvEXavVQZkfXvflLum23yPd_9KBiY8UgrqXQ01wTPZu7flBLcIoUzpVVWttMoVyLH8Bf4kBx2prvYEqx5V6ucOevtMc-NeqTKl4NEkCAzebV4iRV-HZ3ka9Duo0kyf6hpu3dwzQKdRs8M3mIGKWsA&dbm_d=AKAmf-CSPqn5F5sVHhLJGu0JT-2MhbCQfMxqBGx_w7XUOs5AF_0YwBUL9AxP-aai1WYAGzqG5_g4rbhQQmDH8cuwhN2BkvMCHXifgECtdnVkCDUr6FAxPJk9_c2WMF7T-8txqnbW4PacIRYU-E02fvU79Gj5ATGgrRcqKjBkj4Mw4dU3vqiHxW-gftwSSgy4IgP-eDlB5mC29gjPKItiLGgSZHJockE9clNDonCvFqgb82B7lOseYvWT7SPJ9pEgXebaxW4m3t_40JqSbhek-PYb5lkwjvKHJFpA4iIGv0LzmkmCXVMSTKQMgvXd05etXTo8eU6mCh0mi5jn_tGcLI5Foz1sUBMcrPpwd6CSUMnQmq7fvw2pTfpMkwZor_DcJ5rrBf9S88QWv_-h8gkc7OCGHR7P_xu96kDJlEy9fMGT2oehy96ezRt6Yyg8huZ9qdQKcXq3JgSoml59S-xitU1S7XW71VSFglCkpP7nWmdUc0pyxhqZQD9L9tkIAg6d9zpTLV1aIMr3QhATs_fVE9cVkxMCx1xsS0SsLeRDrrhNYSjPPFKY06G2cr-6a44-6BqRQEptLORQFdZwJXpwJrnLSXBLTQRkIU2xKVG9p9sUlV7FV0XQeSVvlcjBoZYSKdk0VHDkmnb84DRo50o_M9sEImM9Q32qBHC63xH8feDcpy2y8trYgVeIlDfy9fQ0Bxq9I0AV_NJv4_-nIiqNLdxCuAuRGA9G6UGENMvtYzcZs7Xi4W-BTgI3kbjH8d7iH_GnKoyRoRyq3GZJwIoWn9Xh9FmzgR_OrAFq3dHoZ4N5CYy84V3JObOWWhkjHBTwI_WYrB53wExa3CsQrMZdhxWWeHg0jZs06JFWfC5T8W-oRZc_u0uc1shEUIGXHitNXnnboK_FvHiod6QH3GfgF_DNJ72OcosE82t4XVuV6-JUKpZWRSX3j6ElGG5QK7xj2zo8_tD2rxtIqwd5pmZAhN7HCIvqhXT-fWjl1A4QCXB5yagaOKos_HalZ4kSLQjjAYu4eSXbqtUlTZdE5rStNTG3Dyo0-olV1hhQCI2q6KyU9e9yjbNbAstcmmt675asQw31WCvL0xoRT7DEqDdjtcc3nkMLFYZAQxR2vd51QDRhCkwmo71W7sHSZQxPU8ER_NI0xhE10KheLjFIqUDTmXKIj4TBML8TyFiHTHsPmF-olektZz4CJbsGSxdxL4ezSTv8hfcfX3ozmg-JQ_T6dNfrciNdTsAv3eBKnLjwjugXSF0V55j6xXSWvYrSPiRGAUcJSUMEhq9QWL0Lz-0TTBy6N7zguJbQmTPOgCYD8tezA7S4fGiZ9bGGroE4b14gaHTWc3frWlk1LkWqENqa3QN0fA6fWeaHnYiQruXYVb6j4cBKQ3ar2tVzh4CwJBV7TC0inm-ghRF-R2SQw9uWmYsnsNT4hDpc0iQzSSaNp_HPAQjVlfXq32yG8Mh6UrzqSgUrgdCASVyyr_EGrGLckHoYTuWFLKCxz6-6f1hN7-ell6jEoMDTT9BTp7_F5F1X557038TbmLn3DEAizABID1_bEcHypJgkYJoWiuX6LdNA5B8Mp27nhDK_0lU54QEfb5oa5b8qSkVnq-nHmmf11dineIFvXelxNQzFKCifk12Cvvap1EE8eyYgp_XHOnI9FInEC2hZGiLQaQAu8qKvydDKKxlzUJvSVVy1nJUC34Hbw22_2ZjripfVkjcUFydX26HL8P-7p49di9kzboc3FtWqwgXXg9H0RbtU-8DW3xDfQVExC7D39Epy8telqR_jkfpcg9hh_81-Yf1-hwlcBAjXz-puIiQGzWSLjKhBB1hBE6rGnvMtw5nCbquUI87TmbU-1cxMsyH6Twd5TXL4P_UDt4NVDsMJLa2jw5dq33h7fpMD2LN5qh_VLq2GwxUCstLo0zvYzgaJ5t2d0E1HeGwfvPvDAMxa59zjei9TKK4kiUtUewJnCDYsAr8s0Unj-KtjhRsglwjJ_q_gwccmNWyQU38Vd71u76I-N_wKVIckrfbOHI5VHcLjJLzTHJc3oaSOMYLI3h2qOurrPQiW9-p9r2jFg7HRNap-0n4TfJfB3c-0w4UJ7OEvfWN3CgAW7y_K5E1MOAaYOFpjJwMP8Rsn_dv6SQGCrtpgkPUk-I69jVGFW3PYqYgoQdPY6eBgLUbY2L4BrF8M8qT50qnE89t_qlkGqyeLlLJXeFJl5CiBdOi1eSwv1D4ymNc3S7iK2hu3vVIurQ1mQduJfJn0CrzIvsVy7-TCRuKRdWtyjCc6ialypf1aNy0sNENctR2rlA9Rq-9DLK7ecKnzcaKTLq7v59qx2GSzy7dTXu5IQs3GqEzM9c2yZzoBmZ0BtyWepIT5tP1PrRxq0Ce_KTiB-ZeDyGZIlitQURdBPsN_sWrChZm3WsNDVeO9Bm4zwuXg6AWc9ATfC4WVg-7TydmBmxelue_7JX2PPx-NOW0Oy74g9YzXk3VgvyeBwIN7ZQUy_F5Gm2VhWK6E_FDQt0sm-muPxIrEsUj6W6RVtmN4rfikTApmsgJj2-wmIJgdKQ38bmEZz661DV6eOB6pKpEQ3ACHHExwRhZ6Fy79NCJxG0AUPV__nEajc7TJJCe38H2wV6J9pDNnRDl3Q6R9OPr0RqhXqbI0oOIWyNbqUMdB-rANkz1atzh934XVd2b3RS1xiz9_XKhvraGNtkBbSO43Xw4eWn083DEswuxsu-1CRA-4rKRKj1zNQUFnaGlcRdJF8I0bIzyydSfsHtg_KJkJKeM7zsGoWFn0xkglCjDOhCgZmQsb5F8OOVOPDnVaso9ZILSS1_Q6KgUg7CeFcQzDt7kSlyoqrjbHgoAkp7b7dKfFcC35y3IWjh5ELQ5lZ_MhHEPQU3lTzQIo2Ni8wRf03ywSj6719TlR7_-rum1KigGtfs7dbHB_hNslPgCid1l2MR517Do23J4jVwZBpryR19K_YyYKJIqE6C10U2qtvgABdHnvfqnMVq1LGuuQhAm0rYHCw-gEwvHZMXoMZVE4vrmj6Jf8GZ8gEA72ZRE9FLjPDnNnLA6vCT4y2ZJOJjL0TRRHuBT_Gl9ukEbLZMu2DYogrUQRm74vRC5BeJ8Y4Di5-TTb7MTwgBYRXF3ErcqSvUAvsQyBZJXpL_Kbe2MUKNDXihhq8Smn9CEnL8OUaVJvp9vx6WjiiwuGz6mU4-ryJRWW30rWVBLgu3YQZh2uP8R7Ky-wZtYsnHcvJXVVJe6Y_2ZBKBKcGSz2ZgU_DAjGf6K8m-52Su3p7GLVmB_7N5tLZU5c97H4g8ZN1aWmuRLtDLkAGG1rYR31EajqN5QIv_9NaKXnltDTSZCmj3R9hJpNr5aRLxgh8XcqySjUqsIB9SHIzAJn5A5iAiBviNmaOxVe6rfCZYnU1g55r3nG3sSQsQej9QWhxvIAzxzZR4-JOifFcKSnFSQ&cid=CAASEuRo22oHSDAor0F2ltav1p5iMQ&rfl=2%2Chttps%253A%252F%252Fwww.sunnewsonline.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 19:06:37 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame A6EA 24 KB
9 KB 22ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Dec 2021 19:06:39 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 5133
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECxtF4d1ejSjVyS3YRRI5bY&google_cver=1

43 B
548 B

46ms
28ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECxtF4d1ejSjVyS3YRRI5bY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNU9EPD08I5rKz046DejlkL10705ARe_KrXNr1V9ElcJyZw6J8yxzMMlEynl1PStsSo86EAtahHJ7ut_QXVx9z3dRsHQiQr54_uYBRgeKjTuoDt2alGn2vqZtySXU24f66CDycUPXjSPNIU2Eq3jtpybGm3IBo_vEWcP5JhHgt1xxIffaNQ
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 19:07:43 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 65
Connection: keep-alive
Content-Length: 43

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECxtF4d1ejSjVyS3YRRI5bY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5133
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZjM2ZTFlZGItNWM0Ny0xMWVjLTg2MzctMTBhMGNjYTgwMTA2

170 B
188 B

20ms
19ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZjM2ZTFlZGItNWM0Ny0xMWVjLTg2MzctMTBhMGNjYTgwMTA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNU9EPD08I5rKz046DejlkL10705ARe_KrXNr1V9ElcJyZw6J8yxzMMlEynl1PStsSo86EAtahHJ7ut_QXVx9z3dRsHQiQr54_uYBRgeKjTuoDt2alGn2vqZtySXU24f66CDycUPXjSPNIU2Eq3jtpybGm3IBo_vEWcP5JhHgt1xxIffaNQ

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 13 Dec 2021 19:07:43 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZjM2ZTFlZGItNWM0Ny0xMWVjLTg2MzctMTBhMGNjYTgwMTA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 40
Connection: keep-alive
Content-Length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 5133 0
268 B 56ms
25ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:43 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 103ms
101ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Dec 2021 19:07:43 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame B7D5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECxtF4d1ejSjVyS3YRRI5bY&google_cver=1

43 B
548 B

43ms
20ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECxtF4d1ejSjVyS3YRRI5bY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNWn_5jSzqJsXxp-BQtfzZqvK1VWl7w2n68FJ9f4Fhcwk4PiBDD4Eczda34MisXpUfmQLBRR_-V8jxJfapSyIbzl6c6UsLlWy_f7RD4d4jzfoEKUs8qUnKaXNIhzyRcWQ-2kUFQX7cZdc_AmHZ_gdqkKcfzmpq3iGH7kcI_rZXEHijc2QxM
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 19:07:43 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 66
Connection: keep-alive
Content-Length: 43

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECxtF4d1ejSjVyS3YRRI5bY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B7D5
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZjM2ZTFlZGItNWM0Ny0xMWVjLTg2MzctMTBhMGNjYTgwMTA2

170 B
188 B

23ms
22ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZjM2ZTFlZGItNWM0Ny0xMWVjLTg2MzctMTBhMGNjYTgwMTA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ96fYjQIY0umUuwEwAQ&v=APEucNWn_5jSzqJsXxp-BQtfzZqvK1VWl7w2n68FJ9f4Fhcwk4PiBDD4Eczda34MisXpUfmQLBRR_-V8jxJfapSyIbzl6c6UsLlWy_f7RD4d4jzfoEKUs8qUnKaXNIhzyRcWQ-2kUFQX7cZdc_AmHZ_gdqkKcfzmpq3iGH7kcI_rZXEHijc2QxM

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 13 Dec 2021 19:07:43 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZjM2ZTFlZGItNWM0Ny0xMWVjLTg2MzctMTBhMGNjYTgwMTA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 125
Connection: keep-alive
Content-Length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame B7D5 0
268 B 56ms
25ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:43 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4650
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

66ms
65ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8187176395&adk=1477350333&adf=1664212563&pi=t.ma~as.8187176395&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460638&bpp=2&bdt=476&idt=267&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yofYObC5gI&p=https%3A//www.sunnewsonline.com&dtd=299

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 13 Dec 2021 19:07:43 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 13 Dec 2021 19:07:43 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 13 Dec 2021 19:07:43 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 1B56 35 KB
13 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=280&slotname=8187176395&adk=1477350333&adf=1664212563&pi=t.ma~as.8187176395&w=660&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460638&bpp=2&bdt=476&idt=267&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=125&ady=2566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=yofYObC5gI&p=https%3A//www.sunnewsonline.com&dtd=299

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 17:23:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 17:23:57 GMT

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4225 35 KB
13 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 17:23:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 17:23:57 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D8AE 41 KB
15 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com
URL: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70165
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Dec 2022 23:38:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2B08 1 KB
749 B 14ms
10ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com
URL: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 13 Dec 2021 13:26:12 GMT
expires: Tue, 14 Dec 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 20491
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D8AE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3116cf02f55b00f2550be805d898a15ea25310fd6cef9d3b9d72dc12a9a0702

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 93ms
93ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Dec 2021 19:07:43 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
12ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=8&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=m3u8_fail&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1857369470

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75979
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
12ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=9&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=replay&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=812206885

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75979
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 img-bg.jpg
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame B32A 9 KB
9 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/img-bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13c1ab8db979abe38ed33d2f1becb5d085f3281286097f5ccf7ef8ee287072ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 15:48:13 GMT
x-content-type-options: nosniff
age: 357570
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9355
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 15:48:13 GMT

GET
H3 200 img-motif-0.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame B32A 11 KB
11 KB 10ms
10ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/img-motif-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3845869a51bea384409c38e0b428da617913e5557f12001868773e75a0836bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 15:48:13 GMT
x-content-type-options: nosniff
age: 357570
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11369
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 15:48:13 GMT

GET
H3 200 img-motif-1.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame B32A 12 KB
12 KB 11ms
9ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/img-motif-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90522800375d2af39a942f1b7bba8c525ce5926ad91b6cc273eb2af6acfc18f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 15:48:13 GMT
x-content-type-options: nosniff
age: 357570
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12212
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 15:48:13 GMT

GET
H3 200 tf-0.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame B32A 3 KB
3 KB 12ms
10ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/tf-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68b13fb32ac97aaa547176f77229f00ec488d14fd5cc823f395f722deb56766f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 15:48:13 GMT
x-content-type-options: nosniff
age: 357570
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3177
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 15:48:13 GMT

GET
H3 200 tf-1.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame B32A 2 KB
2 KB 12ms
10ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/tf-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18704e6392962f33591db3d201b3f4ee70a07488fb319d44d3b2c25e98a4dd78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 09:15:13 GMT
x-content-type-options: nosniff
age: 381150
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2365
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 09:15:13 GMT

GET
H3 200 tf-2.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame B32A 3 KB
3 KB 13ms
11ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/tf-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d5f33e4272e764851d54af7e81ed73a8898097a0ba054df3406571a9b739a96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 15:48:11 GMT
x-content-type-options: nosniff
age: 357572
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2708
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 15:48:11 GMT

GET
H3 200 img-stoerer-0.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame B32A 4 KB
4 KB 13ms
12ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/img-stoerer-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14ac160c9d66dcf424c5081e906f9860b52a432e980feb72c319119608db7145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 15:48:11 GMT
x-content-type-options: nosniff
age: 357572
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4061
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 15:48:11 GMT

GET
H3 200 img-logo.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame B32A 4 KB
4 KB 14ms
12ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/img-logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81732ef8a3370a547b35a2c25cfa71e1bda0c8c2dfb27f0a57f43e78c72e4261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 15:48:11 GMT
x-content-type-options: nosniff
age: 357572
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3745
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 15:48:11 GMT

GET
H3 200 gfx_white.png
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame B32A 2 KB
2 KB 12ms
11ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/gfx_white.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3ed4eeb6ff0371ee043785da9c48b790cd734172ffe02155621376ff9284cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 15:48:11 GMT
x-content-type-options: nosniff
age: 357572
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1928
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 15:48:11 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B32A 113 KB
38 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 19:07:44 GMT

GET
H3 200 TKUT_v1.1.1.min.js Show response
s0.2mdn.net/sadbundle/10854603187357092472/assets/ Frame B32A 2 KB
1 KB 10ms
8ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10854603187357092472/assets/TKUT_v1.1.1.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdb02d532d7bfd45b67a7b2cdec2f9022e4b53fcbc99e8dca2a4d8dbfafacd72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10854603187357092472/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 22:38:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246528
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:33:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Dec 2022 22:38:55 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E99B 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70165
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Dec 2022 23:38:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DAEA 1 KB
749 B 9ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 13 Dec 2021 13:26:12 GMT
expires: Tue, 14 Dec 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 20491
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E99B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e08fd52b5d458a183b7c087a062f8cbc04801eda3b59415cd5bc4e18c3a0588e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 90C3 118 KB
40 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14129977134126465024/728x090.html?e=69&leftOffset=0&topOffset=0&c=gVkYHoJ33e&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14129977134126465024/728x090.html?e=69&leftOffset=0&topOffset=0&c=gVkYHoJ33e&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 03:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57975
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 14 Dec 2021 03:01:28 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 90C3 60 KB
24 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14129977134126465024/728x090.html?e=69&leftOffset=0&topOffset=0&c=gVkYHoJ33e&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14129977134126465024/728x090.html?e=69&leftOffset=0&topOffset=0&c=gVkYHoJ33e&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 19:07:43 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12403946963978149558/ Frame 70AE 11 KB
3 KB 10ms
9ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc01323987c050dd4e410f0cc5c845502df1eaa1198f40ba5ffe1a36fa5ae52e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 3332
date: Thu, 09 Dec 2021 07:32:17 GMT
expires: Fri, 09 Dec 2022 07:32:17 GMT
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 387326
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1729 0
24 B 72ms
51ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstliKyUNmRIM1d1Sd5QkqAZUkTF78oWGIzXa5TVFL6nIFmL5B0OIzPxG7mRu_IfWIoNXejx5PDtFGfMJBQ5BfDoJ0TJl7Ft6F-8mhFdUbq0MpIlVPIFEt4HL5togMc6d2v7d5EelTgSKqxMZi1MEZTwTFqeV8oJrrqbRpDkrGoCfo8yIPi664NmcfEBQ-qJqvwGqtdGzU29UApB-8gfL-PO3QKU2DpghnhqmIxCUlrpsO4Fn2_Mexq6YxfbROeWNHxBnN-DTj0ACh_DSy-hw6O_eGQYkmoDPJ2b3p2lXbTN2EzEHCfBOdSEAf2mk42AdYmtVieZm28zRB91ac5K1v6K5SdWxiNQ9VulSO8em7HXy3gMQInq0sDt41JNUcyfV-vcNs2PCxlJddXlA8LY1Msp9eMgyN_TlHAx8TuT_lfJpG2pefXGYvnaZ6EAWemUSeDcSqdSFEBz8Tc6AU1KlA1_98eUWMPMA6OKBnF12qcY03XALbEQ1Guiz7mLZTwVEaGTYfcD13SotgqX6WivXovXVHSmtZNi4yGqqPmFghqN50NOH8qMyz89XFZrcyZelxuG2nNzHTA3Xld_e-38Bhh4Ne7C09LD-FbsRSrlJa_9pSZbJYorestARcIxQPpgD-tY4kXHAykrJuoi5Is0NOgmIkTXKZ_8A_cSuN6GvXDOriepTLcgtVEtbiOOF_bpTEpEwB341-y2rmdoOhguxWD0eJrPiM20qsbyDmF0vv4adG3z0Tyt2eSnIwBYEWbsY2z35T2LOdKP2vRAyui-RxoKcwN3Q_J4R4QheX1R9Y6eujzT22-eq8fjZ8TkRipBA3lm_LgWMd9axHqtIB5TUIO84zJFA9Q7VI-leiWzXBVNfU4VA6DDzXhHCyJ2uKmw9J3Me4l7Qaz7U1aUVxiuOsgBGQzYSLQ9itN67z5TdoUwm6XULted7jErdGj7IqIVH5d_h5wOf11AeeU8pB3TN-3xg0d7jEM1f-xVSGhXHXqYX1mNBDMWDsBYAnKBHCX9VMnidYPjErDZ2sis_QSPqIHk7pV398wlezuvMlgYsiRrEZKEkbh7OupRPGuwITIp0XLWiFyQE1e9MTe7KiWsRwkD6AHE0kFy3bDp9ezUNU9PzaqZT6JgpNhkmVpTvZTYL3PPIOFmemPPA9EXOlsQfXGBhxJpmycgyM5BsHj7FNk-FAaA1AcCUHTaUCNT6PbdsiHsirXGRGH6BLqe0wt58yOOqyB_P2dEOeNCLXjTSXWdF98APMVOG_xs3e9PLkXoA4VHMAIzjQ&sai=AMfl-YR6lcUhHVkm1ZSeOr0dOiT37_h68D30IKc-UjS2EPvrXts4H8ZLtmwMoOKhsTJKCCs7LldRBhhasqxw41981HNvjcsjETFV8p8ZKK__EiiXEBI1Ovj1U8VpAo0L-mmQNDbLoeRJTlbLzWNkblNEcdTA4HK3tA&sig=Cg0ArKJSzOVYxxDubW89EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=362&cbvp=1&cstd=360&cisv=r20211207.45113&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 13 Dec 2021 19:07:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

OPTIONS 16388516019461aee4118882a.m3u8
s.vdo.ai/uploads/videos/ Frame 0
0

GET 16388516019461aee4118882a.m3u8
s.vdo.ai/uploads/videos/ 0
0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C068 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCbLhb_ImqfmJvHM-vzpyY92A5yZqfzmqBtPfbrf2Cjk3KW491GhOruohrh3xB86TzF2wRswPI8dAGWtoDZoZeO1mF0urGBUFYc32gKxYVN9st57rYGw&sai=AMfl-YQ7JyKx_jSi2Pu_Zr7n0PqsQYN0jHnkSVdCkFHUvkv56qN3owUqw5Z5KGnxpy38oqPh0GWIbc9X09bX&sig=Cg0ArKJSzB6l76DgmuajEAE&id=lidar2&mcvt=1155&p=0,121,90,849&mtos=1155,1155,1155,1155,1155&tos=1155,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=770366950&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639422460808&rpt=1972&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/355119113619368022/ Frame 5740 12 KB
3 KB 10ms
9ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e839720e33c1841bde2bbf7566d6c800500057ef99e2fd380473500a14cc70e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 3447
date: Sat, 11 Dec 2021 15:24:29 GMT
expires: Sun, 11 Dec 2022 15:24:29 GMT
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 186195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame EEDC 0
24 B 50ms
49ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlnn2Q-25ntYrjbswqzwuwFem6t_oh13yvUqhDOQaHq3a8249OAx7db_MKpg_vMWY274uWnQn1AGio2xGY3_aRj9aExYtnPOoZgK7uAPfGobUUyzxAdB8hxgotUeG_8tyAxsTHqiZo6f5sxFEx3R_TThhD7x6bs7ANkWz3j3eOXRepQSxED1iXWUTp6NOLCGEfAVksrTr0oVi3pCiC-f9T_gW7aR2yABWUwcsDbraY03iuk_j2J4DwmoHENbkWirYvsrvdIEIo9YdR7wrZhLRdbcd4JsexFdd8HLKSEtwJLzLTk8cVncXgcXC2JbfU2LJ62gJobZYnbwYmyASF9LI0jrizfQPQgHj1lwuDkWj4at_eUYLN30QK1eklIr_rZkcNzo7ScVXaCylI_5_YG8Sc9ml_XXqrxB8tA6WlwJLUBfAbNi8-kZ3nMpqB3wnl-GhrBq6FEnCBxrA3sXFMWddUqpFbbWPfvtlyU6ka0ZFE_l7YLo47POsRtomy-RU9ZAf642P3nO_2zbMxdo_ygSGsdapX0tt3GM2k0MKuTRhmfIzyodjU_QYaOWKt97AEILFm5oQ5SETVGKr6YiPmNLaCaCwnNSBcKGYf_No-KAuALd7jOl2TpWeZdqsyvxy0Galhu84OnExRUmqnxVqXmhh8RXsYFTwSmkzO61u6alACvKVsqtvfF99zrzdtTBjqceh9zPlIM6A0p7b1UedDgf233G96Hw9XUY5JScnT-TyxkkFw-PWoriex6Ld_Ctz3NdxUIxrLQaD2pcetZWbHfPNb6Fe9YFmAnwNv-KjQqbcQdOh-ZOV1YEmNLtI9OOQGIC-LdWrtz1O59UXgPn4A83n2KLdNoL1CDPFjIuda6Q56C-POi624PRVC7bYrDB84D0LjesjHLGhczdFI8SGjptTffgj8qbuGDCPrSXqzK3Gv2nvE8SGIgQtSAj53EIbPmG5NobK-Ojat0Ld0G-0Q3aq7y5zL8hEaHa4sF1gZhKc4zXHe4IRDu-IVZEAnX_ltENDnT4cpZF-zNKb3E2lRTTMlA1mXaiM_kkqDP97CKLys3y3sGhjwQTJc5Cl0vxuoj4EgleiQmHDarX-Ag6nytpWni-mBDcHK-rFBLIJaPcFXofYfKEP-eelgMBhz1u4WjAhtqjvpxBOIxMsCifRi6oL3I1TdDn26WytgxPd9qTPpJAI94zjTjwdmQuSTSyDV5djcAH3v3FIt7j_fJMnA2wlEbH_3XK32owRfi5DlckvxyM-oabUWUX_ezH0KNQeXN7Ljr7PyPqQ&sai=AMfl-YT4sx8vjysJury3trFnbL3YR7oCNrfppXg5BGmylEcXZCBX7MLwyP4T7yE7sO0yPi2MNllL68kI2S_fl5RVeX8TVtEAw_GKEcoJl7khYeSfBoBu_l5lRodf3_qI0vFsKJSJKlCSGvBDf3wNsOJxJOCfrgKkFw&sig=Cg0ArKJSzFMi6h1JbM6kEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=396&cbvp=1&cstd=394&cisv=r20211207.18958&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 13 Dec 2021 19:07:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1729 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70166
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Dec 2022 23:38:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5E81 1 KB
749 B 7ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 13 Dec 2021 13:26:12 GMT
expires: Tue, 14 Dec 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 20492
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1729 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 911f534724b2932a0056892f85838e332698ff2e03688b63e32e087389c39491

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame EEDC 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70166
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Dec 2022 23:38:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C519 1 KB
749 B 7ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 13 Dec 2021 13:26:12 GMT
expires: Tue, 14 Dec 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 20492
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame EEDC 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ddc303d0552ce118da25b7863669380f62f1e07d01de80a2a6768f34177fb3f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 8b974684-1eda-4cbf-9df2-101a6b3bd5e4
https://www.sunnewsonline.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sunnewsonline.com/8b974684-1eda-4cbf-9df2-101a6b3bd5e4
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13578d1af4231b0fe1dce97d8c588932ffd2f70cd593575640a8315463bd2c37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 5417
Content-Type: application/javascript

GET
BLOB 200
OK 578a8e4c-63b5-4402-b9be-d7f5649053e2
https://www.sunnewsonline.com/ 75 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sunnewsonline.com/578a8e4c-63b5-4402-b9be-d7f5649053e2
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 77017
Content-Type: application/javascript

GET
BLOB 200
OK 770cbc44-1b2c-4add-bb2e-a1299b689707
https://www.sunnewsonline.com/ 75 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sunnewsonline.com/770cbc44-1b2c-4add-bb2e-a1299b689707
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 77017
Content-Type: application/javascript

GET
H3 200 bridge3.491.0_en.html
imasdk.googleapis.com/js/core/ Frame F67B 128 KB
0 8ms
8ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198240
date: Sat, 11 Dec 2021 21:08:33 GMT
expires: Sun, 11 Dec 2022 21:08:33 GMT
last-modified: Wed, 08 Dec 2021 17:44:52 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 165551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 94ms
93ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Dec 2021 19:07:44 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/355119113619368022/ Frame 7FA6 12 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e839720e33c1841bde2bbf7566d6c800500057ef99e2fd380473500a14cc70e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 3447
date: Sat, 11 Dec 2021 15:24:29 GMT
expires: Sun, 11 Dec 2022 15:24:29 GMT
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 186195
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A6EA 0
24 B 51ms
51ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQUIjlpo5cJKsW7hH3hBho4J3ZdU8CEfEnNGgH9C07U8NmSGSruJdZnGitoQrAzC50IMxoBkgbYv9sP-qyboyE__Y-L8r8LFYFnrxkHYHtSPtDVr5wESsR2Pd7LvnSAtldnvveCYvSoChaSCYz_zzGJN63MTZOFFnmZQ0fdkXdUoxufZdjqfeby-X3EaN42frvUBFME6EoNGxCvidUPY8pnk4pYybfwRv97I_E0mjGRDD6hZ8zMpwkiHwxs3-Q4tEnH1P311iNo-vM7GxHobqOgk_J7HeemhV13OLcLHbuSLT20qEh4kJKWgBCU4jKSDjtjEvW6F5LyEbbpVfFrpEqO9sf2ZR4b3RQLo3F27JyvcRV2Q6jgaB1VD77NQbsGgpxSMTFOdHv4wXK9BwLMwMAxUf9ricZeX6y4C4sMrbUS0GKe6pGaUPpOt4zZ68jwWr6FKZFHKOFPSixb8-N0LYGUpJgbd7eWld460FZnH3z7FNWnHZU6NfuqAdJM-xrsyfZtjG-vJGfCVYvrBmlTGEm064tFEEszwBth9uLzess3kxsxEq4W7xyxbQMiek7ilzgiVF2k3U1scoWuAOIWtdktZ1AVKXrad_BI_xO2P-AftP2A5bLrNyHRBOnU25-Z2ZsHQ45zLOWMXClrR9fpjyonHm6x5xObRlmveCRNPN5Fg9xdnWCZ5JxavdZmOSBdAnETB_frHhrqWMrCRLyAbd9qIGxo5snoGKP62Y3LHQR8taJ2ONSe2Bi1JBR1znCRXs2cLhohswA63LK35M3ZFBgxe32gtTaMHQJjbsZc-1rlin_F-7T5CSC7srfUWlghXmqNowsLOo4qxP2UNnjk3ErFiLgyON-VlY2_0bOAfY3Euviq0tTjv-19iC8jqY73dGR_DK5teCWG7sLyWSAcod7GpqEnJmZe477b_epjwVAnrSrVBjCtl-GHdSVHwTdNnR5GYrjwlzs6VgsP-_rlQCpx3kY26n7d_9v5VdyoLm-nAMnp5LsznnwGpzOgn7WZn90ymoNDz-dfwux_CQKD4_cejX8H_Y0wx7KLmRpYpORqFF6qoDHThnSORTMS6moCFVjjvxxMRnPWurfa4GV202nkc9hvvvmBB_3Lcg-WV7dTg-tjiel-Hy006bXiWSQkyqAdd6c2u8xcr1iMFTRh8Tk95klcPljcY5cC3I7MQeEryG3PJnHIkW1328I0evYR4MCkg7dHqFOLPRFIYiBacTSlykd6tiHzXaGVb1bTcQ-0aMhC5gYjDNubqm6zRWwgwmxW-FM2ZU&sai=AMfl-YSxArzhP2JQp_jE4A49SQIUQ8HpwxgZ9EXC3smo-CSlhsQVEypwSmdFClhFj4VvryQKmTV2EgFKdUlc4lOJuFMRSOiK3RPsVngIoq76CIX6duf4rWet4WeOQ3lPdfUIwHspv1_l4pVltfgNcA4MQ7bv8ACMeQ&sig=Cg0ArKJSzP4W0E9coTX9EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=452&cbvp=1&cstd=449&cisv=r20211207.66451&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 13 Dec 2021 19:07:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B388 2 KB
3 KB 14ms
13ms Script
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=92019734&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: a15fe7bae8c205fa538c69efcdd4294694658c603bfdf50c5a63fd32c313fa37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:42 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AA04 22 KB
8 KB 10ms
9ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sun, 12 Dec 2021 23:38:39 GMT
expires: Mon, 12 Dec 2022 23:38:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 70145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A6EA 41 KB
15 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 12 Dec 2021 23:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70166
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Dec 2022 23:38:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 39E5 1 KB
749 B 9ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 13 Dec 2021 13:26:12 GMT
expires: Tue, 14 Dec 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 20492
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A6EA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aff26e720dc8a963b63000515ebdb330a66bd0a552b503bcbb180c6df82c6430

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame A647 27 B
555 B 121ms
49ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C43459431986928572441021382728%2C%2C&us_privacy=&cb=1639422463635&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.sunnewsonline.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.sunnewsonline.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-13%2019:7:44&ranreq=0.6656249376974066&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C43459431986928572441021382728%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:44 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3D85 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sun, 12 Dec 2021 23:38:39 GMT
expires: Mon, 12 Dec 2022 23:38:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 70145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 img-bg.jpg
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame 70AE 9 KB
9 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/img-bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13c1ab8db979abe38ed33d2f1becb5d085f3281286097f5ccf7ef8ee287072ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 15:48:10 GMT
x-content-type-options: nosniff
age: 357574
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9355
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 15:48:10 GMT

GET
H3 200 img-motif-0.png
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame 70AE 6 KB
6 KB 10ms
9ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/img-motif-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6da9d256b7a0d5b69e9fddb56491463fecc0ae806c15a58f703cc00475c65c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 23:00:07 GMT
x-content-type-options: nosniff
age: 158857
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6216
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Dec 2022 23:00:07 GMT

GET
H3 200 img-motif-1.png
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame 70AE 15 KB
15 KB 16ms
13ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/img-motif-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

131fc94431963db2aafd9df8e135a76ff12eb7a9c1701196a48c7c08aa1145e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 15:48:10 GMT
x-content-type-options: nosniff
age: 357574
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15624
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 15:48:10 GMT

GET
H3 200 img-motif-2.png
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame 70AE 12 KB
12 KB 16ms
14ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/img-motif-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

257ee5eb94e65ae5ecc318ff256cf717b723e69844381ba1d217e56e385f5aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 15:48:10 GMT
x-content-type-options: nosniff
age: 357574
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12191
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 15:48:10 GMT

GET
H3 200 tf-0.png
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame 70AE 3 KB
3 KB 21ms
18ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/tf-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

800b5e93616451d2bf1d5d1c21c827d92af53762800cbe2fc774ede2a48ea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 15:48:10 GMT
x-content-type-options: nosniff
age: 357574
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2672
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 15:48:10 GMT

GET
H3 200 tf-1.png
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame 70AE 3 KB
3 KB 21ms
19ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/tf-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

480cc82812c36e795d6ad86fb4627351331396178e063c8ac711366c0cc40df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 15:48:10 GMT
x-content-type-options: nosniff
age: 357574
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3422
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 15:48:10 GMT

GET
H3 200 tf-2.png
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame 70AE 3 KB
3 KB 22ms
20ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/tf-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d5f33e4272e764851d54af7e81ed73a8898097a0ba054df3406571a9b739a96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 15:48:10 GMT
x-content-type-options: nosniff
age: 357574
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2708
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 15:48:10 GMT

GET
H3 200 img-stoerer-0.png
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame 70AE 4 KB
4 KB 22ms
19ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/img-stoerer-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe68999ebdc2cf1ca0dd4f1da397eaaf4a692da3901af417c83a4c34b3339dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 15:48:10 GMT
x-content-type-options: nosniff
age: 357574
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4061
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 15:48:10 GMT

GET
H3 200 img-logo.png
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame 70AE 4 KB
4 KB 21ms
19ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/img-logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81732ef8a3370a547b35a2c25cfa71e1bda0c8c2dfb27f0a57f43e78c72e4261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 15:48:10 GMT
x-content-type-options: nosniff
age: 357574
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3745
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 15:48:10 GMT

GET
H3 200 gfx_white.png
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame 70AE 2 KB
2 KB 21ms
20ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/gfx_white.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3ed4eeb6ff0371ee043785da9c48b790cd734172ffe02155621376ff9284cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 15:48:10 GMT
x-content-type-options: nosniff
age: 357574
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1928
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 15:48:10 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 70AE 113 KB
38 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 19:07:44 GMT

GET
H3 200 TKUT_v1.1.1.min.js Show response
s0.2mdn.net/sadbundle/12403946963978149558/assets/ Frame 70AE 2 KB
1 KB 15ms
13ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12403946963978149558/assets/TKUT_v1.1.1.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdb02d532d7bfd45b67a7b2cdec2f9022e4b53fcbc99e8dca2a4d8dbfafacd72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12403946963978149558/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 15:48:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357574
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 13:16:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 09 Dec 2022 15:48:10 GMT

GET omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D288 0
0

GET
H3 200 img-bg.jpg
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 5740 9 KB
9 KB 13ms
7ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/img-bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13c1ab8db979abe38ed33d2f1becb5d085f3281286097f5ccf7ef8ee287072ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 15:19:30 GMT
x-content-type-options: nosniff
age: 13694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9355
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 15:19:30 GMT

GET
H3 200 img-motif-0.png
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 5740 9 KB
9 KB 14ms
8ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/img-motif-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf6fbc51028fcf2ce45a24cb5c61a395578d29c94b824f91d557c0f9d0c98f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 15:19:30 GMT
x-content-type-options: nosniff
age: 13694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8977
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 15:19:30 GMT

GET
H3 200 img-motif-1.png
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 5740 10 KB
11 KB 15ms
12ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/img-motif-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

797734b81543fd3b4ac20d2293d1470e297cfce588ae67cc2113b501a2dc3d55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:14:28 GMT
x-content-type-options: nosniff
age: 420796
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Dec 2022 22:14:28 GMT

GET
H3 200 img-motif-2.png
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 5740 15 KB
15 KB 20ms
16ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/img-motif-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d6f9e14926444bdb66fb6812c46a00f47482a1f7d85ab97ff435d6cc38c69bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 15:19:30 GMT
x-content-type-options: nosniff
age: 13694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15824
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 15:19:30 GMT

GET
H3 200 tf-0.png
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 5740 8 KB
8 KB 20ms
17ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/tf-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f232b426b18f8f4806ae1586ad4582c9eb1d72dc015f1357e562193ada3b070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 15:19:30 GMT
x-content-type-options: nosniff
age: 13694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7910
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 15:19:30 GMT

GET
H3 200 tf-1.png
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 5740 10 KB
10 KB 20ms
17ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/tf-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

105830fb09c42dc3c68fe66c0e3103dfc3721d180525999bc5d01326dff2814e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 15:19:30 GMT
x-content-type-options: nosniff
age: 13694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10709
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 15:19:30 GMT

GET
H3 200 tf-2.png
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 5740 3 KB
3 KB 22ms
18ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/tf-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d5f33e4272e764851d54af7e81ed73a8898097a0ba054df3406571a9b739a96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 00:13:53 GMT
x-content-type-options: nosniff
age: 500031
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2708
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Dec 2022 00:13:53 GMT

GET
H3 200 img-stoerer-0.png
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 5740 4 KB
4 KB 22ms
19ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/img-stoerer-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe68999ebdc2cf1ca0dd4f1da397eaaf4a692da3901af417c83a4c34b3339dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 15:19:30 GMT
x-content-type-options: nosniff
age: 13694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4061
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 15:19:30 GMT

GET
H3 200 img-logo.png
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 5740 4 KB
4 KB 22ms
19ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/img-logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81732ef8a3370a547b35a2c25cfa71e1bda0c8c2dfb27f0a57f43e78c72e4261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 15:19:30 GMT
x-content-type-options: nosniff
age: 13694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3745
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 15:19:30 GMT

GET
H3 200 gfx_white.png
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 5740 2 KB
2 KB 24ms
20ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/gfx_white.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3ed4eeb6ff0371ee043785da9c48b790cd734172ffe02155621376ff9284cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:17:59 GMT
x-content-type-options: nosniff
age: 280185
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1928
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Dec 2022 13:17:59 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 5740 113 KB
38 KB 27ms
23ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 19:07:44 GMT

GET
H3 200 TKUT_v1.1.1.min.js Show response
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 5740 2 KB
1 KB 14ms
11ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/TKUT_v1.1.1.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdb02d532d7bfd45b67a7b2cdec2f9022e4b53fcbc99e8dca2a4d8dbfafacd72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 15:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 15:19:30 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1649 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sun, 12 Dec 2021 23:38:39 GMT
expires: Mon, 12 Dec 2022 23:38:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 70145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F121 22 KB
8 KB 10ms
8ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sun, 12 Dec 2021 23:38:39 GMT
expires: Mon, 12 Dec 2022 23:38:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 70145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E99B 0
23 B 51ms
50ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstbh4zurxntmNk9SjeFpockkdsgUonIzh8eWywwI7Rq0_2mmzf62ON92Wp-GQa0NZRUybKKSYaDax35B5ep_L2SPdna_Aw5kH-MNaIUkOBBHC3tISEVIAC_rDuQhqoFxShpSS8Sb7EN-3v0_RElYWdGB6sYVCsvASC4hr3fggd6_PVv4Rl7INBzDyVbXLz5wUfDbvU0DKgBAQrz-SF13ZUd3aE9jMlxhF16VF8uF2hu3eLdOt2BmC5CMIkRkNG1l7p_VElWPG84X1hSDlVZ05NF6XqAtU5-hNjgImWH_sQLFOFwrhssj-s2kKYhf001Lq3cmEUP0T9ATIg15Qap0wBNBTGX1SeJ4kJykRN0tGwd0rMnpUwouk2k5wvb8NrmiphmFEREPox5O_UY-LMUn9MEChcq912eBc0bv1WJEE41nvo_G8ONU_PLRRM69NNombs-u5fMW82iuBjXJ9zzZxjQmloy1qwo01JplcontgpUMkNaz-xO8ulxYTBVue1YzAdpLSCjqKpVilCiexgoyd7iJJpnDLdvOp5BVWGDHMuHOvP_x95sxfUvKUkXPYXXl8yiDucdA-JP1YMp-jwtbqojENjFoQqVjZmpdAisl4JXQEsQAoelacIlkSV9lcpQ_SKGT_5c750EPScXAIRquz-floQYnmd6ZMqofk0ZVzBVMf3tpYh3OXytBs9fJOQD8tY1hLfbB71fmdGNoAAFeX3DRLyZF_LtgklGgDai5hNZGZYOIC_KbTrWajdX_iLJAZvLV9dnyjTuow77013XNQb1diwdwp7gMQGQE6tAKlEsLAx7fqIe7b-Sogd178SOC6Ve0H-nAxWpem7fcuQShsoT8RmyxUeulGPWJXPH7te9OX7M_TECTfvgdOHyrOIKcVQb1w79Ck2g8e-wTu2RHixThyKifCM4cxk8GrHKmOkY5BupFzeUDQqejP5r3Tv0dZVIlmgH9JC3o70uYIjsPFMTmCZDxnEiMApx1fFCny9Odf7bMEmUYZY0SRlD2OjmtrheaK8sE6SKazxdbafajp0V-2Rvi4bbkLDJF8rDlcSy9-dpm4-Jhd0VFBiC2n5eLZ7KHWq9aNg8RSbxNK8WEfukkTDY5uHFxxKLYIaQrnbz9Yb4m3U0XLZnvVjY0TCssoxUqdCPpWmC7OsN82v5R4g52VAJw8Ak_8oT8R_M9hQXdJXYMayBAoXUa5oGlf4gh33qlJOmlc-CN2AhxYRIBRdwadGT9UXDc3Mt8S40ag7kGgbpU4nt4lZNOLsKQAFirAdpd2A3KcpWEQE&sai=AMfl-YSDgSzB7XeFkRyRyr8QXPHl5Vp5VRCgpf9K8Z-i-KwgMHhNlxf9Lmnn6mxBdEtkPSWjb7mGYg1wQ2Z5nHa0dfanqpkIDL4W8_jYPxAjdDmrRFcXKcQYm8NMQ83ZehcVzxXmKdifu-8FemJCIWyg15yPlA-96Q&sig=Cg0ArKJSzOgFgVs6ZiHCEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1324&vt=11&dtpt=911&dett=3&cstd=404&cisv=r20211207.35215&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 99ms
98ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Dec 2021 19:07:44 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D8AE 0
23 B 50ms
48ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhIuSiDmgWM73Uiko4abC47NYN8CEPg3Tf8Tfx2jKoHyZRba2s9Cua8-QeGhNq7i29Rx8RcZOqax7Pqkb1AyHt3pP3-BEiKnfYXdbVyjS0e5dRnKKSa8Wn0YP5zH7G1-TGkT99XPZA-sMnBbwKxgHUtadnZfp3fYEKmzHUby-nzO-dGo028AyGIT3CKrlxz83MFgZtwbX9B8OJtOKstU12dCIabRFl3WMrvsS04giu2D4Fy6LPJGDGh9gCzRS3wsZhh0jeknQV_9dD1wWuOK3yb0PWZFTgTHUsvxXTzinNxhVW5eh5kBxQ2X7x_3hmN0MiBnvVXYUf3MvDB7DFqgD1fwKz_Q5o6gsPwHy7T_gfBt9D42pRl9lZAtR_fyN6hYlmoZ60gNyYhsiCcmcN9YbRCj3MDt3BCN_Vv_A9XzCX9TZAm5UzHx0znen12rwGm-yfwFBjF4O0ONQXWoeRSesz7mV8Mv4VnWFZp1uL1twrQUiOmtsKacWUwiD4TxSMb0IpL6qzOWciLNrYex-x7BkdUy3tBJulBS52BQFEVjEU407dLarTgURTlIA_ciQ3DUBbgPBy3vRkhDz1TPZFs6dmiZ7WyOWqKHXFGuMjTWkg9aLdxQptOEVFKbLmWJ_Bf66VxL9XwiAomBB_V9FNKCq884MaXNr7rMq1yzpU5GuqMCs05BRw8BbQRPocOKP8jPpLFViMSPL43RysWLcCEEaHqTE-zUvv0WX_-X8MBvuj49K2H9fq0grUhRe0PYmPsNpS87TSUyTXR8cazZGJ38E0gTxbhYklTKw9YgzzHByIchm0S9TyF4holKQdCYuLQ_7UGE9jZ_nmmq-hwUBWrRz-18rRwbVSkJoABFxqH-hwMLIiccdp_AkB_WIxDhgA-ZdSVHmFQB4GIBcToF935Qbmagx_63p2EfD1afJeDduSXwgk2MAvHKHWFV39jyUJzECS9SqzvUiKZMnMIJ6zJgr5mY7BJ812pCGA3bK8XFR3za9ALJNJAT8s94LKF3xAQH4NONbzMfvLBo46oFPsjtZAcTpRKxI6Qa6oPM1gg9dRLGmBaON-mMyeLrwXKlTh5nm8AvJPDk3zDohPXLJtxX4gwvmnvEhq8cniNSJboqJUXTERB1bZobOzYrnDk8YsqFgUny9IZtxprN_SwEcSY7nRA28B9QLHJ9-0BJCHTZ_mCj_fMDKRU5mLz1XvpKl0zm-qYFhC_7DU5NNOnArRlF5eDo8R_5TbxghYszdGUEzWzjyM-BZsFIp0INYGCDt5OS-O&sai=AMfl-YSI7316CkFNjck7Bz4xC7N1nryUysBB6FCi3mpROAtYyLnpAn7tfnyup6qQaK9R6fYcSpqIm8r_RwhMhHSszqKWKcwZXb8ivm7Z_xus2uXyfc8aAwuLvTqU31VeECZ4ia5G-fBBPG3dl_End8ujKj1SMJbjuQ&sig=Cg0ArKJSzO_WeKSD3BvcEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1435&vt=11&dtpt=1008&dett=3&cstd=424&cisv=r20211207.45836&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 img-bg.jpg
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 7FA6 9 KB
9 KB 13ms
8ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/img-bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13c1ab8db979abe38ed33d2f1becb5d085f3281286097f5ccf7ef8ee287072ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 15:19:30 GMT
x-content-type-options: nosniff
age: 13694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9355
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 15:19:30 GMT

GET
H3 200 img-motif-0.png
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 7FA6 9 KB
9 KB 24ms
15ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/img-motif-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf6fbc51028fcf2ce45a24cb5c61a395578d29c94b824f91d557c0f9d0c98f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 15:19:30 GMT
x-content-type-options: nosniff
age: 13694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8977
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 15:19:30 GMT

GET
H3 200 img-motif-1.png
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 7FA6 10 KB
11 KB 18ms
14ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/img-motif-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

797734b81543fd3b4ac20d2293d1470e297cfce588ae67cc2113b501a2dc3d55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 22:14:28 GMT
x-content-type-options: nosniff
age: 420796
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Dec 2022 22:14:28 GMT

GET
H3 200 img-motif-2.png
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 7FA6 15 KB
15 KB 18ms
14ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/img-motif-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d6f9e14926444bdb66fb6812c46a00f47482a1f7d85ab97ff435d6cc38c69bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 15:19:30 GMT
x-content-type-options: nosniff
age: 13694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15824
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 15:19:30 GMT

GET
H3 200 tf-0.png
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 7FA6 8 KB
8 KB 19ms
15ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/tf-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f232b426b18f8f4806ae1586ad4582c9eb1d72dc015f1357e562193ada3b070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 15:19:30 GMT
x-content-type-options: nosniff
age: 13694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7910
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 15:19:30 GMT

GET
H3 200 tf-1.png
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 7FA6 10 KB
10 KB 22ms
19ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/tf-1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

105830fb09c42dc3c68fe66c0e3103dfc3721d180525999bc5d01326dff2814e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 15:19:30 GMT
x-content-type-options: nosniff
age: 13694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10709
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 15:19:30 GMT

GET
H3 200 tf-2.png
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 7FA6 3 KB
3 KB 23ms
19ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/tf-2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d5f33e4272e764851d54af7e81ed73a8898097a0ba054df3406571a9b739a96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 00:13:53 GMT
x-content-type-options: nosniff
age: 500031
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2708
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Dec 2022 00:13:53 GMT

GET
H3 200 img-stoerer-0.png
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 7FA6 4 KB
4 KB 23ms
19ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/img-stoerer-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe68999ebdc2cf1ca0dd4f1da397eaaf4a692da3901af417c83a4c34b3339dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 15:19:30 GMT
x-content-type-options: nosniff
age: 13694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4061
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 15:19:30 GMT

GET
H3 200 img-logo.png
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 7FA6 4 KB
4 KB 23ms
19ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/img-logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81732ef8a3370a547b35a2c25cfa71e1bda0c8c2dfb27f0a57f43e78c72e4261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 15:19:30 GMT
x-content-type-options: nosniff
age: 13694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3745
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 15:19:30 GMT

GET
H3 200 gfx_white.png
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 7FA6 2 KB
2 KB 23ms
19ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/gfx_white.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3ed4eeb6ff0371ee043785da9c48b790cd734172ffe02155621376ff9284cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:17:59 GMT
x-content-type-options: nosniff
age: 280185
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1928
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Dec 2022 13:17:59 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7FA6 113 KB
38 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 19:07:44 GMT

GET
H3 200 TKUT_v1.1.1.min.js Show response
s0.2mdn.net/sadbundle/355119113619368022/assets/ Frame 7FA6 2 KB
1 KB 18ms
14ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/355119113619368022/assets/TKUT_v1.1.1.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/355119113619368022/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdb02d532d7bfd45b67a7b2cdec2f9022e4b53fcbc99e8dca2a4d8dbfafacd72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/355119113619368022/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 15:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 14:53:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 15:19:30 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 4BF1
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=3ACD464A-A328-4DF4-8F1A-0DD8945657AC
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3ACD464A-A328-4DF4-8F1A-0DD8945657AC

0
0

22ms
21ms

Document
image/gif

37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3ACD464A-A328-4DF4-8F1A-0DD8945657AC

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:44 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Mon, 13 Dec 2021 19:07:44 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3ACD464A-A328-4DF4-8F1A-0DD8945657AC
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 82BC
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1790455566403472678

0
0

91ms
29ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1790455566403472678
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:43 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug015:0:567
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1790455566403472678
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 7C16 43 B
0 59ms
15ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Mon, 13 Dec 2021 19:07:43 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 13 Dec 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 263785

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 03E2
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7041265867236767896

0
0

86ms
25ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7041265867236767896
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:44 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug019:0:466
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Mon, 13 Dec 2021 19:07:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7041265867236767896

GET

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B388
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Os1GSqMoTfSPGg3YlFZXrA%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

0
0

GET

SPug
image4.pubmatic.com/AdServer/ Frame B388
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b8be61b7-99fe-4d00-bc17-b53262889e6e

0
0

GET /
pixel.onaudience.com/ Frame B388 0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame B388
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0FDRDQ2NEEtQTMyOC00REY0LThGMUEtMEREODk0NTY1N0FD&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame B388
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKfK0JqYzDbpCRDDiFVvPTo&google_cver=1

0
0

GET
H2 200 pubmatic
um.simpli.fi/ Frame B388 43 B
618 B 97ms
34ms Image
image/gif 169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:44 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 12 Dec 2021 19:07:44 GMT

GET

Pug
simage2.pubmatic.com/AdServer/ Frame B388
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b8be61b7-99fe-4d00-bc17-b53262889e6e&gdpr=0&gdpr_consent=

0
0

GET

generic
match.adsrvr.org/track/cmb/ Frame B388
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=

0
0

GET

match
c1.adform.net/serving/cookie/ Frame B388
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...

0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame B388
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3474378168057276366&gdpr=0&gdpr_consent=

0
0

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 108ms
101ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Dec 2021 19:07:44 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
10ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=10&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=m3u8_fail&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1814743625

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75980
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
10ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=11&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=replay&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1457710069

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75980
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A5BF 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sun, 12 Dec 2021 23:38:39 GMT
expires: Mon, 12 Dec 2022 23:38:39 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 70145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B08
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEC9V4nskUI8zY5BPE1rRpE0&google_cver=1&google_push=AYg5qPIKv_7BcxVez1Qj_X3PA4PB1ZIbflmFHWVx3e6D-HkmTzkapsQSYXSbxK3VTETYNnypiA2HjpSfZqb-Z93s...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=uL5ht5n-TQC8F7UyYoiebg&google_push=AYg5qPIKv_7BcxVez1Qj_X3PA4PB1ZIbflmFHWVx3e6D-HkmTzkapsQSYXSbxK3VTETYNnypiA2HjpSfZqb-Z93s35nOxC5w...

170 B
188 B

22ms
20ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=uL5ht5n-TQC8F7UyYoiebg&google_push=AYg5qPIKv_7BcxVez1Qj_X3PA4PB1ZIbflmFHWVx3e6D-HkmTzkapsQSYXSbxK3VTETYNnypiA2HjpSfZqb-Z93s35nOxC5wJp32

Requested by

Host: 9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com
URL: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 13 Dec 2021 19:07:44 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x25 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=uL5ht5n-TQC8F7UyYoiebg&google_push=AYg5qPIKv_7BcxVez1Qj_X3PA4PB1ZIbflmFHWVx3e6D-HkmTzkapsQSYXSbxK3VTETYNnypiA2HjpSfZqb-Z93s35nOxC5wJp32
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 13 Dec 2021 19:07:43 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B08
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFDcw4PCXoUf2mlY0BH7l6w&google_cver=1&google_push=AYg5qPLCTPcMog-iOIUhNkfeAFeEBpDkyz3lq8HTQOArGH36YmeI-QkMBTXViKZ3TkCqLNstwjiPCOUq_so...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLCTPcMog-iOIUhNkfeAFeEBpDkyz3lq8HTQOArGH36YmeI-QkMBTXViKZ3TkCqLNstwjiPCOUq_soskRqevRL02BxTKWcj&google_hm=HYwLUGeIRAOJqBDIOJspk7Q

170 B
188 B

22ms
21ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLCTPcMog-iOIUhNkfeAFeEBpDkyz3lq8HTQOArGH36YmeI-QkMBTXViKZ3TkCqLNstwjiPCOUq_soskRqevRL02BxTKWcj&google_hm=HYwLUGeIRAOJqBDIOJspk7Q

Requested by

Host: 9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com
URL: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLCTPcMog-iOIUhNkfeAFeEBpDkyz3lq8HTQOArGH36YmeI-QkMBTXViKZ3TkCqLNstwjiPCOUq_soskRqevRL02BxTKWcj&google_hm=HYwLUGeIRAOJqBDIOJspk7Q
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 2B08 0
141 B 70ms
13ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEK2-OPCDmvkBoOi9_aQdsok&google_cver=1&google_push=AYg5qPKAsVN-UDJromTrBvdMMA9IddWFSG5TkWtU75qVLX2jd1pocpKf3JjF040IZCuNr2tog58DV8F_q0bsyBwzI43SWrefbixr
Requested by: Host: 9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com
URL: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:44 GMT
via: 1.1 google
alt-svc: clear

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B08
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEF4Y8O9TCCs0oX2zWnZjzqU&google_cver=1&google_push=AYg5qPKnZfuFmb8KLAeDbs4rLEHxAyP96k_zuOKZAIaDGqGotmfRPxTjvjSD8...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEF4Y8O9TCCs0oX2zWnZjzqU&google_cver=1&google_push=AYg5qPKnZfuFmb8KLAeDbs4rLEHxAyP96k_zuOKZAIaDGqGotmfRPxTjvjSD8...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=OSh68-_37nvO2HNbsNEw9Q&google_push=AYg5qPKnZfuFmb8KLAeDbs4rLEHxAyP96k_zuOKZAIaDGqGotmfRPxTjvjSD8EPnTloN2COMBLVI1IZGO...

170 B
188 B

19ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=OSh68-_37nvO2HNbsNEw9Q&google_push=AYg5qPKnZfuFmb8KLAeDbs4rLEHxAyP96k_zuOKZAIaDGqGotmfRPxTjvjSD8EPnTloN2COMBLVI1IZGOCrnGS2ov_eNsErRpElM

Requested by

Host: 9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com
URL: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 13 Dec 2021 19:07:44 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=OSh68-_37nvO2HNbsNEw9Q&google_push=AYg5qPKnZfuFmb8KLAeDbs4rLEHxAyP96k_zuOKZAIaDGqGotmfRPxTjvjSD8EPnTloN2COMBLVI1IZGOCrnGS2ov_eNsErRpElM
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 238

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B08
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEC7tyGqamZDB6zT4FNRO3r4&google_cver=1&google_push=AYg5qPI10WNmMCTt9kNT_4-AQLKODNSX1qWsZuKVoh67ZjcPLKW8qPPimb6HG9DW0b2VxMms4fzFVaGGNSUIn9CWmRAm0d-...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPI10WNmMCTt9kNT_4-AQLKODNSX1qWsZuKVoh67ZjcPLKW8qPPimb6HG9DW0b2VxMms4fzFVaGGNSUIn9CWmRAm0d-nGR5w

170 B
188 B

21ms
20ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPI10WNmMCTt9kNT_4-AQLKODNSX1qWsZuKVoh67ZjcPLKW8qPPimb6HG9DW0b2VxMms4fzFVaGGNSUIn9CWmRAm0d-nGR5w

Requested by

Host: 9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com
URL: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPI10WNmMCTt9kNT_4-AQLKODNSX1qWsZuKVoh67ZjcPLKW8qPPimb6HG9DW0b2VxMms4fzFVaGGNSUIn9CWmRAm0d-nGR5w
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B08
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFcl2I0QqJ_T6XTK9VhSgJs&google_cver=1&google_push=AYg5qPJ36gERgLqza85NEDLK2HlJXEoXHw6gNQNWUNQH51grFYB8DCc6yyFUdmZSmtBio04y_UUJYZty...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM3OTczNDYwMzE5MTc0NDI5NQ&google_push=AYg5qPJ36gERgLqza85NEDLK2HlJXEoXHw6gNQNWUNQH51grFYB8DCc6yyFUdmZSmtBio04y_UUJYZ...

170 B
188 B

22ms
20ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM3OTczNDYwMzE5MTc0NDI5NQ&google_push=AYg5qPJ36gERgLqza85NEDLK2HlJXEoXHw6gNQNWUNQH51grFYB8DCc6yyFUdmZSmtBio04y_UUJYZtyFksSY9wnKtOLm-6_oEk

Requested by

Host: 9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com
URL: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM3OTczNDYwMzE5MTc0NDI5NQ&google_push=AYg5qPJ36gERgLqza85NEDLK2HlJXEoXHw6gNQNWUNQH51grFYB8DCc6yyFUdmZSmtBio04y_UUJYZtyFksSY9wnKtOLm-6_oEk
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B08
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
https://sync.targeting.unrulymedia.com/csync/RX-1f9ab7a2-77b3-4762-8294-e8b0be90fe4c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPJWoYv2lJYJnsp9FQk80...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJWoYv2lJYJnsp9FQk80lNr7kwF_diasxlB2JRw_KMyTyF-L8AT9WcpmmxonNilOlBqjRIvqW237jlObAcg9P9kJEnSMWA&google_hm=Ax-at6J3s0digpTosL6Q_kw

170 B
188 B

19ms
19ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJWoYv2lJYJnsp9FQk80lNr7kwF_diasxlB2JRw_KMyTyF-L8AT9WcpmmxonNilOlBqjRIvqW237jlObAcg9P9kJEnSMWA&google_hm=Ax-at6J3s0digpTosL6Q_kw

Requested by

Host: 9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com
URL: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJWoYv2lJYJnsp9FQk80lNr7kwF_diasxlB2JRw_KMyTyF-L8AT9WcpmmxonNilOlBqjRIvqW237jlObAcg9P9kJEnSMWA&google_hm=Ax-at6J3s0digpTosL6Q_kw
date: Mon, 13 Dec 2021 19:07:44 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX1f9ab7a277b347628294e8b0be90fe4c003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2B08 0
12 B 27ms
24ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JibgqSKsor7FQ3tbEzQXxAjC7nafluuSzmqXIGIGPiDpmayrqVitclkS_c_1P9K7rZD_mU

Requested by

Host: 9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com
URL: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 343B 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 75B6 337 KB
114 KB 119ms
17ms Script
application/x-javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6250724039ed93b9a935e138a4bfb656f576e84950c56e719168f4b8a8cc731b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 19:07:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1639422464.dop012.ml1.t,1639422464.cds001.ml1.shn,1639422464.cds001.ml1.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 116217

GET track
aktrack.pubmatic.com/ Frame A647 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DAEA
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKSe3CxDYWfm6NyUPTZmaqk&google_cver=1&google_push=AYg5qPJHr75ipDYb71D2WKO2e17S2jUVr063QHJpu3mjHVsTpsTz-rfuWe...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJHr75ipDYb71D2WKO2e17S2jUVr063QHJpu3mjHVsTpsTz-rfuWeXtyI5lQ4W-5ReZHCIADWxqwGS8wFMDpZY0d08QmrM&google_hm=6ZD2KFU...

170 B
188 B

25ms
25ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJHr75ipDYb71D2WKO2e17S2jUVr063QHJpu3mjHVsTpsTz-rfuWeXtyI5lQ4W-5ReZHCIADWxqwGS8wFMDpZY0d08QmrM&google_hm=6ZD2KFUZ0bgd9FC6Jd-DBw

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJHr75ipDYb71D2WKO2e17S2jUVr063QHJpu3mjHVsTpsTz-rfuWeXtyI5lQ4W-5ReZHCIADWxqwGS8wFMDpZY0d08QmrM&google_hm=6ZD2KFUZ0bgd9FC6Jd-DBw
pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DAEA
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLL-E6K_sSkCSAMJqZmVJSCsuZ2_0XO6ispxbD...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWJlYUFBQUFBVnJ0ZmxrVA&google_push=AYg5qPLL-E6K_sSkCSAMJqZmVJSCsuZ2_0XO6ispxbDE3h2AokI72iVEoiTHcaGOsG9xMPisd46R2P04MPOlJ8g8rXSmcygpE9zf

170 B
188 B

26ms
25ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWJlYUFBQUFBVnJ0ZmxrVA&google_push=AYg5qPLL-E6K_sSkCSAMJqZmVJSCsuZ2_0XO6ispxbDE3h2AokI72iVEoiTHcaGOsG9xMPisd46R2P04MPOlJ8g8rXSmcygpE9zf

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWJlYUFBQUFBVnJ0ZmxrVA&google_push=AYg5qPLL-E6K_sSkCSAMJqZmVJSCsuZ2_0XO6ispxbDE3h2AokI72iVEoiTHcaGOsG9xMPisd46R2P04MPOlJ8g8rXSmcygpE9zf
Date: Mon, 13 Dec 2021 19:07:44 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3 200 dds
rtb.openx.net/sync/ Frame DAEA 43 B
64 B 36ms
23ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEP6nH6h2jK2fzuU1krw0m2Q&google_cver=1&google_push=AYg5qPI2PBCrNucG-vfXVSy2CdiV9y256-f92ti5rZxFSjYGBCh28PfoIKEaIvsFKLa7Z6MJMKpmoYctZhtd0yEzjqiWaAfa1xGh
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=90&slotname=5247484779&adk=3007378855&adf=1881412065&pi=t.ma~as.5247484779&w=728&lmt=1639422160&psa=0&format=728x90&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460894&bpp=2&bdt=732&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=3643&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=2&fsb=1&xpc=P37kt1qyDA&p=https%3A//www.sunnewsonline.com&dtd=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: m8khkq1uq0uu1bua5mba66tl1limtjpg

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DAEA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Os1GSqMoTfSPGg3YlFZXrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

19ms
19ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Os1GSqMoTfSPGg3YlFZXrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI8lo6pjZuzIumz6eDKA2xpy1ShoIz3L2R5auyupUUL-2m4yJa9OND6xhkPLiQQOsxif7FwQB-Iqx_KFP6ZZQBM9ueopYJj

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Os1GSqMoTfSPGg3YlFZXrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI8lo6pjZuzIumz6eDKA2xpy1ShoIz3L2R5auyupUUL-2m4yJa9OND6xhkPLiQQOsxif7FwQB-Iqx_KFP6ZZQBM9ueopYJj
date: Mon, 13 Dec 2021 19:07:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DAEA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOup3tButHbE_x7jMTO3Pjc&google_cver=1&google_push=AYg5qPLgNBCHSQ13xj0dlLcUyZMgFP0_P-C7LRjcZ8rSXdEzOgtzg6w-0F4se8daMRZXGBrVMHd...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQxUlktVi1FSkFY&google_push=AYg5qPLgNBCHSQ13xj0dlLcUyZMgFP0_P-C7LRjcZ8rSXdEzOgtzg6w-0F4se8daMRZXGBrVMHd5R2RvllkQ2fySozPlP4mgcab4

170 B
188 B

21ms
21ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQxUlktVi1FSkFY&google_push=AYg5qPLgNBCHSQ13xj0dlLcUyZMgFP0_P-C7LRjcZ8rSXdEzOgtzg6w-0F4se8daMRZXGBrVMHd5R2RvllkQ2fySozPlP4mgcab4

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQxUlktVi1FSkFY&google_push=AYg5qPLgNBCHSQ13xj0dlLcUyZMgFP0_P-C7LRjcZ8rSXdEzOgtzg6w-0F4se8daMRZXGBrVMHd5R2RvllkQ2fySozPlP4mgcab4
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 750589468d5634b7e99830971becaf64
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame DAEA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DAEA
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEMgIDRnXPGnqFMdqOuaDRwo&google_cver=1&google_push=AYg5qPIIU6Qh4iC5Tjn9Zqls...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIIU6Qh4iC5Tjn9ZqlsvrYTVWHtgAqxuwe91z-J1u26smF5bhTP--eLG3yb795wTvIcbnQnv2C4KZCbrOiWbeP8hOP5jr03&google_hm=

170 B
188 B

19ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIIU6Qh4iC5Tjn9ZqlsvrYTVWHtgAqxuwe91z-J1u26smF5bhTP--eLG3yb795wTvIcbnQnv2C4KZCbrOiWbeP8hOP5jr03&google_hm=

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIIU6Qh4iC5Tjn9ZqlsvrYTVWHtgAqxuwe91z-J1u26smF5bhTP--eLG3yb795wTvIcbnQnv2C4KZCbrOiWbeP8hOP5jr03&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 12 Dec 2021 19:07:44 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame DAEA 0
12 B 18ms
15ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ISr4r_5Wk9fe0Xa-B9g3w8mMHm01afJd7HAFYlGzIAHAnoV559ioVq0t31dHjUbMJLVGprpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

OPTIONS 16388516019461aee4118882a.m3u8
s.vdo.ai/uploads/videos/ Frame 0
0

GET 16388516019461aee4118882a.m3u8
s.vdo.ai/uploads/videos/ 0
0

POST
H2 200 t Show response
t.lkqd.net/ Frame ADFE 0
168 B 109ms
107ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:44 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
92ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:44 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 90C3 6 KB
4 KB 29ms
28ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59fe446ae8decae4bc5369528d893745b4d195c1d96daccc8f69db2f8e5a15d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4529
x-xss-protection: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
120 B 214ms
149ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:43 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
980 B 14ms
14ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

90ac3d0f08ccea495221504d16abd0048248dc4dbfbeeb54a14a4f8ed209a766

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:44 GMT
X-Proxy-Origin: 185.232.23.180; 185.232.23.180; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: adca3234-6ad1-4f98-bc1d-7ce9f1bb1d64
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
980 B 29ms
28ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

57fc45c17ac9839b316b57474077eec23bf08c280f4160d259d51d3e05ce5c04

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:44 GMT
X-Proxy-Origin: 185.232.23.180; 185.232.23.180; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f8a9d11b-bf34-4e7d-b058-3e879eae6e94
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C0D2 42 B
64 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMm7lvpbdOFB-6chS0sz0oIqGcA1bLrmcAsg-q2twWpK5Ap0nn7ax-7N2YBhX-vVpLo2TO0q-ZwPrupUq2mvOMM6PkOx44iunZHRST0de8trCnXbh25Z6OxS0R1uhHDl7uWuEVYfatiyWb&sai=AMfl-YTFQ7qbzUHXUN5joFOQS0dQX2kBFdyL4DHrDHDOZOfNfXH8lZJ3QCZ51akw3RhypdgCqt6jbtR0-kI_5p65C5i8ck_XVuOqmiU&sig=Cg0ArKJSzOSQjpAx8psjEAE&cid=CAASF-RoK7IfzhSK6NEZmg3kqcKFxqJjxDwR&id=lidar2&mcvt=1088&p=0,0,280,660&mtos=1088,1088,1088,1088,1088&tos=1088,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2033062148&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639422460859&rpt=2829&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 9775cb1e-6aa6-41aa-9345-58a43291f714
https://www.sunnewsonline.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sunnewsonline.com/9775cb1e-6aa6-41aa-9345-58a43291f714
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13578d1af4231b0fe1dce97d8c588932ffd2f70cd593575640a8315463bd2c37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 5417
Content-Type: application/javascript

GET
BLOB 200
OK 57272156-614c-499e-b938-500d62a1de9d
https://www.sunnewsonline.com/ 75 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sunnewsonline.com/57272156-614c-499e-b938-500d62a1de9d
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 77017
Content-Type: application/javascript

GET
BLOB 200
OK ed0c5c20-4d61-4198-b7d6-e1ec45138741
https://www.sunnewsonline.com/ 75 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.sunnewsonline.com/ed0c5c20-4d61-4198-b7d6-e1ec45138741
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 77017
Content-Type: application/javascript

GET
H3 200 bridge3.491.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D171 596 KB
194 KB 11ms
10ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198240
date: Sat, 11 Dec 2021 21:08:33 GMT
expires: Sun, 11 Dec 2022 21:08:33 GMT
last-modified: Wed, 08 Dec 2021 17:44:52 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 165551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 98ms
95ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Dec 2021 19:07:44 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5E81
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFb5izSimeyWDuKFGqFcEG8&google_cver=1&google_push=AYg5qPIJGBttyiKrTSNoBk3a-UbPHVNuigPM2lA27epY4OIhMteQ3CP6TO...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIJGBttyiKrTSNoBk3a-UbPHVNuigPM2lA27epY4OIhMteQ3CP6TOfeLcjISnWWZchqXFzuDeZBwv9ZaQZR5hGPDE1BOTc&google_hm=6ZD2KFU...

170 B
188 B

27ms
26ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIJGBttyiKrTSNoBk3a-UbPHVNuigPM2lA27epY4OIhMteQ3CP6TOfeLcjISnWWZchqXFzuDeZBwv9ZaQZR5hGPDE1BOTc&google_hm=6ZD2KFUZ0bgd9FC6Jd-DBw

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPIJGBttyiKrTSNoBk3a-UbPHVNuigPM2lA27epY4OIhMteQ3CP6TOfeLcjISnWWZchqXFzuDeZBwv9ZaQZR5hGPDE1BOTc&google_hm=6ZD2KFUZ0bgd9FC6Jd-DBw
pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5E81
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESED3sSr0D4fxCFZlPmOtv3Gs&google_cver=1&google_push=AYg5qPJ3dHpsnN_3x_YvPML6tcC7z0fj9hTIGRGEx1Q8DWGTuF3twKv-2AgrrDGN8MiG890RNdjGt-fvnfPm7f1bqwgigp1OJg
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ3dHpsnN_3x_YvPML6tcC7z0fj9hTIGRGEx1Q8DWGTuF3twKv-2AgrrDGN8MiG890RNdjGt-fvnfPm7f1bqwgigp1OJg&google_hm=Q0FFU0VEM3NTcjBENGZ4Q0Z...

170 B
188 B

26ms
25ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ3dHpsnN_3x_YvPML6tcC7z0fj9hTIGRGEx1Q8DWGTuF3twKv-2AgrrDGN8MiG890RNdjGt-fvnfPm7f1bqwgigp1OJg&google_hm=Q0FFU0VEM3NTcjBENGZ4Q0ZabFBtT3R2M0dz

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:44 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJ3dHpsnN_3x_YvPML6tcC7z0fj9hTIGRGEx1Q8DWGTuF3twKv-2AgrrDGN8MiG890RNdjGt-fvnfPm7f1bqwgigp1OJg&google_hm=Q0FFU0VEM3NTcjBENGZ4Q0ZabFBtT3R2M0dz
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 5E81 43 B
64 B 19ms
18ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDqbf3nrr97WMv9tzEjZkuM&google_cver=1&google_push=AYg5qPKPDPxd-hxXjiaUoxmIcVAz9SbH8MpXsqoQ56ZUhrrbJ7LYtuQf7hJ5s_WHd7SVWGlr3_MzlvQdLysGX5OdB1gPjF8RmTk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=2252910165&adk=2627293903&adf=3013028438&pi=t.ma~as.2252910165&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460717&bpp=1&bdt=555&idt=303&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D395cd4a97f3f9c50-22cf25c406cd0005%3AT%3D1639422460%3ART%3D1639422460%3AS%3DALNI_MZPEqm6qy4YQqZtpUlrr9mWUp64vA&prev_fmts=0x0%2C315x250%2C315x250%2C970x90%2C660x280%2C728x90%2C660x280&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=342&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=8xZzxVGw8u&p=https%3A//www.sunnewsonline.com&dtd=309
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ib5a9rc3qgomf53epvsetorsqs7i6kce

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5E81
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Os1GSqMoTfSPGg3YlFZXrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

19ms
19ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Os1GSqMoTfSPGg3YlFZXrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJmbt5byLy7uzB7cZfAVvzxt8vsKK-XccPfjZ9ZPX3ysvq0uVCNdjZlV2OMvpX3284tSWYsHBu9fXDYQWFZPNB1NHuS4Q

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Os1GSqMoTfSPGg3YlFZXrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJmbt5byLy7uzB7cZfAVvzxt8vsKK-XccPfjZ9ZPX3ysvq0uVCNdjZlV2OMvpX3284tSWYsHBu9fXDYQWFZPNB1NHuS4Q
date: Mon, 13 Dec 2021 19:07:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5E81
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKsKYiW5BjxgDgBJPnONhC4&google_cver=1&google_push=AYg5qPKgAnSOOs4nf-UyDagno99WpmrzHYRqPeiTf2VvEIlK8UJykmDwxVERwxMrNEkpbXY-TyL...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQxV0MtTS1CQUpT&google_push=AYg5qPKgAnSOOs4nf-UyDagno99WpmrzHYRqPeiTf2VvEIlK8UJykmDwxVERwxMrNEkpbXY-TyLY-_6iRSu7XamlqwLIwDmT8w

170 B
188 B

25ms
22ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQxV0MtTS1CQUpT&google_push=AYg5qPKgAnSOOs4nf-UyDagno99WpmrzHYRqPeiTf2VvEIlK8UJykmDwxVERwxMrNEkpbXY-TyLY-_6iRSu7XamlqwLIwDmT8w

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQxV0MtTS1CQUpT&google_push=AYg5qPKgAnSOOs4nf-UyDagno99WpmrzHYRqPeiTf2VvEIlK8UJykmDwxVERwxMrNEkpbXY-TyLY-_6iRSu7XamlqwLIwDmT8w
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: dbbc2dbf689859fb5870b364473d5441
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 5E81
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5E81
Redirect Chain

https://ag.innovid.com/trk?tid=11711&google_gid=CAESELFIz3J6wua080i-1rWk-q0&google_cver=1&google_push=AYg5qPLf7-TNWvnWyvri0Cxkp5p8TYiDIRwuIMJpQYeZzmlQejIJ5YcWsZdUGAOTRMqRosm3t8f8QMBrsfQbV06a09rXIr4...
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLf7-TNWvnWyvri0Cxkp5p8TYiDIRwuIMJpQYeZzmlQejIJ5YcWsZdUGAOTRMqRosm3t8f8QMBrsfQbV06a09rXIr4Brq4&google_hm=DC2kzjrVS6C91L-nQ...

170 B
188 B

18ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLf7-TNWvnWyvri0Cxkp5p8TYiDIRwuIMJpQYeZzmlQejIJ5YcWsZdUGAOTRMqRosm3t8f8QMBrsfQbV06a09rXIr4Brq4&google_hm=DC2kzjrVS6C91L-nQ1BA1w

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLf7-TNWvnWyvri0Cxkp5p8TYiDIRwuIMJpQYeZzmlQejIJ5YcWsZdUGAOTRMqRosm3t8f8QMBrsfQbV06a09rXIr4Brq4&google_hm=DC2kzjrVS6C91L-nQ1BA1w
pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
cache-control: no-cache
content-length: 0
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5E81 0
12 B 15ms
14ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LlMRa0O9dw56QvrYFwgm5g5Lkqdhu4npxkzlDzrUhd7UpNVkiKuoHktnewin80k71Im2Uh

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C519
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIo_n0O9o87sM0NB9qNtxjWsx7ouUCyw4tIMVu...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWJlYUFBQUFBYkpwTTNqcQ&google_push=AYg5qPIo_n0O9o87sM0NB9qNtxjWsx7ouUCyw4tIMVuxq5JA-_7Dqg1ykh1DwssrXLNb8XNZInwyVETg2MUcBiTENL1wbwpbjdHr

170 B
188 B

27ms
27ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWJlYUFBQUFBYkpwTTNqcQ&google_push=AYg5qPIo_n0O9o87sM0NB9qNtxjWsx7ouUCyw4tIMVuxq5JA-_7Dqg1ykh1DwssrXLNb8XNZInwyVETg2MUcBiTENL1wbwpbjdHr

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWJlYUFBQUFBYkpwTTNqcQ&google_push=AYg5qPIo_n0O9o87sM0NB9qNtxjWsx7ouUCyw4tIMVuxq5JA-_7Dqg1ykh1DwssrXLNb8XNZInwyVETg2MUcBiTENL1wbwpbjdHr
Date: Mon, 13 Dec 2021 19:07:44 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C519
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESED3sSr0D4fxCFZlPmOtv3Gs&google_cver=1&google_push=AYg5qPL5qMKijwUxd-iJIryVfSpI-vdIjD2Tkh9agUUwWne0814BghOixGJ0XzbDz1LVQ_YXlaMJqSqil3bjJwfznPxqs6R_04Jx
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL5qMKijwUxd-iJIryVfSpI-vdIjD2Tkh9agUUwWne0814BghOixGJ0XzbDz1LVQ_YXlaMJqSqil3bjJwfznPxqs6R_04Jx&google_hm=Q0FFU0VEM3NTcjBENGZ4Q...

170 B
188 B

24ms
23ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL5qMKijwUxd-iJIryVfSpI-vdIjD2Tkh9agUUwWne0814BghOixGJ0XzbDz1LVQ_YXlaMJqSqil3bjJwfznPxqs6R_04Jx&google_hm=Q0FFU0VEM3NTcjBENGZ4Q0ZabFBtT3R2M0dz

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:44 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL5qMKijwUxd-iJIryVfSpI-vdIjD2Tkh9agUUwWne0814BghOixGJ0XzbDz1LVQ_YXlaMJqSqil3bjJwfznPxqs6R_04Jx&google_hm=Q0FFU0VEM3NTcjBENGZ4Q0ZabFBtT3R2M0dz
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame C519 43 B
64 B 19ms
19ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDqbf3nrr97WMv9tzEjZkuM&google_cver=1&google_push=AYg5qPLZ4LY5aCjwitdR4vcTDXjPDpCnLIgFExHF62NCVjBS0o7j4AOokZhgN7tTQZg-5Gc52kbzp9ypt7hEfpBVzxPAjXsdMOXP
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=7228661401&adk=2972760969&adf=1413519997&pi=t.ma~as.7228661401&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460775&bpp=2&bdt=613&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3311153261771&frm=20&pv=2&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=1192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=X4T5mPPx2j&p=https%3A//www.sunnewsonline.com&dtd=7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: i1a5i6m3ten94udpt068tgmm4f7d3fqj

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C519
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Os1GSqMoTfSPGg3YlFZXrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Os1GSqMoTfSPGg3YlFZXrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIUvE7sdocI8jN3Bo8c8-TypYGZi7EeQ_J-y3DZL06NqBVrE06hEOEksqZDp1WwXymfIp0FbcuS3tURqfO5Sui0gU4kotU

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Os1GSqMoTfSPGg3YlFZXrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIUvE7sdocI8jN3Bo8c8-TypYGZi7EeQ_J-y3DZL06NqBVrE06hEOEksqZDp1WwXymfIp0FbcuS3tURqfO5Sui0gU4kotU
date: Mon, 13 Dec 2021 19:07:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C519
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKsKYiW5BjxgDgBJPnONhC4&google_cver=1&google_push=AYg5qPKE_7PHwLB9wJVlO5ORI8qdCbWFozqZzRQLmeQAlRFkXKkSiPCpTAPL0cZUDCilEek7n9H...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQxWFotMVctOUJUTQ==&google_push=AYg5qPKE_7PHwLB9wJVlO5ORI8qdCbWFozqZzRQLmeQAlRFkXKkSiPCpTAPL0cZUDCilEek7n9Hij0M_COzvUMyMn2PQylB18Po0

170 B
188 B

19ms
19ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQxWFotMVctOUJUTQ==&google_push=AYg5qPKE_7PHwLB9wJVlO5ORI8qdCbWFozqZzRQLmeQAlRFkXKkSiPCpTAPL0cZUDCilEek7n9Hij0M_COzvUMyMn2PQylB18Po0

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQxWFotMVctOUJUTQ==&google_push=AYg5qPKE_7PHwLB9wJVlO5ORI8qdCbWFozqZzRQLmeQAlRFkXKkSiPCpTAPL0cZUDCilEek7n9Hij0M_COzvUMyMn2PQylB18Po0
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 750589468d5634b7e99830971becaf64
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame C519
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C519
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEL3jFqfHNAgMs7ij_iDyeGc&google_cver=1&google_push=AYg5qPKj2rrZCV71d9_PoRB_...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKj2rrZCV71d9_PoRB_ANNNYitAliWQbpeo7vLYzb2d9Lb7-qId7nQWWRg9utF3cimE9Lk5syy_D9pLN7znYK0kWoh0hnFXWw&google_hm=

170 B
188 B

26ms
25ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKj2rrZCV71d9_PoRB_ANNNYitAliWQbpeo7vLYzb2d9Lb7-qId7nQWWRg9utF3cimE9Lk5syy_D9pLN7znYK0kWoh0hnFXWw&google_hm=

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKj2rrZCV71d9_PoRB_ANNNYitAliWQbpeo7vLYzb2d9Lb7-qId7nQWWRg9utF3cimE9Lk5syy_D9pLN7znYK0kWoh0hnFXWw&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 12 Dec 2021 19:07:44 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C519 0
12 B 17ms
16ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kkg6Q5neefgqIBSPaZxPPUw9uPsxuhPmgTflARFElHP9toHMPDzVl8gYgcUjxKsYZQTTuZlw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 90C3 17 KB
6 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Mon, 13 Dec 2021 19:07:44 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 39E5
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFb5izSimeyWDuKFGqFcEG8&google_cver=1&google_push=AYg5qPLt69ct8nBAh5-LyqoSydS_BdTOZY1-MDgPc5SpLJBmaaw1UzbZkx...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLt69ct8nBAh5-LyqoSydS_BdTOZY1-MDgPc5SpLJBmaaw1UzbZkxBGryyhtu0iLEWjtc30zlEUdkFrYxZV-Nwj4Un27LI&google_hm=6ZD2KFU...

170 B
188 B

22ms
19ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLt69ct8nBAh5-LyqoSydS_BdTOZY1-MDgPc5SpLJBmaaw1UzbZkxBGryyhtu0iLEWjtc30zlEUdkFrYxZV-Nwj4Un27LI&google_hm=6ZD2KFUZ0bgd9FC6Jd-DBw

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLt69ct8nBAh5-LyqoSydS_BdTOZY1-MDgPc5SpLJBmaaw1UzbZkxBGryyhtu0iLEWjtc30zlEUdkFrYxZV-Nwj4Un27LI&google_hm=6ZD2KFUZ0bgd9FC6Jd-DBw
pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 39E5
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJYOVQ2n8LCslnoz6GYE5lmF3paGYXwvqnnfba...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWJlYUFBQUFCVzhEd3o5dw&google_push=AYg5qPJYOVQ2n8LCslnoz6GYE5lmF3paGYXwvqnnfba-67nIey9E70cmHaRyu7vIGoHmYpps6ugDinTtbNmUt4iA-E2QPNCAU9o

170 B
188 B

19ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWJlYUFBQUFCVzhEd3o5dw&google_push=AYg5qPJYOVQ2n8LCslnoz6GYE5lmF3paGYXwvqnnfba-67nIey9E70cmHaRyu7vIGoHmYpps6ugDinTtbNmUt4iA-E2QPNCAU9o

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWJlYUFBQUFCVzhEd3o5dw&google_push=AYg5qPJYOVQ2n8LCslnoz6GYE5lmF3paGYXwvqnnfba-67nIey9E70cmHaRyu7vIGoHmYpps6ugDinTtbNmUt4iA-E2QPNCAU9o
Date: Mon, 13 Dec 2021 19:07:44 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 39E5
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESED3sSr0D4fxCFZlPmOtv3Gs&google_cver=1&google_push=AYg5qPLOvm2edo2zqql30K-iivDxX2kPqxsJD00J-zgeV3Ok2LfN_tDpyJGVhayRTy2K9uJ694lnuGY7e9Yqrf5u_hI2tiaiE1ZA
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLOvm2edo2zqql30K-iivDxX2kPqxsJD00J-zgeV3Ok2LfN_tDpyJGVhayRTy2K9uJ694lnuGY7e9Yqrf5u_hI2tiaiE1ZA&google_hm=Q0FFU0VEM3NTcjBENGZ4Q...

170 B
188 B

22ms
21ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLOvm2edo2zqql30K-iivDxX2kPqxsJD00J-zgeV3Ok2LfN_tDpyJGVhayRTy2K9uJ694lnuGY7e9Yqrf5u_hI2tiaiE1ZA&google_hm=Q0FFU0VEM3NTcjBENGZ4Q0ZabFBtT3R2M0dz

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:44 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLOvm2edo2zqql30K-iivDxX2kPqxsJD00J-zgeV3Ok2LfN_tDpyJGVhayRTy2K9uJ694lnuGY7e9Yqrf5u_hI2tiaiE1ZA&google_hm=Q0FFU0VEM3NTcjBENGZ4Q0ZabFBtT3R2M0dz
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 39E5 43 B
64 B 18ms
17ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDqbf3nrr97WMv9tzEjZkuM&google_cver=1&google_push=AYg5qPJd5wY1jZFtNUNq66pFxKXM6rEx8uyxOx3aAA45hxmSgQJe33ORgGwv4j-KmrpdaP_-TUCb26k0byJJtSgKqP5VP8t2ymxT
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4454686729706359&output=html&h=250&slotname=8187176395&adk=1961058974&adf=4137666700&pi=t.ma~as.8187176395&w=315&fwrn=4&fwrnh=100&lmt=1639422160&rafmt=1&psa=0&format=315x250&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639422460787&bpp=1&bdt=624&idt=1&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C315x250&nras=1&correlator=3311153261771&frm=20&pv=1&ga_vid=654118136.1639422461&ga_sid=1639422461&ga_hid=1219105699&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1160&ady=1539&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31063825%2C31063858&oid=2&pvsid=1963256682944755&pem=336&tmod=201&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=1&fsb=1&xpc=K9rwXAImFL&p=https%3A//www.sunnewsonline.com&dtd=13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 9cpsekbd73694gg0l839pdvtd55qgahv

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 39E5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKsKYiW5BjxgDgBJPnONhC4&google_cver=1&google_push=AYg5qPIhVuFGP8B42GbMeoLxLyr4WlWeTi_hYqB8c2rgrdWWsm3FjCylwVjxeprcEJD2RIxsE-5...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQyMlotMTktVEVR&google_push=AYg5qPIhVuFGP8B42GbMeoLxLyr4WlWeTi_hYqB8c2rgrdWWsm3FjCylwVjxeprcEJD2RIxsE-5XBorio99oqdSX4ADf3y3GMYpL

170 B
188 B

32ms
31ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQyMlotMTktVEVR&google_push=AYg5qPIhVuFGP8B42GbMeoLxLyr4WlWeTi_hYqB8c2rgrdWWsm3FjCylwVjxeprcEJD2RIxsE-5XBorio99oqdSX4ADf3y3GMYpL

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1g1MVQyMlotMTktVEVR&google_push=AYg5qPIhVuFGP8B42GbMeoLxLyr4WlWeTi_hYqB8c2rgrdWWsm3FjCylwVjxeprcEJD2RIxsE-5XBorio99oqdSX4ADf3y3GMYpL
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: dbbc2dbf689859fb5870b364473d5441
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 39E5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 39E5
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEL3jFqfHNAgMs7ij_iDyeGc&google_cver=1&google_push=AYg5qPLApnqOqwRLuyqMcc1C...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLApnqOqwRLuyqMcc1CDLy4joBpcuSXwCLc7QJGyDunCrMd6jI-Cq1AhfzN6IdwC60C2G9AgHIHGx-Ufp1JA2WBd7Lf2FR-cw&google_hm=

170 B
188 B

19ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLApnqOqwRLuyqMcc1CDLy4joBpcuSXwCLc7QJGyDunCrMd6jI-Cq1AhfzN6IdwC60C2G9AgHIHGx-Ufp1JA2WBd7Lf2FR-cw&google_hm=

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:44 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLApnqOqwRLuyqMcc1CDLy4joBpcuSXwCLc7QJGyDunCrMd6jI-Cq1AhfzN6IdwC60C2G9AgHIHGx-Ufp1JA2WBd7Lf2FR-cw&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 12 Dec 2021 19:07:44 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 39E5 0
12 B 16ms
15ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lzck7bW1XH6h4hFiaGmBddd54yaEO-6U11lUe2T8S_m26DPbvSUuJvdsbvTb4zhHuMBHmTeg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1729 0
23 B 43ms
42ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstliKyUNmRIM1d1Sd5QkqAZUkTF78oWGIzXa5TVFL6nIFmL5B0OIzPxG7mRu_IfWIoNXejx5PDtFGfMJBQ5BfDoJ0TJl7Ft6F-8mhFdUbq0MpIlVPIFEt4HL5togMc6d2v7d5EelTgSKqxMZi1MEZTwTFqeV8oJrrqbRpDkrGoCfo8yIPi664NmcfEBQ-qJqvwGqtdGzU29UApB-8gfL-PO3QKU2DpghnhqmIxCUlrpsO4Fn2_Mexq6YxfbROeWNHxBnN-DTj0ACh_DSy-hw6O_eGQYkmoDPJ2b3p2lXbTN2EzEHCfBOdSEAf2mk42AdYmtVieZm28zRB91ac5K1v6K5SdWxiNQ9VulSO8em7HXy3gMQInq0sDt41JNUcyfV-vcNs2PCxlJddXlA8LY1Msp9eMgyN_TlHAx8TuT_lfJpG2pefXGYvnaZ6EAWemUSeDcSqdSFEBz8Tc6AU1KlA1_98eUWMPMA6OKBnF12qcY03XALbEQ1Guiz7mLZTwVEaGTYfcD13SotgqX6WivXovXVHSmtZNi4yGqqPmFghqN50NOH8qMyz89XFZrcyZelxuG2nNzHTA3Xld_e-38Bhh4Ne7C09LD-FbsRSrlJa_9pSZbJYorestARcIxQPpgD-tY4kXHAykrJuoi5Is0NOgmIkTXKZ_8A_cSuN6GvXDOriepTLcgtVEtbiOOF_bpTEpEwB341-y2rmdoOhguxWD0eJrPiM20qsbyDmF0vv4adG3z0Tyt2eSnIwBYEWbsY2z35T2LOdKP2vRAyui-RxoKcwN3Q_J4R4QheX1R9Y6eujzT22-eq8fjZ8TkRipBA3lm_LgWMd9axHqtIB5TUIO84zJFA9Q7VI-leiWzXBVNfU4VA6DDzXhHCyJ2uKmw9J3Me4l7Qaz7U1aUVxiuOsgBGQzYSLQ9itN67z5TdoUwm6XULted7jErdGj7IqIVH5d_h5wOf11AeeU8pB3TN-3xg0d7jEM1f-xVSGhXHXqYX1mNBDMWDsBYAnKBHCX9VMnidYPjErDZ2sis_QSPqIHk7pV398wlezuvMlgYsiRrEZKEkbh7OupRPGuwITIp0XLWiFyQE1e9MTe7KiWsRwkD6AHE0kFy3bDp9ezUNU9PzaqZT6JgpNhkmVpTvZTYL3PPIOFmemPPA9EXOlsQfXGBhxJpmycgyM5BsHj7FNk-FAaA1AcCUHTaUCNT6PbdsiHsirXGRGH6BLqe0wt58yOOqyB_P2dEOeNCLXjTSXWdF98APMVOG_xs3e9PLkXoA4VHMAIzjQ&sai=AMfl-YR6lcUhHVkm1ZSeOr0dOiT37_h68D30IKc-UjS2EPvrXts4H8ZLtmwMoOKhsTJKCCs7LldRBhhasqxw41981HNvjcsjETFV8p8ZKK__EiiXEBI1Ovj1U8VpAo0L-mmQNDbLoeRJTlbLzWNkblNEcdTA4HK3tA&sig=Cg0ArKJSzOVYxxDubW89EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1378&vt=11&dtpt=1016&dett=3&cstd=360&cisv=r20211207.45113&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame EEDC 0
23 B 44ms
43ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlnn2Q-25ntYrjbswqzwuwFem6t_oh13yvUqhDOQaHq3a8249OAx7db_MKpg_vMWY274uWnQn1AGio2xGY3_aRj9aExYtnPOoZgK7uAPfGobUUyzxAdB8hxgotUeG_8tyAxsTHqiZo6f5sxFEx3R_TThhD7x6bs7ANkWz3j3eOXRepQSxED1iXWUTp6NOLCGEfAVksrTr0oVi3pCiC-f9T_gW7aR2yABWUwcsDbraY03iuk_j2J4DwmoHENbkWirYvsrvdIEIo9YdR7wrZhLRdbcd4JsexFdd8HLKSEtwJLzLTk8cVncXgcXC2JbfU2LJ62gJobZYnbwYmyASF9LI0jrizfQPQgHj1lwuDkWj4at_eUYLN30QK1eklIr_rZkcNzo7ScVXaCylI_5_YG8Sc9ml_XXqrxB8tA6WlwJLUBfAbNi8-kZ3nMpqB3wnl-GhrBq6FEnCBxrA3sXFMWddUqpFbbWPfvtlyU6ka0ZFE_l7YLo47POsRtomy-RU9ZAf642P3nO_2zbMxdo_ygSGsdapX0tt3GM2k0MKuTRhmfIzyodjU_QYaOWKt97AEILFm5oQ5SETVGKr6YiPmNLaCaCwnNSBcKGYf_No-KAuALd7jOl2TpWeZdqsyvxy0Galhu84OnExRUmqnxVqXmhh8RXsYFTwSmkzO61u6alACvKVsqtvfF99zrzdtTBjqceh9zPlIM6A0p7b1UedDgf233G96Hw9XUY5JScnT-TyxkkFw-PWoriex6Ld_Ctz3NdxUIxrLQaD2pcetZWbHfPNb6Fe9YFmAnwNv-KjQqbcQdOh-ZOV1YEmNLtI9OOQGIC-LdWrtz1O59UXgPn4A83n2KLdNoL1CDPFjIuda6Q56C-POi624PRVC7bYrDB84D0LjesjHLGhczdFI8SGjptTffgj8qbuGDCPrSXqzK3Gv2nvE8SGIgQtSAj53EIbPmG5NobK-Ojat0Ld0G-0Q3aq7y5zL8hEaHa4sF1gZhKc4zXHe4IRDu-IVZEAnX_ltENDnT4cpZF-zNKb3E2lRTTMlA1mXaiM_kkqDP97CKLys3y3sGhjwQTJc5Cl0vxuoj4EgleiQmHDarX-Ag6nytpWni-mBDcHK-rFBLIJaPcFXofYfKEP-eelgMBhz1u4WjAhtqjvpxBOIxMsCifRi6oL3I1TdDn26WytgxPd9qTPpJAI94zjTjwdmQuSTSyDV5djcAH3v3FIt7j_fJMnA2wlEbH_3XK32owRfi5DlckvxyM-oabUWUX_ezH0KNQeXN7Ljr7PyPqQ&sai=AMfl-YT4sx8vjysJury3trFnbL3YR7oCNrfppXg5BGmylEcXZCBX7MLwyP4T7yE7sO0yPi2MNllL68kI2S_fl5RVeX8TVtEAw_GKEcoJl7khYeSfBoBu_l5lRodf3_qI0vFsKJSJKlCSGvBDf3wNsOJxJOCfrgKkFw&sig=Cg0ArKJSzFMi6h1JbM6kEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1371&vt=11&dtpt=975&dett=3&cstd=394&cisv=r20211207.18958&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0334 37 KB
13 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 18:48:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 13 Dec 2021 19:48:50 GMT

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame AA04 35 KB
13 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 17:23:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 17:23:57 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A6EA 0
23 B 46ms
45ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQUIjlpo5cJKsW7hH3hBho4J3ZdU8CEfEnNGgH9C07U8NmSGSruJdZnGitoQrAzC50IMxoBkgbYv9sP-qyboyE__Y-L8r8LFYFnrxkHYHtSPtDVr5wESsR2Pd7LvnSAtldnvveCYvSoChaSCYz_zzGJN63MTZOFFnmZQ0fdkXdUoxufZdjqfeby-X3EaN42frvUBFME6EoNGxCvidUPY8pnk4pYybfwRv97I_E0mjGRDD6hZ8zMpwkiHwxs3-Q4tEnH1P311iNo-vM7GxHobqOgk_J7HeemhV13OLcLHbuSLT20qEh4kJKWgBCU4jKSDjtjEvW6F5LyEbbpVfFrpEqO9sf2ZR4b3RQLo3F27JyvcRV2Q6jgaB1VD77NQbsGgpxSMTFOdHv4wXK9BwLMwMAxUf9ricZeX6y4C4sMrbUS0GKe6pGaUPpOt4zZ68jwWr6FKZFHKOFPSixb8-N0LYGUpJgbd7eWld460FZnH3z7FNWnHZU6NfuqAdJM-xrsyfZtjG-vJGfCVYvrBmlTGEm064tFEEszwBth9uLzess3kxsxEq4W7xyxbQMiek7ilzgiVF2k3U1scoWuAOIWtdktZ1AVKXrad_BI_xO2P-AftP2A5bLrNyHRBOnU25-Z2ZsHQ45zLOWMXClrR9fpjyonHm6x5xObRlmveCRNPN5Fg9xdnWCZ5JxavdZmOSBdAnETB_frHhrqWMrCRLyAbd9qIGxo5snoGKP62Y3LHQR8taJ2ONSe2Bi1JBR1znCRXs2cLhohswA63LK35M3ZFBgxe32gtTaMHQJjbsZc-1rlin_F-7T5CSC7srfUWlghXmqNowsLOo4qxP2UNnjk3ErFiLgyON-VlY2_0bOAfY3Euviq0tTjv-19iC8jqY73dGR_DK5teCWG7sLyWSAcod7GpqEnJmZe477b_epjwVAnrSrVBjCtl-GHdSVHwTdNnR5GYrjwlzs6VgsP-_rlQCpx3kY26n7d_9v5VdyoLm-nAMnp5LsznnwGpzOgn7WZn90ymoNDz-dfwux_CQKD4_cejX8H_Y0wx7KLmRpYpORqFF6qoDHThnSORTMS6moCFVjjvxxMRnPWurfa4GV202nkc9hvvvmBB_3Lcg-WV7dTg-tjiel-Hy006bXiWSQkyqAdd6c2u8xcr1iMFTRh8Tk95klcPljcY5cC3I7MQeEryG3PJnHIkW1328I0evYR4MCkg7dHqFOLPRFIYiBacTSlykd6tiHzXaGVb1bTcQ-0aMhC5gYjDNubqm6zRWwgwmxW-FM2ZU&sai=AMfl-YSxArzhP2JQp_jE4A49SQIUQ8HpwxgZ9EXC3smo-CSlhsQVEypwSmdFClhFj4VvryQKmTV2EgFKdUlc4lOJuFMRSOiK3RPsVngIoq76CIX6duf4rWet4WeOQ3lPdfUIwHspv1_l4pVltfgNcA4MQ7bv8ACMeQ&sig=Cg0ArKJSzP4W0E9coTX9EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1290&vt=11&dtpt=838&dett=3&cstd=449&cisv=r20211207.66451&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D85 35 KB
13 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 17:23:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 17:23:57 GMT

GET
H3 200 CodeProLCW05-Regular.woff
s0.2mdn.net/creatives/assets/2560291/ Frame 90C3 52 KB
52 KB 12ms
12ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2560291/CodeProLCW05-Regular.woff

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65ec5e0481c4ceacde8c5e8fab9d5305fc68496b8c75d7d58fb0e91feaf7f598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14129977134126465024/728x090.html?e=69&leftOffset=0&topOffset=0&c=gVkYHoJ33e&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:15 GMT
x-content-type-options: nosniff
age: 30
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52901
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 12:12:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 19:22:15 GMT

GET
H3 200 CodeProBoldLCW05-Regular.woff
s0.2mdn.net/creatives/assets/2560291/ Frame 90C3 48 KB
48 KB 13ms
13ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2560291/CodeProBoldLCW05-Regular.woff

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92426eb5437b357b9046670556ba89baa8384edcc8734f56b813745bdb9e1cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/14129977134126465024/728x090.html?e=69&leftOffset=0&topOffset=0&c=gVkYHoJ33e&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 18:58:56 GMT
x-content-type-options: nosniff
age: 529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49198
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 12:11:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Dec 2021 19:13:56 GMT

GET
H3 200 60005582_20211005061312251_ASSET_3GB_Hut.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 90C3 8 KB
8 KB 11ms
10ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211005061312251_ASSET_3GB_Hut.png

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2465d58adda3a12113dd1062513e388c06fcc9bd9f74eab1d2d45de250b4994c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14129977134126465024/728x090.html?e=69&leftOffset=0&topOffset=0&c=gVkYHoJ33e&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 13:21:27 GMT
x-content-type-options: nosniff
age: 20778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8049
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 13:13:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 14 Dec 2021 13:21:27 GMT

GET
H/1.1 200
OK postview.gif
portal.blau.de/nws/img/ Frame 90C3 43 B
616 B 34ms
9ms Image
image/gif 82.113.101.236
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_DSP_TRA_HAV_34114_PV&mediacode=25093339_4307561_290584500_154735167_PO1003A&ref=25093339_4307561_290584500_154735167_PO1003A
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.236 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.blau.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 19:07:45 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 95ms
95ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js?v=v2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Dec 2021 19:07:45 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 75B6 25 KB
25 KB 76ms
17ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1639422465050
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 19:07:45 GMT
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1639422465.dop009.ml1.t,1639422465.cds019.ml1.shn,1639422465.cds019.ml1.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET

stv
match.prod.bidr.io/cookie-sync/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=dd3ef9182a146ca43335a3409c61b&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buse...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=pc029_7041265871502952442
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGaqlGB3hwfuNPDWGdeMhrc&google_cver=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=ec54adb6-4271-4109-b238-fbfa812e8263
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=3474378168057276366
https://pr-bh.ybp.yahoo.com/sync/stickyads/dd3ef9182a146ca43335a3409c61b?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-go.435RE2oM0GlU32GIXyqeyclweV3fkopLFi649~A
https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=b8be61b7-99fe-4d00-bc17-b53262889e6e&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=CIJXfyNx1MWQFQ5&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=6379734603191744295
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YbeaAgAL0Bn6mABG
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=

0
0

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 75B6 301 B
859 B 33ms
33ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fwww.sunnewsonline.com%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:45 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1639422464980086-400
Expires: Mon, 13 Dec 2021 19:07:45 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 75B6 67 B
723 B 149ms
149ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&schain=1.0%2C1!vidoomy.com%2C62285%2C1%2C9751530654345943198692857244%2C%2C&vav=c0dff24dd1641702ee6009f0c1e5d0e9&vaviv=1bc2d63bd16ff49dee6874e5a73d1854&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.1.6&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.sunnewsonline.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:45 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639422465046043-333
Expires: Mon, 13 Dec 2021 19:07:45 GMT

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 2552 35 KB
13 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 17:23:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 17:23:57 GMT

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 1649 35 KB
13 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 17:23:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 17:23:57 GMT

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame F121 35 KB
13 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 17:23:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 17:23:57 GMT

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame A5BF 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 17:23:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6228
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 17:23:57 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=12&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=m3u8_fail&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=262890330

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75981
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=

170 B
188 B

25ms
23ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:45 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1639422465135096-379
Expires: Mon, 13 Dec 2021 19:07:45 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

337ms
105ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

HTTP/1.1

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:45 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: DG7CB9RHP1NMZ4KK1A1M
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:45 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1639422465187049-364
Expires: Mon, 13 Dec 2021 19:07:45 GMT

GET
H2 200 vpaid_25214542.js Show response
vpaid.springserve.com/production/ Frame 2CA5 495 KB
87 KB 299ms
27ms Script
application/javascript 2600:9000:21c7:2400:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:2400:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:31:49 GMT
content-encoding: br
last-modified: Fri, 19 Nov 2021 18:30:16 GMT
server: AmazonS3
age: 2075757
etag: W/"185feb14359001049d144410afbeaaa4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: 8ifGn3DkoumTvrPPW1lEdGXOvb9ZV2ii_5ZG-FK9Lxr-wOo_zNCZrw==

GET
H3 200 addRequest.php Show response
secureads.increaserev.com/InvalidAds/ 0
616 B 90ms
89ms XHR
text/html 2606:4700:20::681a:17e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secureads.increaserev.com/InvalidAds/addRequest.php?ip=2001:ac8:20:8f:137::1&domain=sunnewsonline.com&os=Windows%2010&adstype={%22_970x250%22:1,%22_728x90%22:1,%22_300x250%22:1}

Requested by

Host: increaserev.com
URL: https://increaserev.com/ads/dfpres/mcm.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:17e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 868616846
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtEu6t6tVYAXuYmWnvoYe3ZY4JS%2FFwx1xNyomg29%2F0vNhj9dXmOl8Ujybwjy4EEo1vM0aKHOsbGIsxGxrp9NkNCS07FUiW9epzYAKrFAuZ7K37%2B7VHYo8jsNxVdbt8rWQHrOVhqEqIblUDk%2BOuu7WAuCi348n98%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-security-policy: upgrade-insecure-requests;
cf-ray: 6bd17a291f6b59a7-MXP

POST
H2 200 t Show response
t.lkqd.net/ Frame ADFE 0
168 B 105ms
105ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:45 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1729 42 B
64 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssC_ZqchNOcSa1EHgqyYRz_R8HaFtwf245uKkWTaWwUfQ1GwjEZJHjJzTKJnowoZGyWOXo4AYE09fmzXDttE7haOF6CPks6kDy12nTzEgN35a6iD-HFg&sai=AMfl-YTxJsHo4DBGj3ON2RdtfAVQt_vmmLZSbWUE8A2I0LtVQx35hu5kY3uAxzYm75OHVt1hs1Tgz7ELdR4jSMT8xOXJ-3I7fNBu5kJ6LpfIgh3rMo1BW7RUqB_09lk&sig=Cg0ArKJSzNOzELzLK6kNEAE&cid=CAASEuRofj37fP9XE1F09KZhTMg97Q&id=lidar2&mcvt=1062&p=0,0,250,300&mtos=1062,1062,1062,1062,1062&tos=1062,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2627293903&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639422463347&rpt=1102&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 91ms
91ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:45 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 2CA5 965 B
853 B 38ms
38ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422462248,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f3b1121ed267c69383048c07e4a815797bf07803fb63e2cf2643846f5217beb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:45 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 591
expires: Mon, 13 Dec 2021 19:07:45 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 2CA5 0
222 B 9ms
9ms XHR
application/json 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-205-242.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2CA5 160 B
1002 B 26ms
26ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

133c84b8050c781bcb8cebe90fa01d2c630fd1c61343930d829dbc1782db67a1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:45 GMT
X-Proxy-Origin: 185.232.23.180; 185.232.23.180; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 780c24d2-44fd-4f3e-9600-b8332276b4d6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame B5B8 152 KB
36 KB 39ms
39ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422462248,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:45 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D85 0
21 B 44ms
43ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9EPU_pm3Ya7tHbnW7_UPrOmg-AwAAAAAOAHgBAI&bg=!SkmlSQ3NAAZKWFskSlg7ACkAdvg8Wo7wGngtP6qPGA4HVhHBr9vCDtTlsT4n_8tLDNXS8OSPUK1FgAIAAAIsUgAAAERoAQcKAFPiWU6DT4GolxMFFIc1D5sH4YchbplEb7YUdj3ltTmViWseUVTcEAHDAnVylIUXg7pD23kLFgZHKWLQrUfAKB1tPxzR-clCIkgA5X2kG1M5mhO57pkC0jnAW67qB2HYmfRk2GyHDUXq-YK7_qnzLjy1pwjLusHFrUwxmkL6rz3KaskDPud5a0kAYOOwmligZN5LcdCDIa8V7eYBNtZC7Mo65pUfvMnbw__mCuv-S0xjaG9tjJ4hpVIVqPLzC99XxkTbTo7qetkCT2pKS6dI24lqUPxyev-2O-_mISwBaTQP5e2t0AGRnY0mfkYa-0te7k4PhMa4X_CqWnPT37EcXLUH6gnQNEK7EgUaJq3AMYLi_1ioWWADa6-unhMWKsfJGQVnLa3OvM3Kpd7jGMjUmtbLxWRlTT0soLF03gct91S-N-hwtdzB8VtTPFpa95AE3dinplPgHpnWVLvROSH4KXjxbn1vt3UloqI4AsgrrTTGfvszGjYVKRP34-OoFAo9tAMuue-_uVJnv98v2lm5AQASHIFOa7mT5BixI3IG3e71TmhquTc9qnsjy37gFaY159VKazHrKhwp7Ag0mdgrS-0yzr9xPsBgy-cySQRwfSpvfig7zFhX7F0HPM39y4QRly_pIQU8AwdUz-b6rq5V1M3kF67EJ8JCF1gT4EGdBGawRpzLGynSb7-Rk4dpvZwO78Vg8XSIynv-RJsjcx9f5q-1zyht7_ORUMFxJ9gZ6HtpvQXyGfaNgLK4A46jkpJHCOgevw1M8JothNIy1jyomGXe2oobHkCf2n9ysrRgaQNxA7XldeRhQHu6SoDyUg-A7qrZ3rUUGMu5iPYyvKWJBCqHrPbsFWaQQHZnT39R0_qEm-RaLxqY6DnzGtUy0Fxm5wrN-k9x9BxpRXSitXEYr89KYmqVCZcZ3lM7PApfkzglASasTOcgkGG5TPi5POVMZzU9DohLrNOzsYl6mo4XU3Dg9fnWCTJwhOY-RzYjm716-VmvEsXj0mddLYSQh8PZbDOqphtyhnWjJgG1qaenxxmrxQv16_2WINdHOz4hSfY9ZR1AIDHPg1ZQ

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

gunmen3-600x375.jpg
www.sunnewsonline.com/wp-content/uploads/2021/07/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/07/gunmen3-600x375.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/07/gunmen3-600x375.jpg

56 KB
56 KB

18ms
18ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/07/gunmen3-600x375.jpg
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7926760a16e663bcc86fde09ece1a895916dc2708d264c8e92dfdd8b9548cbb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25748
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56976
pragma: public
referrer-policy
last-modified: Sat, 31 Jul 2021 13:32:43 GMT
server: cloudflare
etag: "de90-5c86b5eec4ff5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6xmOpDBO2yk%2B7VvPYJ01th%2FCFUdjbLcJYUAX1MnHDhhrceSFNJAV%2FGUTq6Mrnax6QSJQD1lzq4u13CTZnevuyxMfNMKGZhVz7qfnSveOcF7rPJs%2FtvpW%2FE%2F%2FOZYklL9ktBrvO36IGpWm8QQnW5lMQthhwg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a2c4a014e4f-FRA
expires: Tue, 13 Dec 2022 11:58:37 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gs1SM1yAyFBLRtumxT8%2FAWB35%2FJD8TpaydfPIbCQXqIabZmcZ32S1J2yL6bQcnPGCvIoIDOGZsexyYhs%2FXwZ6Gp6uQjHKenTUkdBOoHvZv%2BRqAJ4afh4jzV1nmimSIjux%2FvXVKxqbpSSL%2BphQDJB8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/07/gunmen3-600x375.jpg
cache-control: max-age=3600
cf-ray: 6bd17a2c29d64e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:45 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA04 0
21 B 46ms
44ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIq4__pm3YZ_kJ4-x7gPikpXQAgAAAAA4AeAEAg&bg=!MDOlM3fNAAZKWFskSlg7ACkAdvg8WqeqFGpz0g7lOyquvPQlY9_9EO6Sy3d7bNuoLCgTniLeGnQvagIAAAJxUgAAAENoAQcKAHNWMXv0HT0pudNF0PbEoicOggwq9d1WAo7t7tgUQHBvXxhTEJL3aHzvVX15iIaLqB0SizgRwcDyb2Gnba5IJUaXmmVKpgdnUNAcP6SI30k1XAlhGuVap9ynYlvWxSoSw-3NgfzWZCICM1Y0A0eFQFjgv2VomQL-ptLMiQd0uCBvllxTRfkMMSo_HMprh1h7sME8uZn1GhDrQeJJyOpoUn1cEP4QYXQDIHKIRQV69HeuHEr-poD-tub7KoBHZ-D32cGDPIGgT4iQSbqwFZkWhAJhywL3QH4_y7TzT-tY0x7t3aeug9QxOsr3fcJnOxO62oQfTZc9JnJc7t86lLaaX-zykUG7Js8VtpwK8mywqWvJ1miC4QNXgoLAASOJP2AedtQ-u96tT3dj4cjIvG2MMNjGshB8Deq-njNiWAa2-gFZAS7W034Z3V7F8xX6gxzjLqDpCYGAV5Wi8l5g9WUdaF1-WR3bZwFdaddqrkoWbqoMYRIAaPM3IrriV25S5-46FLhUyCLEnwdBZr4y6jy8gARdZEhjcFxY7JaVmtv7wzWJSPo239tRLjLEUxJzwQhL_50FeHo2Q1sMbFq_86-ncNc5kP8POZsDM9ZMR_Hlko8gOWqfJCd0AAXm6RDMiXpH2tSuKUi8krl3p4FsMvTQtjL8jY90jYbIDrtKtiL7D6IFpDDAchuzXO64nC2breQE2McSVF2OQhVPFE74yOhQvL8ihi7RPyKNTo_b3kbl_3uk0IERd0_52VuHknk0ZoaK2v02T4ued7a7STMo4bMmZ3ymrLM9dg5PraU9Hm3PyIaM-SUovJAueTp6peBrxGd_8BFH066lKtqKkJEnFeR4HLucqRF_JdnrBkWqSvTLgSk8P4AG2PiVw-D86OApVBQVy_GNoZ-5pnqFEOMDpx1nUkWIArh874m6WWmTBbwPksfWVQAgVNegWA81W4WwlcRvabtiRDAp9zg05zbz8_GiE2nGMB6Tojd4NjRpdhgmac1VY-cBLrMIkyw1vYzpZinVLA3xn89-jRGAUdLQWrXUzv5rUs7ydIe41Zayguy3aEkq5qPYZD6a2p0S8JrW-7wZqdoMEv1IPfS8O18tHNKnzrIDy_9TiyPYWg5BDH-SmyCaDsZ_8TRoPRTUxqh7zb0xtY_-C4Cok9ygef2JyQXqvclkFc20Gg

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 5B78 38 KB
14 KB 39ms
38ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422462248,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=52112
expires: Tue, 14 Dec 2021 09:36:17 GMT
date: Mon, 13 Dec 2021 19:07:45 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B5B8 38 KB
14 KB 56ms
54ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422462248,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:45 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=52112
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Tue, 14 Dec 2021 09:36:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F121 0
21 B 55ms
54ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQ3g__5m3YfXQGPnF7_UP1rWl2A8AAAAAOAHgBAI&bg=!7u2l7anNAAZKWFskSlg7ACkAdvg8Wj3J_crKHOVESTV_9RDqVUNFzWOkg1bQXrHvsfTtnQtfgcJEugIAAAIRUgAAABpoAQeZAwbzIXHpYRBKcPxKMLxEl_pjY29Ie9nSkRw04Rhk0mAyhyVP-cM62rPsAaDkMhWLrwsLd7XdrDzeUKW6iU_wMmtP7CNfaESgXQO58L8V0I0WgDV4twuKrjYoL3hSIOkisu8e1wQ4XrCUdP8RgzUb0mq_aJfsleFN4qVPabsIDRro3YQPSraTP7nlHmShWLjMOSbdfuKGvJYHMm65kh2EUhvZmU3IDsp_WUtWpvOOCGSaozqJTfqeW6jfeZNWd_MrvPK5FMMo1sI4nXI2KE9TbcgfW6oPTRv5rwRnPKOncEmfqlp8baTG-gbBhgmx5yajGt8El2Q-vB5ejvdxLHbw9mKifo_mrPGjaJBtdB3nWWXP5aTP3MBSdHf7smYGohK3OkRogPcOnG3TAXIdgI_qiJCLn0gYIzWgxYJDT_JsZOwFArwHbTiX_vWuIcc4E-ApQkV9ZWu3-xWbwObZ3koJzFw-9JWceMI9Ivb4d2oaayJUDr22GAQ1L3SOrZQjlWEkjmj9QNLQkNR03x0HWAB7O7atxHRTvhNa2gaQOIIoDcL4zxzYYT5-q3Rd2HqCJtPOnn3fdVZ-UQqhOpN9z-u2ZbTI_Wk8vFdOG5pPZiDim873CsyJDlwQZF7m31DOne8dQc7LUSz-h-yJW_q5RYNxG7VG5atyeQtzotu5eDCQkk8yaMQKEZvx_qHPZ-6PgnAGQMjkhpjAzvG0FTqnBuz6ony5UTX5PIKPL2g6ISI7lXmwokMYa_yup6uUHEMJKLYM0ILMWhu0NjZ7hlME-QXAVcJaNGUH1f0oyTo05VJUIv9-x_RktBDuZSgn-v9jh1pG6dvOm-vUE7uMzcgDdpjDKzIovQOl-A2RFCfAa6fNOadFgJ2pfsAYoptaR798jKD0yKT1xoRA12a-tHa6hVeHAiUJ0gteScAkJQrh4MTRnv2jmoj2QBgPmhS3rz6Ku0QH_9TqWXz9ChwGnsyV2mxnUN_GibSBL_oqqJQbN5Dyde-pWvb-yji-WA-j3NnKq4amkEGkkbihhPU

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1649 0
21 B 54ms
54ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2eIk_5m3YbLsFvnF7_UP1rWl2A8AAAAAOAHgBAI&bg=!WlmlWR3NAAZKWFskSlg7ACkAdvg8WidLIQoKq4fbF2Xya4W3NeU6QYBn-1N4DX1JEfSGT4C0PjNzpgIAAAH-UgAAABpoAQeZAx1ZuffoFyYyUGc2rA52vUYLi3yDAlZVZLRmFq8ivve-kY0q3rfcGtNmGh5Z26g8pTrxVHiLxVzpunDgMTDLBL6EYfMWLvKWivSAcLqezdEL1YOEwczJ08sV5raRDcTYEU0tpT3gWx96IrO39Wc_4yn1HruaDmzCmEIEyEcMC_Guya1pF1tDggS_qubfnvyBDRNFIL_6fwQCTVi4xb3YPGMn9duOvSRRnajPzUhUrcsMrBGI_0qpsxu3BS3s2GyZMkHiiuIrLF0W1LhQdplnntC744nVx9E5sCYXNaDlhuAmqabEnHJgM3A84jH7IbknkmcN4Q1WGO5Ty0kG6rcE5aDME8qllsdI4DZjoHEvT-2t10Cg2ekQtf8MvIbL2j-gF25p9XyD23kaQe6GSpmJUJGewyOn0VpzKldp0Gpnw9AFZmZwseCfASt2weSe02eSzjNM-i1OdNFhhWkMkdhgupfP0EQ03q1TIyJTzpjtMUjUN3UywwP_sJCrfE9QX12iAWT4Hm_d1Qh30vy5btUfm4DALuQfpxq0h6cqEfK8CLhXw-K0GX6-QjJRbIvIS01j1wcCmqZlfr7PscqvONQAOXAYM0mUxjwEWGgPQSn7JSlU_0OGa5B_G6RCvznWLsgkr94Eau23NPMaTIfyGNV7aPfiYZy1gB3Vwai_t7AB1WXqlvfBjdXoFkawamGByhhwRN3jdbHuvqrJwFyNUi2bNqh39AsaRGx9APUiFugQDyffbnWvzmBoOjts-vRRJiHD8P8xkQosdclP8dwa2s3ua5KP6rkp8vjfKXjb2PtPdF7ggK7tl4oKg43iDTquc8asjw6R9fb04Jqb1NBUYcTLT4MNe0SnpfHblZeceNMNVYFS_361-UGvcjRqfrpZlak9doMRkeBHJTQirE6ViGRYQU0BcYvVUNUVLNQS2FnTmrxkO5zBSSLWKgYK27BWq67XMIbVXOlb1I-2flE9ykaGSOI7dc1J-CeJJIiWuLFZBe7S285GhANiWZ0JPksCvu9P3MAb5SqyTXUFtPMs3XRAZ0WYgSV-l6oZQP79JcAHCg

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A5BF 0
21 B 53ms
53ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJx5Y_5m3Yc7wGcn2gAfBl5SgAQAAAAA4AeAEAg&bg=!-Pul-7_NAAZKWFskSlg7ACkAdvg8Wv5z07qIKOo9LtgRSKZI-ExhUCAIKrpq_orRO--qgv7E4UluqQIAAAHdUgAAABloAQcKADD17y1KqjyrxK3XItkaEgnNUbJxWht2FJFdkqb3x-Xq_jDrAKklLRLrqTgYpKjHXliZAwgTcljTSysUBZRWFAXzLS6mLGLwu6pgct6gU3B9zZyggBiRT9EpsTAuIcFQt2EuGsWXimbpAVkbeaFYHC1Yk3VTaRaJD_ml-8nPyfCBKaOurVrNRUt9XJW7zL9vMrx5Z6XhKyCMJD0GfCaEP_U5VvD-xgVzTmfemhFvmIuyFYApogQ3FFbgx5sJ0PsyJEVPjFmaMU7ZhQduBUjkC1rWCYEQZAF4TRjOGfXL0Jj7MlWMdqQBfWjXdx2nsGbJh5CdvuPpgToC1sKKBfpVJcGZHn9W0jbS9IvtzZz7pQDJw0xzeDFT974KNxA_k8QTQxvmpVs0wxFoVUCgpZPMFfVVRyphF8UIimP8dwF4r65g5L4cAo-b-ZWZJzOQF_MDF_Sz2bHlS_IhBDeuNtNhS-BKnpL4JWEcN8ZsB_0izYNopdwP45dQyKu2_GkRoVpbFcWp9-10u-ObMyaREfBhE3WPhEk0l8o2t7yWFSDQ15BZVp2ONL-1U-QEsYXaIc1AbPYwT8lrjaoxX1JP-1CRFkvZSnLgb5E-01dp5pvgduO7W-vk3H_H-VCBMpiHgwXeMxkuVjaibejNPvHN2dUAwIE7pGO7JneNFVvubaj295cw-WLPEfPmCytw7eyYz_zPeSQc5tfIdPy-77B-Q2YlBQL5eQwq6A0WyRszHotkt0RDbglkbh0DUWoBnQqYwRzHe0AMCOBV38le7pdPJIR-Sg4eof05aKeAchwAFtNuHL5amrytsWvKUlmtzNc1eP9aGV77Z0Z38HW9b-UyrbUGr_zGWpaClwT6IffJXQBiGffz4Lkff441oH7rLQ-jr2gAPsgDzUD-_OQynMBuokp2zX66RnzElZePN4QuBIlxLssph3_1fTQyUFlkjyzEtyNlNOpcP-hsZEpOeqaYulK418AnNjXRkoNGtg1vhUk3UfaWEoxSdX0o1gtQzPPbHBaWRLGO9n3Vv54ZEZddci86XzKl5YMUB2mdMXUSyCB04rmcRWlJE9PfYLC8zh9UtxDTxymQDFRUl282xhTiNQ

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5B78 2 KB
2 KB 14ms
14ms Script
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25088416&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 91091d6006ecff5fa207be0f6b27571209952fc05901b9cd37990c5ed4afbe67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1973
content-type: text/html; charset=UTF-8

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=13&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1588622563

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75982
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2

200

300x250.html Show response
banner.vdo.ai/shelter-dogs/ Frame 79EB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7094677798399606&output=html&h=250&slotname=z1_adx_display_ron&adk=275265714&adf=282184647&pi=t.ma~as.z1_adx_display_ron&w=300&lmt=16394...
https://banner.vdo.ai/shelter-dogs/300x250.html

2 KB
1 KB

267ms
256ms

Document
text/html

2606:4700:3033::ac43:de92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://banner.vdo.ai/shelter-dogs/300x250.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1098601291027995&plah=www.sunnewsonline.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:de92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51a9197b871e6300a58ee887e4478ef220d8c070d73ac8db90ed959f8597c015

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

date: Mon, 13 Dec 2021 19:07:46 GMT
content-type: text/html
last-modified: Fri, 03 Jul 2020 20:17:10 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtuiDLNuRagMvpEUefrWEZ6uqRBkKpgGQbdCkDi7z8%2F%2Bgc0FTA4kkANgkOISrb5XyWpYWtF76dwtWByS1%2Bs%2Fy1lF0t3VaFgn5gd%2FNw3SChNzW1legpFt5o9zdJuBQzjhq8i4tHA%2BiqBvVlhr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6bd17a2fbb8b839a-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://banner.vdo.ai/shelter-dogs/300x250.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 13 Dec 2021 19:07:46 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0C5C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbeaAgAL0Bn6mABG&gdpr=0&gdpr_consent=&_test=YbeaAgAL0Bn6mABG

1 B
234 B

18ms
18ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbeaAgAL0Bn6mABG&gdpr=0&gdpr_consent=&_test=YbeaAgAL0Bn6mABG
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:46 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: lhrpug003:0:433
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YbeaAgAL0Bn6mABG&gdpr=0&gdpr_consent=&_test=YbeaAgAL0Bn6mABG
accept-ranges: bytes
date: Mon, 13 Dec 2021 19:07:46 GMT
via: 1.1 varnish
x-served-by: cache-hhn4057-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1639422466.249348,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET

rtset
bh.contextweb.com/bh/ Frame B9B2
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFLZWVrN0RielFBQUQxRGdkSVB5Zw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAKeek7DbzQAAD1DgdIPyg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...

0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame AEA4
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8832176352
https://sync.1rx.io/usersync/tradedesk/ec54adb6-4271-4109-b238-fbfa812e8263
https://sync.targeting.unrulymedia.com/csync/RX-1f9ab7a2-77b3-4762-8294-e8b0be90fe4c-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1f9ab7a2-77b3-4762-8294-e8b0be90fe4c-003

42 B
384 B

19ms
19ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1f9ab7a2-77b3-4762-8294-e8b0be90fe4c-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:46 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug002:0:811
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Mon, 13 Dec 2021 19:07:46 GMT
content-type: text/html
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-1f9ab7a2-77b3-4762-8294-e8b0be90fe4c-003
etag: RX1f9ab7a277b347628294e8b0be90fe4c003

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame 5B78
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3ACD464A-A328-4DF4-8F1A-0DD8945657AC&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=3ACD464A-A328-4DF4-8F1A-0DD8945657AC&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3ACD464A-A328-4DF4-8F1A-0DD8945657AC&addseg=19,36,42

43 B
43 B

74ms
22ms

Image
text/plain

185.64.190.87
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3ACD464A-A328-4DF4-8F1A-0DD8945657AC&addseg=19,36,42
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:46 GMT
content-length: 43
content-type: text/plain; charset=utf-8

Redirect headers

date: Mon, 13 Dec 2021 19:07:46 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=3ACD464A-A328-4DF4-8F1A-0DD8945657AC&addseg=19,36,42
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 141

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 5B78
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3ACD464A-A328-4DF4-8F1A-0DD8945657AC&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3ACD464A-A328-4DF4-8F1A-0DD8945657AC&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

32ms
31ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3ACD464A-A328-4DF4-8F1A-0DD8945657AC&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
frontend-id: 13
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:43 GMT
frontend-id: 2
location: /pubmatic/1/info2?sType=sync&sExtCookieId=3ACD464A-A328-4DF4-8F1A-0DD8945657AC&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 5B78 95 B
455 B 105ms
43ms Image
image/png 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=3ACD464A-A328-4DF4-8F1A-0DD8945657AC
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:46 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6bd17a2da88159b3-MXP
access-control-allow-headers: *
content-length: 95

GET match
a.audrte.com/ Frame 5B78 0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 5B78
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Eo0krh2FIP8J3X-rEdlrqULedK4J2iL_FNikSV1M

42 B
467 B

17ms
17ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Eo0krh2FIP8J3X-rEdlrqULedK4J2iL_FNikSV1M
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:44 GMT
cache-control: no-store, no-cache, private
x-lat: amspug010:0:833
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Eo0krh2FIP8J3X-rEdlrqULedK4J2iL_FNikSV1M
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 5B78
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3ACD464A-A328-4DF4-8F1A-0DD8945657AC&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-WSjbEDJE2uWppXYPnmOhLryH2.qb_oA-~A&gdpr=0&gdpr_consent=

0
128 B

15ms
14ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-WSjbEDJE2uWppXYPnmOhLryH2.qb_oA-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:45 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-WSjbEDJE2uWppXYPnmOhLryH2.qb_oA-~A&gdpr=0&gdpr_consent=
date: Mon, 13 Dec 2021 19:07:46 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 3ACD464A-A328-4DF4-8F1A-0DD8945657AC
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5B78 43 B
872 B 39ms
38ms Image
image/gif 2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/3ACD464A-A328-4DF4-8F1A-0DD8945657AC?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:46 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5B78
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://x.bidswitch.net/sync?dsp_id=59&user_id=789ad8c0-7391-4f67-9651-6626b4b716bf&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=80dcca2c-d676-49f5-a23a-0eb8ac5bfab6&gdpr=&gdpr_consent=&gdpr_pd=

1 B
180 B

19ms
19ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=80dcca2c-d676-49f5-a23a-0eb8ac5bfab6&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:46 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug015:0:427
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=80dcca2c-d676-49f5-a23a-0eb8ac5bfab6&gdpr=&gdpr_consent=&gdpr_pd=
Date: Mon, 13 Dec 2021 19:07:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5B78
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3534133052399560886&gdpr=0&gdpr_consent=&us_privacy=

1 B
187 B

22ms
19ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3534133052399560886&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:46 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:1554
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3534133052399560886&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Mon, 13 Dec 2021 19:07:45 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 5B78 0
104 B 113ms
64ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3ACD464A-A328-4DF4-8F1A-0DD8945657AC&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:46 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 5B78
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
203 B

16ms
16ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:44 GMT
cache-control: no-store, no-cache, private
x-lat: amspug015:0:449
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:45 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 226ms
226ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2Fvdoai-dfp-parent-adunit%2Fz1_dfp_v_sunnewsonline_v_pre_1&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&correlator=3354567255886578&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422466122&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=1955804868211408&ged=ve4_td6_tt1_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=14&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=241650454

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75982
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
135 B 447ms
447ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-7094677798399606&slotname=v-sunnewsonline-mid-1&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422466368&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=896002849342205&ad_block=1&ged=ve4_td6_tt1_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 AdServerServlet
vid.pubmatic.com/AdServer/ Frame B5B8 27 B
0 163ms
163ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422462248,,&us_privacy=&cb=1639422465966&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.sunnewsonline.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.sunnewsonline.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-13%2019:7:46&ranreq=0.9765363100808986&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422462248,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:46 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 2CA5 965 B
853 B 37ms
36ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422462248,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 16129be6d96996cae2eacf76da2731026c3488e318b9cf5df8dbb5a78fdf595f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:46 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 591
expires: Mon, 13 Dec 2021 19:07:46 GMT

GET
H2 200 track
aktrack.pubmatic.com/ Frame 2CA5 0
61 B 31ms
31ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639422465&wa=0&e=96&ier=901
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:46 GMT
content-length: 0
content-type: text/html

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 6ABC 152 KB
36 KB 39ms
38ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422462248,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:46 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H3 200 css2
fonts.googleapis.com/ Frame 79EB 2 KB
549 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: banner.vdo.ai
URL: https://banner.vdo.ai/shelter-dogs/300x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banner.vdo.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 18:39:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 19:07:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 19:07:46 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ Frame 79EB 82 KB
29 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: banner.vdo.ai
URL: https://banner.vdo.ai/shelter-dogs/300x250.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://banner.vdo.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 21:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 595575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Dec 2022 21:41:31 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame D28C 38 KB
14 KB 36ms
36ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422462248,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=52111
expires: Tue, 14 Dec 2021 09:36:17 GMT
date: Mon, 13 Dec 2021 19:07:46 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 6ABC 38 KB
14 KB 33ms
33ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422462248,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:46 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=52111
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Tue, 14 Dec 2021 09:36:17 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 18ms
18ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=15&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_apac&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1966992209

Requested by

Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75982
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 29ms
28ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 19ms
18ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET js
www.googletagmanager.com/gtag/ Frame 79EB 0
0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
135 B 668ms
667ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-2403018226404213&slotname=ellipsis_v_sunnewsonline_v_pre_1&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&sdmax=99000&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422466878&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=1698725202868785&ad_block=1&ged=ve4_td7_tt2_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D28C 2 KB
2 KB 20ms
19ms Script
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=93610334&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 4bc6543bef1098b4a5c4e3baf27e2148e5ba98220cdc86e3738a811c0a82a527

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1687
content-type: text/html; charset=UTF-8

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1F12
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

0
88 B

18ms
18ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:47 GMT
content-type: text/html; charset=utf-8
x-lat: lhrpug010:2:274
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length: 0
date: Mon, 13 Dec 2021 19:07:46 GMT
server: _

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D635
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vpZ4P16DSmpCOB0B3AkRzrnoF7Q

0
0

19ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vpZ4P16DSmpCOB0B3AkRzrnoF7Q
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:47 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug012:0:548
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Mon, 13 Dec 2021 19:07:47 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vpZ4P16DSmpCOB0B3AkRzrnoF7Q
Content-Length: 159
Connection: keep-alive

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 6501
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2HgDlJ61k0lPGnzsWU4HX-f7

42 B
372 B

14ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2HgDlJ61k0lPGnzsWU4HX-f7
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:46 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug014:0:635
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Mon, 13 Dec 2021 19:07:47 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2HgDlJ61k0lPGnzsWU4HX-f7
strict-transport-security: max-age=0; includeSubDomains;

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 69D8 43 B
408 B 72ms
14ms Document
image/gif 173.231.180.197
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS: ams-delivery-4.sys.adgear.com
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Date: Mon, 13 Dec 2021 19:07:47 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-1
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2 404 dpe Show response
ad4m.at/ad/ Frame 55F0 15 B
915 B 121ms
65ms Document
text/plain 2606:4700:3039::6815:c087
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c087 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Mon, 13 Dec 2021 19:07:47 GMT
content-type: text/plain; charset=utf-8
content-length: 15
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6bd17a32efce83ae-MXP

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 0B02 43 B
282 B 134ms
50ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Vary: Accept-Encoding
X-adserver-worker: leviathan-0173a7802d8b@version_1.363v2
Connection: close
X-server-arch: v2
Content-Type: image/gif
Content-Length: 43
X-core-time: 1ms
Date: Mon, 13 Dec 2021 19:07:47 GMT

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 92CD
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3561ddb8-9d66-434e-9c26-05202515e1b0-tuct8b11f82&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
148 B

60ms
26ms

Document
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3561ddb8-9d66-434e-9c26-05202515e1b0-tuct8b11f82&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Mon, 13 Dec 2021 19:07:47 GMT
via: 1.1 varnish
x-served-by: cache-cdg20783-CDG
x-cache: MISS
x-cache-hits: 0
x-timer: S1639422467.047730,VS0,VE10
content-length: 0

Redirect headers

server: nginx
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3561ddb8-9d66-434e-9c26-05202515e1b0-tuct8b11f82&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Mon, 13 Dec 2021 19:07:47 GMT
via: 1.1 varnish
x-served-by: cache-fra19144-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1639422467.992735,VS0,VE10
x-vcl-time-ms: 10
content-length: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame D28C
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3728759190
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3ACD464A-A328-4DF4-8F1A-0DD8945657AC

0
268 B

41ms
16ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3ACD464A-A328-4DF4-8F1A-0DD8945657AC
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 244.81.201.35.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:47 GMT
via: 1.1 google
last-modified: Mon, 13 Dec 2021 19:07:47 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3ACD464A-A328-4DF4-8F1A-0DD8945657AC
date: Mon, 13 Dec 2021 19:07:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D28C
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:99c5cb9b-3293-4a73-8aaf-9dccfc8cd9fb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
188 B

19ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:99c5cb9b-3293-4a73-8aaf-9dccfc8cd9fb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:47 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:536
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:99c5cb9b-3293-4a73-8aaf-9dccfc8cd9fb&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Mon, 13 Dec 2021 19:07:47 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D28C
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3474378168057276366

42 B
111 B

19ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3474378168057276366
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:47 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug008:0:498
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:47 GMT
X-Proxy-Origin: 185.232.23.180; 185.232.23.180; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 441451d7-d845-48ef-b90f-92605a468eef
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3474378168057276366
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 d1ba4609
rtb.gumgum.com/getuid/ Frame D28C 35 B
238 B 101ms
30ms Image
image/gif 34.251.173.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:47 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

GET
H2 200 AdServerServlet
vid.pubmatic.com/AdServer/ Frame 6ABC 27 B
0 84ms
83ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422462248,,&us_privacy=&cb=1639422466810&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.sunnewsonline.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.sunnewsonline.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-13%2019:7:47&ranreq=0.6554817492222127&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422462248,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:47 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

POST
H2 200 i Show response
vid-io-cle.springserve.com/vd/ Frame 2CA5 0
121 B 341ms
112ms XHR
text/plain 3.20.211.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=1ca4d604&ps_id=356921&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.211.8 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-211-8.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:47 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H2 200 track
aktrack.pubmatic.com/ Frame 2CA5 0
61 B 39ms
39ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639422466&wa=0&e=96&ier=901
Requested by: Host: www.sunnewsonline.com
URL: https://www.sunnewsonline.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:47 GMT
content-length: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 22ms
22ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0abd9be5da5c4268ef7c7872e00bdcdd93adee5fcba8766577a17fbf9ca089b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8558
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Mon, 13 Dec 2021 19:07:47 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=16&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1960795658

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75983
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 20ms
20ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 track
aktrack.pubmatic.com/ Frame 2CA5 0
61 B 42ms
41ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639422465&wa=0&e=96&ier=901
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:47 GMT
content-length: 0
content-type: text/html

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 12F5 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Mon, 13 Dec 2021 19:01:50 GMT
expires: Tue, 13 Dec 2022 19:01:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 357
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5B2A 783 B
534 B 17ms
17ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1d8283bc2c24de125493fe4f32af4eb4fdada52bbdfcbfff7ab7988569c409dc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MthtN2W7QpTn6gNTNFDEAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 13 Dec 2021 19:07:47 GMT
date: Mon, 13 Dec 2021 19:07:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-MthtN2W7QpTn6gNTNFDEAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 162ms
162ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2Fsunnewsonline_EBDA_pubmatic&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&correlator=1737054972060387&vpos=preroll&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422467731&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=1712822335043462&ged=ve4_td8_tt3_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame ADFE 0
168 B 105ms
104ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:47 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 91ms
91ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:47 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 12F5 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 17:23:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 17:23:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5B2A 0
0 47ms
47ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=1963256682944755&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
37ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=17&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1326722563

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75983
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 46ms
46ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 44ms
44ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 180ms
179ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2FDFP_Z1_Parent_Second_AdBreak%2Fz1_dfp_v_sunnewsonline_v_mid1_1&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&correlator=2679084440653470&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422467937&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=2976332324664354&ged=ve4_td8_tt3_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK powered-webpushfeedify.png
cdn.feedify.net/assets/push/powered/ 3 KB
4 KB 308ms
8ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.feedify.net/assets/push/powered/powered-webpushfeedify.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: cloudflare /
Resource Hash: b0dcc6f6fed806506e1a8f558303ecadf3249452732b1c50fc97250d3b7c14d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 19:07:48 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 3327
accept-language: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5s845DiVn0SnyhBlv2B%2FUvDy9vtIVIVrKqFMEBflVv2xpQdUjz02vCYq6R4bqww37N%2FB63SmTnjqA1uJOtqtSEZaghhLPSmYvlZwbOCXCeSaz6l2A%2FvqsZtipC1RA%3D%3D"}],"group":"cf-nel","max_age":604800}
Connection: Keep-Alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 3452
Last-Modified: Tue, 08 Dec 2020 05:38:30 GMT
Server: cloudflare
etag: "5fcf1156-d7c"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-HW: 1639422460.dop216.fr8.t,1639422460.cds136.fr8.shn,1639422460.dop216.fr8.t,1639422468.cds102.fr8.c
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6bd106806fb75b44-FRA

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
22 B 43ms
43ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=1963256682944755&bg=!dnWldTHNAAZKWFskSlg7ACkAdvg8Wt5eKoyuKKOsrhWnVzgSUt_r43PI3vfm_dMSPlQBKqaf5ICGagIAAACDUgAAABBoAQcKAE_9gsK2DpddD9S-sbecUr1ejybFeEImxk9KPWlkHikTJfkN5SfKtC-LlDO7E2YoW1VEbUhU0hj7dX2AJznBO5a9LQlB7uMZCub1oGjxc1PHmQLS3LP4g4dnsMpY8OfyMXF1Ss8XQyk8j9mLlKm4ehVuLagnMzQzW49Ew6IUwIYUHIqcmmwmbthojS7OtFCpbJk1wXBcugXTjGr8nOo1yHn9co630Cz1Y-wL_eHaiFjv-lxwIU-237_JOCgqshBnPnNpdsVzjS2izsu1Ppm0jlQRcC1XceJFG4rXyTxUIceEmiAgUzB572yB4rveIZNSaUij1USf_0op4NcAyTWe3Ww53y12LxW2qKH7zTR6CvTzoaxh12uZI8ZvUd4qg0taQ52u4ZP4xL2bG1MrJb8rvVdc7TUZ15-mYdR8j76j4soTAH5mDYHDYek1uvsYWjCYdxQxkHUOTL1AgMulRaRENrApHMTdEMlc2DenzUMlNTY-u78lw_P49QuPoverSqAQTl6Q9s5A1HgvZAn7hzKy0ZBXyVCcriMFQxUT_qBwkkexDFvUpiSQHx3s9bZb8WCt_wXKeBGsZoWjzCVefxM5NVaerEXEGSm4p2iZkBa8_tNKQtTQfsGZ1YCTzu4dKuJ5iDXaAmq7k_q3tFl3eok4XXY7TGqqiJNWWd0MFCs2VBJC-jR9iLQMLBhUgMtnCxzx9I6TYf_9POUxVfNDl9zlTfaW0m2UsZCNZl9wdypFBCKY8MPcq6XMmjGuogsoTnmTBOXVFlfzefZCnB5isF2uuPxSRp86AG80HkoiAO22wcSgHnIjUh0j-7_ULBo3clXgZZUd_3t17hBFKUa3REk7obGmBN3YDg8-lozE53Z3TkoXdPG0KyUMKAw8uE1dwi0oWWp008wS9isP-R2YS-Z-1X8aFbTe3hHTdrj71zUxqI-ErOtTljaqDZJfpkHXZmKmbMQHwjExhLEErJ8SHj3He_wD-XFoSQqzFFHm3boh8Cwn7m9qCL5Ai0furyzhbP7vVBy6uHgv-uy2U5oQQJMUudpcdXGdSuSOOI7aUYdPW899GAVa5mM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=18&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=184127899

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75984
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B4A7 14 KB
5 KB 21ms
20ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159175
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=133463
expires: Wed, 15 Dec 2021 08:12:11 GMT
date: Mon, 13 Dec 2021 19:07:48 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7270 52 KB
17 KB 30ms
7ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 08 Dec 2021 02:31:34 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 13 Dec 2021 19:07:48 GMT
Age: 59764
X-Served-By: cache-lga21969-LGA, cache-hhn4028-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1010677
X-Timer: S1639422468.168662,VS0,VE0
Vary: Accept-Encoding

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
135 B 408ms
408ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-7094677798399606&slotname=v-sunnewsonline-mid-2&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&sdmax=99000&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422468148&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=3188872283431542&ad_block=1&ged=ve4_td8_tt3_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B4A7 1 KB
2 KB 15ms
15ms Script
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62232381&p=159175&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159175
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1e055bff06cdf3e1bf729d3a1e3a391b280510c0cf7081fd44e00753ee33f2bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 1236
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7270 0
733 B 20ms
20ms Script
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:48 GMT
X-Proxy-Origin: 185.232.23.180; 185.232.23.180; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 694b285c-30c7-48f4-bccf-78edcb0ba444
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 286D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
421 B

200ms
190ms

Document
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Mon, 13 Dec 2021 19:07:48 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6bd17a3c1cd0e8ff-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Mon, 13 Dec 2021 19:07:48 GMT
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 427
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6bd17a3aca07e8ff-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 955B 0
44 B 290ms
93ms Document
text/plain 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159175
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Mon, 13 Dec 2021 19:07:48 GMT
server: b

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 38C5
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:CIJXfyNx1MWQFQ5&gdpr=0&gdpr_consent=

42 B
368 B

18ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:CIJXfyNx1MWQFQ5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159175
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:48 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug021:0:462
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Cache-Control: no-cache, must-revalidate
Date: Mon, 13 Dec 2021 19:07:48 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:CIJXfyNx1MWQFQ5&gdpr=0&gdpr_consent=
Pragma: no-cache
Server: PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0f57142fe7121e10b@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200 usersync Show response
match.bnmla.com/ Frame 95DD 0
112 B 312ms
101ms Document
text/plain 38.27.122.126
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159175
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.126 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Mon, 13 Dec 2021 19:07:48 GMT
Content-Length: 0
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3BD1
Redirect Chain

https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BC645DDB5A294CCFBD7267F3192E45F7

1 B
68 B

19ms
18ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BC645DDB5A294CCFBD7267F3192E45F7
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159175
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:48 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: lhrpug006:0:503
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: nginx
date: Mon, 13 Dec 2021 19:07:48 GMT
content-type: text/html
content-length: 138
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:BC645DDB5A294CCFBD7267F3192E45F7
expires: Sun, 12 Dec 2021 19:07:48 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B4A7
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=f6458fe6-5c47-11ec-96ba-955e0c724771&gdpr=0&gdpr_consent=

1 B
216 B

19ms
18ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=f6458fe6-5c47-11ec-96ba-955e0c724771&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159175
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:48 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug004:0:491
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=f6458fe6-5c47-11ec-96ba-955e0c724771&gdpr=0&gdpr_consent=
Date: Mon, 13 Dec 2021 19:07:48 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: f6458fe7-5c47-11ec-96ba-955e0c724771

GET
H2 200 ad Show response
v.lkqd.net/ Frame A316 2 KB
2 KB 95ms
95ms XHR
application/xml 146.20.132.68
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1153679&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62285%2C1%2C&c5=&c6=62285&rnd=68073492&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.68 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 4a280a86a8faf49108c13456175f4b096a2f102fe522ca434c1c65fd856fccd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:48 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1359

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 5D51 230 KB
61 KB 10ms
10ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:48 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1639422468.cds140.fr8.hn,1639422468.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 977E 5 KB
2 KB 12ms
12ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 13 Dec 2021 19:07:48 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1639422468.cds140.fr8.hn,1639422468.cds226.fr8.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame 5D51 96 KB
6 KB 135ms
134ms XHR
application/json 146.20.132.68
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1153679&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62285%2C1%2C&c5=&c6=62285&rnd=68073492&m=&rtv=1&thost=www.sunnewsonline.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.68 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 172b3618d2818b4f9c26f94f9fa2c2011841f71af487e7b54af34c91ef218290

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Dec 2021 19:07:48 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 6183

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 93ms
91ms Preflight 146.20.132.68
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1153679&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62285%2C1%2C&c5=&c6=62285&rnd=68073492&m=&rtv=1&thost=www.sunnewsonline.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.68 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:48 GMT
content-length: 0
access-control-allow-origin: https://www.sunnewsonline.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
H2 200 cs
cs.lkqd.net/ Frame 977E 43 B
308 B 92ms
91ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:48 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 977E 43 B
308 B 92ms
92ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:48 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 977E 43 B
308 B 92ms
92ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:48 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 977E 43 B
308 B 93ms
93ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:48 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 977E
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886

43 B
308 B

92ms
92ms

Image
image/gif

146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:48 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886
pragma: no-cache
date: Mon, 13 Dec 2021 19:07:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=19&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=954198510

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75984
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 155ms
155ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2FDFP_Z1_Parent_third_AdBreak%2Fz1_dfp_v_sunnewsonline_v_mid2_1&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&correlator=2200389986225473&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422468595&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=716046203870198&ged=ve4_td9_tt4_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame B56F 0
168 B 96ms
93ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:48 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
92ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:48 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
744 B 97ms
97ms XHR
text/xml 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.sunnewsonline.com%2F

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:48 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
723 B 126ms
125ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=0&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C1515851638840318329758672676%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:48 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639422469024027-410
Expires: Mon, 13 Dec 2021 19:07:48 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
723 B 135ms
134ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=0&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C840318329758672676643480290%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:48 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639422468608050-387
Expires: Mon, 13 Dec 2021 19:07:48 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
744 B 121ms
120ms XHR
text/xml 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&t=2

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:48 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK 88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads.adaptv.advertising.com/a/h/ 249 B
551 B 421ms
420ms XHR
text/xml 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=23401255&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.sunnewsonline.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62285&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-205-242.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 993 B
872 B 30ms
29ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C840318329758672676211549407%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c3175a38ab781a8193dabc061429ca7b4d5f41ef73749ce1ad8ededd865fc457

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:48 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 611
expires: Mon, 13 Dec 2021 19:07:48 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 31ms
31ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C771446672840318329758672676,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7ebf50619e55a11730fe84f741b2e489a801ebeaf2b0a65424fe5d73724b5bed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:48 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1154
x-sticky-vk: 1639422468272068-396
Expires: Mon, 13 Dec 2021 19:07:48 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 38ms
37ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C8403183297586726761692916178%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f02c33786cc824e96f0063fe52f7e401bc88246a756ed67d97eb3105e0c8cb20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:48 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1190
x-sticky-vk: 1639422468784016-375
Expires: Mon, 13 Dec 2021 19:07:48 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 38ms
37ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C8403183297586726761525633345%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0707cba2c0c05efff37b7f6fd3bc0630b57c808f351c63279f7d40bf58d69399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:48 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1190
x-sticky-vk: 1639422469147040-350
Expires: Mon, 13 Dec 2021 19:07:48 GMT

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs= Show response
ads.adaptv.advertising.com/a/h/ 249 B
551 B 427ms
411ms XHR
text/xml 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1192556277&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.sunnewsonline.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62285&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-205-242.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=20&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=305338484

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75984
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
135 B 379ms
379ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-7094677798399606&slotname=v-sunnewsonline-mid-3&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&sdmax=99000&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422468895&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=3884247485761928&ad_block=1&ged=ve4_td9_tt4_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7270 0
733 B 15ms
15ms Script
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:49 GMT
X-Proxy-Origin: 185.232.23.180; 185.232.23.180; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d4b50a4d-d199-4a1a-9feb-c68b8d2ba317
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
92ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:49 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

POST
H2 200 t Show response
t.lkqd.net/ Frame B56F 0
168 B 128ms
128ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:49 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 5D51 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 2721 152 KB
36 KB 38ms
37ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C840318329758672676211549407%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:49 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=21&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1852636062

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75985
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H2 200 t Show response
t.lkqd.net/ Frame B56F 0
168 B 104ms
104ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:49 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
86ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:49 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 222ms
221ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2Fvdoai-dfp-parent-adunit%2Fz1_dfp_v_sunnewsonline_v_pre_1&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&correlator=1036709940261080&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422469298&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=3777650969092388&ged=ve4_td9_tt4_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 0F1E 38 KB
14 KB 32ms
30ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C840318329758672676211549407%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=52108
expires: Tue, 14 Dec 2021 09:36:17 GMT
date: Mon, 13 Dec 2021 19:07:49 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 2721 38 KB
14 KB 35ms
34ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C840318329758672676211549407%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:49 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=52108
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Tue, 14 Dec 2021 09:36:17 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=22&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1703794072

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75985
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
135 B 705ms
704ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-7094677798399606&slotname=v-sunnewsonline-mid-1&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422469590&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=3820103029116556&ad_block=1&ged=ve4_td10_tt5_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 2721 27 B
358 B 95ms
94ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C840318329758672676211549407%2C%2C&us_privacy=&cb=1639422469304&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.sunnewsonline.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.sunnewsonline.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-13%2019:7:49&ranreq=0.9077248065845369&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C840318329758672676211549407%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:49 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 74EE 337 KB
114 KB 18ms
18ms Script
application/x-javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6250724039ed93b9a935e138a4bfb656f576e84950c56e719168f4b8a8cc731b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 19:07:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1639422464.dop012.ml1.t,1639422469.cds001.ml1.shn,1639422469.cds001.ml1.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 116217

GET
H2 200 track
aktrack.pubmatic.com/ Frame 2721 0
61 B 29ms
29ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639422470&wa=0&e=95&vc=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:49 GMT
content-length: 0
content-type: text/html

GET
H3

200

images-2.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/images-2.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/images-2.jpg

11 KB
12 KB

24ms
23ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/images-2.jpg
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2cbc207d04c342b875f668b96554ced9f8a5cef07615d35e2fb74e0c8f8a1be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 48569
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11669
pragma: public
referrer-policy
last-modified: Mon, 13 Dec 2021 05:34:20 GMT
server: cloudflare
etag: "2d95-5d3006cb5d27f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hz%2BvB%2F9qNF5UjCjC4K%2BHT3K3v2LvSv8iuLmnb1IX38q2pIe%2B%2B66O6Hi%2BwPDiTrVy0RIvNEi%2BqgevyC43jPe9JnguTbRz98ahjsJL%2BXDzw5CaoSFU4pqLC60n5O4hw0qpD0l87qE0QI5FNX86ILiXXT1llCI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a456e324e4f-FRA
expires: Tue, 13 Dec 2022 05:38:20 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3j4GyehbCgjXDmtsrqSKTNhAvrltOaNP2d6yZauZXQj9E9Gs6iOd1JhRaOfJqYsXD2n96DVv7U2Qt7RDwURYDxbRiYcpHQiy1Us0TJr9yX1Oa035IE%2Flr9FJYOYPzmPbricK6lxYTBINrxiEbCtcjg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/images-2.jpg
cache-control: max-age=3600
cf-ray: 6bd17a454dee4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:49 GMT

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 74EE 25 KB
25 KB 19ms
18ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1639422469998
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 19:07:50 GMT
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1639422465.dop009.ml1.t,1639422470.cds019.ml1.shn,1639422470.cds019.ml1.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET

sync
x.bidswitch.net/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAKeek7DbzQAAD1DgdIPyg&gdpr=0&gdpr_consent=null
https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=3534133052399560886
https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=8992879&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D
https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=f6458fe6-5c47-11ec-96ba-955e0c724771
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D721%26userId%3D%7BuserId%7D
https://ads.stickyadstv.com/user-registering?dataProviderId=721&userId=no-consent
https://sync.adotmob.com/cookie/stickyads?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=257&userId=070f22040087ccafb263a1f3&gdpr=0&gdprConsent=
https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849&1501=070f22040087ccafb263a1f3&159=CAESEGaqlGB3hwfuNPDWGdeMhrc&17...
https://ads.stickyadstv.com/user-registering?dataProviderId=849
https://7e1d5.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D993%26userId%3d%23%7buser.id%7d
https://ads.stickyadstv.com/user-registering?dataProviderId=993&userId=pc029_7041265871502952442
https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D
https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t
https://ads.stickyadstv.com/user-registering?dataProviderId=609&userId=d6.067168ccd0cd48eeab51aa3af646926d
https://x.bidswitch.net/sync?ssp=stickyads&gdpr=0&gdpr_consent=
https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=stickyads
https://x.bidswitch.net/sync?dsp_id=188&user_id=vpZ4P16DSmpCOB0B3AkRzrnoF7Q&user_group=1&ssp=stickyads&gdpr=0

0
0

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 74EE 301 B
859 B 86ms
85ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fwww.sunnewsonline.com%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:50 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1639422469548010-390
Expires: Mon, 13 Dec 2021 19:07:50 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 74EE 67 B
723 B 135ms
135ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&schain=1.0%2C1!vidoomy.com%2C62285%2C1%2C771446672840318329758672676%2C%2C&vav=50db043aa08456a32b70714e469a82ad&vaviv=c956f5d812b1325bee45ce307be0bc05&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.1.6&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.sunnewsonline.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:50 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639422469937056-378
Expires: Mon, 13 Dec 2021 19:07:50 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame B56F 0
168 B 102ms
102ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:50 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
91ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:50 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET user-matching
ads.stickyadstv.com/ Frame 74EE 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=

170 B
188 B

16ms
16ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:50 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1639422469973071-418
Expires: Mon, 13 Dec 2021 19:07:50 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

107ms
107ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:50 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: EKV3XXMMYS19HCD75DD9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:50 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1639422470081074-383
Expires: Mon, 13 Dec 2021 19:07:50 GMT

GET
H2 200 vpaid_25214542.js Show response
vpaid.springserve.com/production/ Frame EE7B 495 KB
87 KB 23ms
23ms Script
application/javascript 2600:9000:21c7:2400:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:2400:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:31:49 GMT
content-encoding: br
last-modified: Fri, 19 Nov 2021 18:30:16 GMT
server: AmazonS3
age: 2075762
etag: W/"185feb14359001049d144410afbeaaa4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: cqqxI432rb-RkaRS7-XBlwm_XfRRlpa5aevjQf1fZv-N8R4vnu3ssQ==

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame B4A7 0
260 B 74ms
19ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=159175&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159175
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:48 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame EE7B 965 B
855 B 34ms
34ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422468651,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b73de5deab9f21db9fe1495c57dd3a11fe2c63f661b496f21a44b18e91fd4545

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:50 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 593
expires: Mon, 13 Dec 2021 19:07:50 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame EE7B 0
222 B 12ms
11ms XHR
application/json 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-205-242.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame EE7B 160 B
1002 B 26ms
25ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

bf32a69e5d346fb56d81b27e31d7597457560758f461682e0669238eaeb49550

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:50 GMT
X-Proxy-Origin: 185.232.23.180; 185.232.23.180; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c7595506-ef72-4063-8229-c03a301324a1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame B56F 0
168 B 100ms
100ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:50 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
92ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:50 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=23&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_apac&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1584353387

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75986
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
135 B 383ms
382ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-2403018226404213&slotname=ellipsis_v_sunnewsonline_v_pre_1&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&sdmax=99000&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422470333&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=1914077824884563&ad_block=1&ged=ve4_td10_tt5_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 196F 152 KB
36 KB 32ms
31ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422468651,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:50 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame F25F 38 KB
14 KB 30ms
29ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422468651,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=52107
expires: Tue, 14 Dec 2021 09:36:17 GMT
date: Mon, 13 Dec 2021 19:07:50 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 196F 38 KB
14 KB 27ms
26ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422468651,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:50 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=52107
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Tue, 14 Dec 2021 09:36:17 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame F25F 47 B
167 B 24ms
23ms Script
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=48974411&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 47
content-type: text/html; charset=UTF-8

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=24&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1924343834

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75986
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 196ms
196ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2Fsunnewsonline_EBDA_pubmatic&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&correlator=691849038783228&vpos=preroll&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422470742&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=309028287147441&ged=ve4_td11_tt6_pd11_la11000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AdServerServlet
vid.pubmatic.com/AdServer/ Frame 196F 27 B
0 133ms
132ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422468651,,&us_privacy=&cb=1639422470397&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.sunnewsonline.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.sunnewsonline.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-13%2019:7:50&ranreq=0.4774562740208985&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422468651,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:51 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=25&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1893919937

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75986
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 154ms
154ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2FDFP_Z1_Parent_Second_AdBreak%2Fz1_dfp_v_sunnewsonline_v_mid1_1&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&correlator=691849038783228&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422470961&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=862888363061515&ged=ve4_td11_tt6_pd11_la11000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame EE7B 965 B
855 B 25ms
24ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422468651,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b25dfb7c3bebe66b6adceb5a43da514c6e12f650d5f2e34f547acaaf87055f0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:51 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 593
expires: Mon, 13 Dec 2021 19:07:51 GMT

GET
H2 200 track
aktrack.pubmatic.com/ Frame EE7B 0
61 B 21ms
21ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639422470&wa=0&e=96&ier=901
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:51 GMT
content-length: 0
content-type: text/html

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 311E 152 KB
36 KB 31ms
31ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422468651,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:51 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=26&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1126828969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75987
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 5BAE 38 KB
14 KB 106ms
106ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422468651,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=52106
expires: Tue, 14 Dec 2021 09:36:17 GMT
date: Mon, 13 Dec 2021 19:07:51 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 311E 38 KB
14 KB 87ms
86ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422468651,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:51 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=52106
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Tue, 14 Dec 2021 09:36:17 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
135 B 656ms
656ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-7094677798399606&slotname=v-sunnewsonline-mid-2&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&sdmax=99000&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422471150&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=3515926943767083&ad_block=1&ged=ve4_td11_tt6_pd11_la11000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 AdServerServlet
vid.pubmatic.com/AdServer/ Frame 311E 27 B
0 206ms
205ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422468651,,&us_privacy=&cb=1639422471138&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.sunnewsonline.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.sunnewsonline.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-13%2019:7:51&ranreq=0.7296487925675896&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422468651,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:51 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=27&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=2017961616

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75987
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 205ms
205ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2FDFP_Z1_Parent_third_AdBreak%2Fz1_dfp_v_sunnewsonline_v_mid2_1&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&correlator=691849038783228&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422471828&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=4208990279209437&ged=ve4_td12_tt7_pd12_la12000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 i Show response
vid-io-cle.springserve.com/vd/ Frame EE7B 0
120 B 110ms
110ms XHR
text/plain 3.20.211.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=dd213767&ps_id=356921&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.211.8 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-211-8.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:51 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H2 200 track
aktrack.pubmatic.com/ Frame EE7B 0
61 B 50ms
49ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639422471&wa=0&e=96&ier=901
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:51 GMT
content-length: 0
content-type: text/html

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 97ms
96ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:52 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

POST
H2 200 t Show response
t.lkqd.net/ Frame B56F 0
168 B 108ms
107ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:52 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=28&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1988021130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75988
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 track
aktrack.pubmatic.com/ Frame EE7B 0
61 B 29ms
29ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639422470&wa=0&e=96&ier=901
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:52 GMT
content-length: 0
content-type: text/html

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
136 B 404ms
403ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-7094677798399606&slotname=v-sunnewsonline-mid-3&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&sdmax=99000&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422472058&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=2329802526254932&ad_block=1&ged=ve4_td12_tt7_pd12_la12000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=29&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1695037239

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75988
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 22ms
22ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ad Show response
v.lkqd.net/ Frame A316 2 KB
2 KB 95ms
95ms XHR
application/xml 146.20.132.68
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1153679&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62285%2C1%2C&c5=&c6=62285&rnd=87352167&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.68 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 620868fffea46c4a2156cadc23d3f74d131299a8abf8367e17a57c9eda312c0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:52 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1364

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 159ms
158ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2Fvdoai-dfp-parent-adunit%2Fz1_dfp_v_sunnewsonline_v_pre_1&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&correlator=691849038783228&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422472527&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=1659396580748941&ged=ve4_td13_tt8_pd13_la13000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame D245 230 KB
61 KB 11ms
10ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:52 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1639422472.cds140.fr8.hn,1639422472.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 7EF7 5 KB
2 KB 11ms
11ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 13 Dec 2021 19:07:52 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1639422472.cds140.fr8.hn,1639422472.cds226.fr8.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame D245 102 KB
6 KB 332ms
324ms XHR
application/json 146.20.132.68
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1153679&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62285%2C1%2C&c5=&c6=62285&rnd=87352167&m=&rtv=1&thost=www.sunnewsonline.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.68 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 97cea91f708ce68495370f2cdfcdffecf1f4f7fb5cf8c2951d3790784d29f92b

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Dec 2021 19:07:53 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 6439

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 97ms
96ms Preflight 146.20.132.68
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1153679&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62285%2C1%2C&c5=&c6=62285&rnd=87352167&m=&rtv=1&thost=www.sunnewsonline.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.68 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:52 GMT
content-length: 0
access-control-allow-origin: https://www.sunnewsonline.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=30&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=366698614

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75988
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
137 B 404ms
403ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-7094677798399606&slotname=v-sunnewsonline-mid-1&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422472742&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=4359750447824871&ad_block=1&ged=ve4_td13_tt8_pd13_la13000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 cs
cs.lkqd.net/ Frame 7EF7 43 B
308 B 92ms
91ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:52 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 7EF7 43 B
308 B 93ms
92ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:52 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 7EF7 43 B
308 B 96ms
95ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:52 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET cs
cs.lkqd.net/ Frame 7EF7 0
0

GET
H2

200

cs
cs.lkqd.net/ Frame 7EF7
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886

43 B
308 B

92ms
91ms

Image
image/gif

146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:52 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886
pragma: no-cache
date: Mon, 13 Dec 2021 19:07:52 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST
H2 200 t Show response
t.lkqd.net/ Frame 3A76 0
168 B 103ms
103ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:53 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
93ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:52 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
744 B 113ms
112ms XHR
text/xml 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.sunnewsonline.com%2F

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:53 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
723 B 132ms
131ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=0&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C17222956236932050710290808963%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:53 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639422473101050-381
Expires: Mon, 13 Dec 2021 19:07:53 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
723 B 122ms
121ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=0&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C6932050710290808963229153518%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:53 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639422473283008-421
Expires: Mon, 13 Dec 2021 19:07:53 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
744 B 116ms
115ms XHR
text/xml 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&t=2

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:53 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ= Show response
ads.adaptv.advertising.com/a/h/ 249 B
551 B 219ms
218ms XHR
text/xml 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=1354414445&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.sunnewsonline.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62285&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-205-242.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK 88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads.adaptv.advertising.com/a/h/ 249 B
551 B 422ms
422ms XHR
text/xml 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=2102154531&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.sunnewsonline.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62285&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-205-242.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 994 B
871 B 34ms
33ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C6932050710290808963750295609%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0a7c2cb3b6802ccb119bfb927481635803508fdcc9acdfac03e2459011fedce9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:53 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 609
expires: Mon, 13 Dec 2021 19:07:53 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 30ms
29ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C12612365736932050710290808963,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f532cb23befd979ab2963ae2c32e6f39146adefe6eea1b20b9b44a6237f8b987

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:53 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1158
x-sticky-vk: 1639422473112064-383
Expires: Mon, 13 Dec 2021 19:07:53 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 33ms
32ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C6932050710290808963429194254%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ae91e5b31272bd7791c3745753949bd8aa8651c16a8edaccf474c8b6b55a0b39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:53 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1190
x-sticky-vk: 1639422472904037-377
Expires: Mon, 13 Dec 2021 19:07:53 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 62ms
32ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C69320507102908089631608209234%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9dcc3de69173638a7bd338b34bfe1ee20989b46b3c828bb91fa23d0690680d38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:53 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1192
x-sticky-vk: 1639422473142092-343
Expires: Mon, 13 Dec 2021 19:07:53 GMT

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs= Show response
ads.adaptv.advertising.com/a/h/ 249 B
551 B 430ms
415ms XHR
text/xml 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1351029988&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.sunnewsonline.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62285&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-205-242.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=31&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_apac&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1424909680

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75989
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
137 B 393ms
393ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-2403018226404213&slotname=ellipsis_v_sunnewsonline_v_pre_1&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&sdmax=99000&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422473323&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=910155960415683&ad_block=1&ged=ve4_td13_tt8_pd13_la13000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
93ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:53 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

POST
H2 200 t Show response
t.lkqd.net/ Frame 3A76 0
168 B 136ms
135ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:53 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame D245 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame D317 152 KB
36 KB 47ms
47ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C6932050710290808963750295609%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:53 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

POST
H2 200 t Show response
t.lkqd.net/ Frame 3A76 0
168 B 111ms
110ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:53 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
91ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:53 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 2F85 38 KB
14 KB 39ms
38ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C6932050710290808963750295609%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=52104
expires: Tue, 14 Dec 2021 09:36:17 GMT
date: Mon, 13 Dec 2021 19:07:53 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame D317 38 KB
14 KB 76ms
75ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C6932050710290808963750295609%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:53 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=52104
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Tue, 14 Dec 2021 09:36:17 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=32&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=192032672

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75989
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 162ms
161ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2Fsunnewsonline_EBDA_pubmatic&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&correlator=691849038783228&vpos=preroll&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422473742&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=3766567594968035&ged=ve4_td14_tt9_pd14_la14000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=33&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1043712747

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75989
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 186ms
186ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2FDFP_Z1_Parent_Second_AdBreak%2Fz1_dfp_v_sunnewsonline_v_mid1_1&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&correlator=691849038783228&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422473924&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=3499727136995075&ged=ve4_td14_tt9_pd14_la14000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

Hadi-Sirika.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/Hadi-Sirika.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Hadi-Sirika.jpg

20 KB
20 KB

15ms
14ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Hadi-Sirika.jpg
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2db670154ae9f6597538740b3f981569693f75548ca6811059622fad020d9a8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55245
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20297
pragma: public
referrer-policy
last-modified: Mon, 13 Dec 2021 03:45:25 GMT
server: cloudflare
etag: "4f49-5d2fee7299f5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpDNleI4FQq8SWT0TBc8FKPGIDghkroVGjhLkhyt1uokPTgsiscg6daoMV%2Bkl9qFfReXHitHfI2sf%2BYVRxBgFGGrmXZyXb85OEfTj5EWHR1DmdZwrQ8s7xIS%2Bk%2FS3GjEo4YzH56dsLA9tkg6S1I2F5eWJts%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a5e3f2e4e4f-FRA
expires: Tue, 13 Dec 2022 03:47:08 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWnk3wgGxjy4GauoW64V79KP9JF5bxajsIPXcx8RE%2BDnI9wHL4e2Jvor0ACbZZWbStyOit4hwexU8LNZgwo3az%2BBiyV5YPSCPoOTDHXE%2BWNBvP9HK%2BTVEhijgdGaqCD0wCmrbFmbyk8VYiYtrcH5zA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Hadi-Sirika.jpg
cache-control: max-age=3600
cf-ray: 6bd17a5e2efb4e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:53 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=34&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1682143169

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75990
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
137 B 404ms
404ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-7094677798399606&slotname=v-sunnewsonline-mid-2&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&sdmax=99000&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422474132&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=984616463314605&ad_block=1&ged=ve4_td14_tt9_pd14_la14000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame D317 27 B
358 B 144ms
144ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C6932050710290808963750295609%2C%2C&us_privacy=&cb=1639422473713&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.sunnewsonline.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.sunnewsonline.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-13%2019:7:54&ranreq=0.9609726539950516&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C6932050710290808963750295609%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:54 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 9499 337 KB
114 KB 17ms
16ms Script
application/x-javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6250724039ed93b9a935e138a4bfb656f576e84950c56e719168f4b8a8cc731b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 19:07:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1639422464.dop012.ml1.t,1639422474.cds001.ml1.shn,1639422474.cds001.ml1.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 116217

GET
H2 200 track
aktrack.pubmatic.com/ Frame D317 0
61 B 39ms
38ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639422474&wa=0&e=95&vc=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:54 GMT
content-length: 0
content-type: text/html

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 9499 25 KB
25 KB 17ms
17ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1639422474433
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 19:07:54 GMT
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1639422465.dop009.ml1.t,1639422474.cds019.ml1.shn,1639422474.cds019.ml1.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 9499 301 B
859 B 35ms
34ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fwww.sunnewsonline.com%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:54 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1639422474421044-340
Expires: Mon, 13 Dec 2021 19:07:54 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 9499 67 B
723 B 130ms
129ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&schain=1.0%2C1!vidoomy.com%2C62285%2C1%2C12612365736932050710290808963%2C%2C&vav=a6fdddee1a64eec7f63f7f2e1213467a&vaviv=b8df736dc8c1aed84ed6243ac5ef6c13&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.1.6&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.sunnewsonline.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:54 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639422474413066-423
Expires: Mon, 13 Dec 2021 19:07:54 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 3A76 0
168 B 114ms
114ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:54 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 91ms
91ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:54 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

107ms
107ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:54 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NHD035PW7MTDW772W78G
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:54 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1639422474105050-367
Expires: Mon, 13 Dec 2021 19:07:54 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=

170 B
188 B

22ms
22ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:54 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1639422474401048-378
Expires: Mon, 13 Dec 2021 19:07:54 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=35&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1989887297

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75990
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 162ms
162ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2FDFP_Z1_Parent_third_AdBreak%2Fz1_dfp_v_sunnewsonline_v_mid2_1&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&correlator=691849038783228&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422474555&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=3838353639642125&ged=ve4_td15_tt10_pd15_la15000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vpaid_25214542.js Show response
vpaid.springserve.com/production/ Frame 1F5F 495 KB
87 KB 15ms
15ms Script
application/javascript 2600:9000:21c7:2400:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:2400:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:31:49 GMT
content-encoding: br
last-modified: Fri, 19 Nov 2021 18:30:16 GMT
server: AmazonS3
age: 2075766
etag: W/"185feb14359001049d144410afbeaaa4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: x6MhkTTPPgc6LKK27UN2FjKnKX9FTl-ejU2N-dysV_cRl9fkY2qrKA==

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 1F5F 965 B
854 B 35ms
33ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422473046,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 757f5e4b89cdbe392ff6e02ee733c2186889a607d0e33ec2a08c334d9fb68556

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:54 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 592
expires: Mon, 13 Dec 2021 19:07:54 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 1F5F 0
222 B 13ms
13ms XHR
application/json 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-205-242.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1F5F 160 B
1002 B 48ms
48ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e1a497aa80de74bb74dbf9c0d69770434dc810e717c657292a82d50afc2e552f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:54 GMT
X-Proxy-Origin: 185.232.23.180; 185.232.23.180; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7e5bd244-2d0f-407c-9e19-f8c96336f2b5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 3A76 0
168 B 100ms
100ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:54 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 91ms
91ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:54 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=36&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=186390702

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75990
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
137 B 387ms
386ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-7094677798399606&slotname=v-sunnewsonline-mid-3&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&sdmax=99000&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422474743&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=188057510009461&ad_block=1&ged=ve4_td15_tt10_pd15_la15000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 4E5A 152 KB
36 KB 39ms
38ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422473046,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:54 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 8BB1 38 KB
14 KB 32ms
31ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422473046,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=52103
expires: Tue, 14 Dec 2021 09:36:17 GMT
date: Mon, 13 Dec 2021 19:07:54 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 4E5A 38 KB
14 KB 29ms
28ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422473046,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:54 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=52103
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Tue, 14 Dec 2021 09:36:17 GMT

GET
H2 200 dc_oe=ChMIruSNzLzh9AIVOeu7CB2sNAjPEAAYACC_pORJQhMIva-2y7zh9AIVhSmWCh3e3ADs;met=1;&timestamp=1639422474916;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame E99B 42 B
494 B 80ms
42ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIruSNzLzh9AIVOeu7CB2sNAjPEAAYACC_pORJQhMIva-2y7zh9AIVhSmWCh3e3ADs;met=1;&timestamp=1639422474916;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIn9uXzLzh9AIVj5h7Ch1iSQUqEAAYACD585dNQhMI8v_Hy7zh9AIVqtC7CB1qGwQb;met=1;&timestamp=1639422474964;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame D8AE 42 B
107 B 42ms
42ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIn9uXzLzh9AIVj5h7Ch1iSQUqEAAYACD585dNQhMI8v_Hy7zh9AIVqtC7CB1qGwQb;met=1;&timestamp=1639422474964;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
980 B 16ms
16ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

f0fdca9a356a2b320e254e99d7108e89a4c81c412d25dddb0384a1bde4055e43

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:55 GMT
X-Proxy-Origin: 185.232.23.180; 185.232.23.180; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 621eb11b-d6c8-4b6c-aaa8-756fe809c35a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
64 B 92ms
92ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3 200 dc_oe=ChMI8ufDzLzh9AIV-eK7CB3WWgn7EAAYACDH-pdNQhMIu5f7y7zh9AIViJGWCh0uJA8N;met=1;&timestamp=1639422475123;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 1729 42 B
63 B 59ms
43ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8ufDzLzh9AIV-eK7CB3WWgn7EAAYACDH-pdNQhMIu5f7y7zh9AIViJGWCh0uJA8N;met=1;&timestamp=1639422475123;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMItczFzLzh9AIV-eK7CB3WWgn7EAAYACC50LZNQhMI3vf6y7zh9AIVErOWCh3WQwJG;met=1;&timestamp=1639422475124;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame EEDC 42 B
63 B 57ms
43ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItczFzLzh9AIV-eK7CB3WWgn7EAAYACC50LZNQhMI3vf6y7zh9AIVErOWCh3WQwJG;met=1;&timestamp=1639422475124;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=37&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=2018347902

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75991
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 166ms
165ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2Fvdoai-dfp-parent-adunit%2Fz1_dfp_v_sunnewsonline_v_pre_1&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&correlator=691849038783228&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422475160&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=3424429487216588&ged=ve4_td15_tt10_pd15_la15000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIjuzGzLzh9AIVSTvgCh3BCwUUEAAYACC50LZNQhMInaX7y7zh9AIVwraWCh3Ndwt0;met=1;&timestamp=1639422475166;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame A6EA 42 B
63 B 47ms
46ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjuzGzLzh9AIVSTvgCh3BCwUUEAAYACC50LZNQhMInaX7y7zh9AIVwraWCh3Ndwt0;met=1;&timestamp=1639422475166;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AdServerServlet
vid.pubmatic.com/AdServer/ Frame 4E5A 27 B
0 150ms
150ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422473046,,&us_privacy=&cb=1639422474803&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.sunnewsonline.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.sunnewsonline.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-13%2019:7:55&ranreq=0.42923997366791555&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422473046,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:55 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=38&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=373868625

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75991
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
137 B 403ms
402ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-7094677798399606&slotname=v-sunnewsonline-mid-1&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422475351&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=1730769805361478&ad_block=1&ged=ve4_td15_tt10_pd15_la15000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 1F5F 965 B
854 B 29ms
28ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422473046,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4682c09868a7ae8a5db277b7f6b8b7850b9d3960cc75b0df125859d17a9aa816

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:55 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 592
expires: Mon, 13 Dec 2021 19:07:55 GMT

GET
H2 200 track
aktrack.pubmatic.com/ Frame 1F5F 0
61 B 21ms
21ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639422474&wa=0&e=96&ier=901
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:55 GMT
content-length: 0
content-type: text/html

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame EB05 152 KB
36 KB 34ms
34ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422473046,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:55 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 3180 38 KB
14 KB 27ms
27ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422473046,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=52102
expires: Tue, 14 Dec 2021 09:36:17 GMT
date: Mon, 13 Dec 2021 19:07:55 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame EB05 38 KB
14 KB 25ms
25ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422473046,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:55 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=52102
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Tue, 14 Dec 2021 09:36:17 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=39&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_apac&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=2068174875

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75991
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
138 B 398ms
398ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-2403018226404213&slotname=ellipsis_v_sunnewsonline_v_pre_1&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&sdmax=99000&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422475778&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=1042686827932552&ad_block=1&ged=ve4_td16_tt11_pd16_la16000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 AdServerServlet
vid.pubmatic.com/AdServer/ Frame EB05 27 B
0 102ms
101ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422473046,,&us_privacy=&cb=1639422475553&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.sunnewsonline.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.sunnewsonline.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-13%2019:7:56&ranreq=0.31337787688330665&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422473046,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:56 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

POST
H2 200 i Show response
vid-io-cle.springserve.com/vd/ Frame 1F5F 0
120 B 110ms
109ms XHR
text/plain 3.20.211.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=40c59352&ps_id=356921&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.211.8 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-211-8.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:56 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H2 200 track
aktrack.pubmatic.com/ Frame 1F5F 0
61 B 28ms
27ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639422475&wa=0&e=96&ier=901
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:56 GMT
content-length: 0
content-type: text/html

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=40&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1017123655

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75992
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 19ms
18ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 163ms
162ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2Fsunnewsonline_EBDA_pubmatic&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&correlator=691849038783228&vpos=preroll&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422476200&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=3391335833929294&ged=ve4_td16_tt11_pd16_la16000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 91ms
91ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:56 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

POST
H2 200 t Show response
t.lkqd.net/ Frame 3A76 0
168 B 99ms
99ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:56 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=41&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=257301457

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75992
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 19ms
19ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 152ms
152ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2FDFP_Z1_Parent_Second_AdBreak%2Fz1_dfp_v_sunnewsonline_v_mid1_1&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&correlator=691849038783228&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422476393&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=1071298404674232&ged=ve4_td16_tt11_pd16_la16000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=42&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=2012120024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75992
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 19ms
19ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
138 B 616ms
616ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-7094677798399606&slotname=v-sunnewsonline-mid-2&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&sdmax=99000&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422476562&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=1768120522980221&ad_block=1&ged=ve4_td17_tt12_pd17_la17000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 ad Show response
v.lkqd.net/ Frame A316 2 KB
2 KB 96ms
96ms XHR
application/xml 146.20.132.68
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1153679&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62285%2C1%2C&c5=&c6=62285&rnd=57228384&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.68 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ed8d8b22f52814cb0257bf740d673b67613604b2be7f74e5cbb383aca830189

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:56 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1358

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 46B8 230 KB
61 KB 10ms
9ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:56 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1639422476.cds140.fr8.hn,1639422476.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 5005 5 KB
2 KB 10ms
10ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 13 Dec 2021 19:07:56 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1639422476.cds140.fr8.hn,1639422476.cds226.fr8.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame 46B8 110 KB
7 KB 136ms
136ms XHR
application/json 146.20.132.68
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1153679&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62285%2C1%2C&c5=&c6=62285&rnd=57228384&m=&rtv=1&thost=www.sunnewsonline.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.68 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0993d89e313de81dd76bf67e3303c289a7f674ab571eff2ff34483215883b285

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Dec 2021 19:07:57 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 6633

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 271ms
271ms Preflight 146.20.132.68
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1153679&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62285%2C1%2C&c5=&c6=62285&rnd=57228384&m=&rtv=1&thost=www.sunnewsonline.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.68 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:57 GMT
content-length: 0
access-control-allow-origin: https://www.sunnewsonline.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET cs
cs.lkqd.net/ Frame 5005 0
0

GET
H2 200 cs
cs.lkqd.net/ Frame 5005 43 B
308 B 92ms
92ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:57 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 5005 43 B
308 B 93ms
92ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:57 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET

cs
cs.lkqd.net/ Frame 5005
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886

0
0

GET
H2 200 cs
cs.lkqd.net/ Frame 5005 43 B
308 B 93ms
93ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:57 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

POST
H2 200 t Show response
t.lkqd.net/ Frame 4FBA 0
168 B 95ms
95ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:57 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 91ms
91ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:57 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=43&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1519870009

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75993
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 167ms
167ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2FDFP_Z1_Parent_third_AdBreak%2Fz1_dfp_v_sunnewsonline_v_mid2_1&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&correlator=691849038783228&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422477195&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=3099000203381808&ged=ve4_td17_tt12_pd17_la17000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=44&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=145025001

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75993
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
138 B 141ms
141ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-7094677798399606&slotname=v-sunnewsonline-mid-3&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&sdmax=99000&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422477383&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=738462255395668&ad_block=1&ged=ve4_td17_tt12_pd17_la17000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
744 B 94ms
94ms XHR
text/xml 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.sunnewsonline.com%2F

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:57 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
723 B 230ms
230ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=0&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C4768574266780525908916153533%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:57 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639422477495097-373
Expires: Mon, 13 Dec 2021 19:07:57 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
723 B 127ms
127ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=0&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C6780525908916153533403850963%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:57 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639422477411004-375
Expires: Mon, 13 Dec 2021 19:07:57 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
624 B 110ms
109ms XHR
text/xml 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&t=2

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:57 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.sunnewsonline.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/xml
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK 88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads.adaptv.advertising.com/a/h/ 249 B
551 B 219ms
218ms XHR
text/xml 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1212252546&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.sunnewsonline.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62285&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-205-242.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc= Show response
ads.adaptv.advertising.com/a/h/ 249 B
551 B 423ms
422ms XHR
text/xml 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=687136940&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.sunnewsonline.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-205-242.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 994 B
872 B 29ms
28ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C6780525908916153533550592743%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a2a6756fe9d96a2d326e4371c67a89da7ab3892e5682b70dafb54ff9f1953130

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:57 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 611
expires: Mon, 13 Dec 2021 19:07:57 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 30ms
30ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C10321646696780525908916153533,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ed79c160fb40117ca06fbf088292aa6e03c346cd806108f7f700636cb7da6456

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:57 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1158
x-sticky-vk: 1639422476968053-337
Expires: Mon, 13 Dec 2021 19:07:57 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 47ms
47ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C6780525908916153533260235494%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2e736674bedaa8d406ed24f80576a57f419ecacc065edb614aeaf91309018e78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:57 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1190
x-sticky-vk: 1639422477415043-545
Expires: Mon, 13 Dec 2021 19:07:57 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 28ms
28ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C67805259089161535331212194719%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6dba0b3bbebbefcedcc283f54c336521a4064b0d2cd773ba5c1b8519f3db1419

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:57 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1192
x-sticky-vk: 1639422477372023-550
Expires: Mon, 13 Dec 2021 19:07:57 GMT

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs= Show response
ads.adaptv.advertising.com/a/h/ 249 B
551 B 215ms
214ms XHR
text/xml 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1039536029&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.sunnewsonline.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62285&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-205-242.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=45&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1095792076

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75993
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 452ms
451ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2Fvdoai-dfp-parent-adunit%2Fz1_dfp_v_sunnewsonline_v_pre_1&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&correlator=691849038783228&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422477544&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=3416749472231331&ged=ve4_td18_tt13_pd18_la18000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
92ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:57 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

POST
H2 200 t Show response
t.lkqd.net/ Frame 4FBA 0
168 B 123ms
123ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:58 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 46B8 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 124E 152 KB
36 KB 53ms
52ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C6780525908916153533550592743%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:57 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 6B25 38 KB
14 KB 31ms
31ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C6780525908916153533550592743%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=52100
expires: Tue, 14 Dec 2021 09:36:17 GMT
date: Mon, 13 Dec 2021 19:07:57 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 124E 38 KB
14 KB 29ms
28ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C6780525908916153533550592743%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:57 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=52100
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Tue, 14 Dec 2021 09:36:17 GMT

GET
H3

200

Ghaali-Umar-Naaba-300x350-1.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/Ghaali-Umar-Naaba-300x350-1.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/Ghaali-Umar-Naaba-300x350-1.jpg

20 KB
21 KB

17ms
16ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Ghaali-Umar-Naaba-300x350-1.jpg
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a484287840aae7b683b09950901743fbd88e18c82cc78d8c0c1ec3c5eed9467e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 55298
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20801
pragma: public
referrer-policy
last-modified: Mon, 13 Dec 2021 03:42:17 GMT
server: cloudflare
etag: "5141-5d2fedbf9fea0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfWMSRcblpHYQF6LRwaX4IUp%2FWZt15%2FEB0E%2FYUy8%2F4P8aPMoL6%2BpQddTYqjpr%2ByfwJDAWYdoJpI2Sk6SWAA36ggqf98XJxbKRcxHP6XLOaUIiwdMyhNbzTMFSetIWDzt%2BOySsc23hgzKNmdDB09CLA9Fw8M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a774c444e4f-FRA
expires: Tue, 13 Dec 2022 03:46:19 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:07:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PeYA1VG8wGZ4NGE63LQmwe4%2BVHTJ4O5cqJ8fCvUX%2Fnf7fLK9VpPaM%2B1dY5dgby4BnIws0wvVQZookajmthM2v2r2WL86Z0u%2B%2BxAu6sBafZpUkg16wi99EKlnY6L05nrWHkPpbd6anPZmDT8B5Tb7xw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/Ghaali-Umar-Naaba-300x350-1.jpg
cache-control: max-age=3600
cf-ray: 6bd17a771bd64e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:07:57 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 4FBA 0
168 B 94ms
94ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:58 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
91ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:58 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=46&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1780010080

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75994
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
139 B 422ms
422ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-7094677798399606&slotname=v-sunnewsonline-mid-1&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422478018&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=3432472401874000&ad_block=1&ged=ve4_td18_tt13_pd18_la18000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 124E 27 B
552 B 205ms
205ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C6780525908916153533550592743%2C%2C&us_privacy=&cb=1639422477919&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.sunnewsonline.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.sunnewsonline.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-13%2019:7:58&ranreq=0.22516215323404087&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C6780525908916153533550592743%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:58 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=47&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_apac&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=150557504

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75994
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 19ms
19ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
139 B 392ms
392ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-2403018226404213&slotname=ellipsis_v_sunnewsonline_v_pre_1&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&sdmax=99000&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422478470&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=3010119235313866&ad_block=1&ged=ve4_td18_tt13_pd18_la18000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 1F6F 337 KB
114 KB 25ms
25ms Script
application/x-javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6250724039ed93b9a935e138a4bfb656f576e84950c56e719168f4b8a8cc731b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 19:07:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1639422464.dop012.ml1.t,1639422478.cds001.ml1.shn,1639422478.cds001.ml1.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 116217

GET
H2 200 track
aktrack.pubmatic.com/ Frame 124E 0
61 B 35ms
34ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639422479&wa=0&e=95&vc=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:58 GMT
content-length: 0
content-type: text/html

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 1F6F 25 KB
25 KB 17ms
17ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1639422478733
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 19:07:58 GMT
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1639422465.dop009.ml1.t,1639422478.cds019.ml1.shn,1639422478.cds019.ml1.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 1F6F 301 B
859 B 55ms
54ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fwww.sunnewsonline.com%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:58 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1639422478757029-333
Expires: Mon, 13 Dec 2021 19:07:58 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 1F6F 67 B
723 B 141ms
141ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&schain=1.0%2C1!vidoomy.com%2C62285%2C1%2C10321646696780525908916153533%2C%2C&vav=1652654135a45235a9f24ed541d03116&vaviv=d104d3099a018a64ce99a85b0bb67673&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.1.6&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.sunnewsonline.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:58 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639422478437043-368
Expires: Mon, 13 Dec 2021 19:07:58 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 4FBA 0
168 B 100ms
100ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:58 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 91ms
91ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:58 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=

170 B
188 B

19ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:58 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1639422478814024-362
Expires: Mon, 13 Dec 2021 19:07:58 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

107ms
106ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:58 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: YZ4RJ54BEM8T4GBVZTVV
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:07:58 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1639422478731048-425
Expires: Mon, 13 Dec 2021 19:07:58 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=48&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=241970210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75994
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 174ms
173ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2Fsunnewsonline_EBDA_pubmatic&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&correlator=691849038783228&vpos=preroll&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422478925&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=20760468469186&ged=ve4_td19_tt14_pd19_la19000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vpaid_25214542.js Show response
vpaid.springserve.com/production/ Frame 59F1 495 KB
87 KB 16ms
15ms Script
application/javascript 2600:9000:21c7:2400:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:2400:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:31:49 GMT
content-encoding: br
last-modified: Fri, 19 Nov 2021 18:30:16 GMT
server: AmazonS3
age: 2075770
etag: W/"185feb14359001049d144410afbeaaa4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: TEt7hNE1qBDnJbr6J0_9ms9-2KOxNLUai9zn8SVgilClvsPbNkx0sA==

POST
H2 200 t Show response
t.lkqd.net/ Frame 4FBA 0
168 B 101ms
100ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:07:59 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 98ms
97ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:07:59 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 59F1 965 B
853 B 31ms
30ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c45f0df5c905d3ec2aca255fdc56f2c64a8642ad3c62368c6b38833fa612e086

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:59 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 591
expires: Mon, 13 Dec 2021 19:07:59 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 59F1 0
222 B 9ms
9ms XHR
application/json 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-205-242.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 7D85 152 KB
36 KB 38ms
38ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:59 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=49&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=896704862

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75995
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 213ms
212ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2FDFP_Z1_Parent_Second_AdBreak%2Fz1_dfp_v_sunnewsonline_v_mid1_1&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&correlator=691849038783228&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422479125&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=96033877680341&ged=ve4_td19_tt14_pd19_la19000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 7105 38 KB
14 KB 32ms
32ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=52098
expires: Tue, 14 Dec 2021 09:36:17 GMT
date: Mon, 13 Dec 2021 19:07:59 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 7D85 38 KB
14 KB 30ms
29ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:59 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=52098
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Tue, 14 Dec 2021 09:36:17 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=50&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=116272263

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75995
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
139 B 421ms
421ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-7094677798399606&slotname=v-sunnewsonline-mid-2&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&sdmax=99000&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422479422&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=4274049985398555&ad_block=1&ged=ve4_td19_tt14_pd19_la19000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 AdServerServlet
vid.pubmatic.com/AdServer/ Frame 7D85 27 B
0 98ms
97ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,&us_privacy=&cb=1639422479138&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.sunnewsonline.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.sunnewsonline.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-13%2019:7:59&ranreq=0.15389510256875605&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:59 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 59F1 965 B
853 B 35ms
35ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c45f0df5c905d3ec2aca255fdc56f2c64a8642ad3c62368c6b38833fa612e086

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:07:59 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 591
expires: Mon, 13 Dec 2021 19:07:59 GMT

GET
H2 200 track
aktrack.pubmatic.com/ Frame 59F1 0
61 B 26ms
26ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639422479&wa=0&e=96&ier=901
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:59 GMT
content-length: 0
content-type: text/html

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 81BD 152 KB
36 KB 34ms
33ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:59 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 504A 38 KB
14 KB 25ms
24ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=52098
expires: Tue, 14 Dec 2021 09:36:17 GMT
date: Mon, 13 Dec 2021 19:07:59 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 81BD 38 KB
14 KB 23ms
22ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:07:59 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=52098
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Tue, 14 Dec 2021 09:36:17 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=51&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1345149564

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75995
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 182ms
182ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2FDFP_Z1_Parent_third_AdBreak%2Fz1_dfp_v_sunnewsonline_v_mid2_1&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&correlator=691849038783228&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422479868&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=4205056700861168&ged=ve4_td20_tt15_pd20_la20000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=52&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=917172939

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75996
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
140 B 395ms
395ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-7094677798399606&slotname=v-sunnewsonline-mid-3&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&sdmax=99000&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422480076&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=3189260804499486&ad_block=1&ged=ve4_td20_tt15_pd20_la20000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 AdServerServlet
vid.pubmatic.com/AdServer/ Frame 81BD 27 B
0 100ms
99ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,&us_privacy=&cb=1639422479847&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.sunnewsonline.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.sunnewsonline.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-13%2019:8:0&ranreq=0.3512935571440088&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:00 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=53&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1162434331

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75996
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 199ms
199ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2Fvdoai-dfp-parent-adunit%2Fz1_dfp_v_sunnewsonline_v_pre_1&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&correlator=691849038783228&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422480732&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=2992981811587027&ged=ve4_td21_tt16_pd21_la21000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
aktrack.pubmatic.com/ Frame 59F1 0
61 B 45ms
45ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639422479&wa=0&e=96&ier=901
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:00 GMT
content-length: 0
content-type: text/html

POST
H2 200 i Show response
vid-io-cle.springserve.com/vd/ Frame 59F1 0
120 B 110ms
109ms XHR
text/plain 3.20.211.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=d410e793&ps_id=357265&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.211.8 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-211-8.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:08:00 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H2 200 vpaid_25214542.js Show response
vpaid.springserve.com/production/ Frame 18A5 495 KB
87 KB 20ms
20ms Script
application/javascript 2600:9000:21c7:2400:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:2400:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:31:49 GMT
content-encoding: br
last-modified: Fri, 19 Nov 2021 18:30:16 GMT
server: AmazonS3
age: 2075772
etag: W/"185feb14359001049d144410afbeaaa4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: V4bHQF7WlbHb6qE4I5XCHm7VdJkstPSo9Bib-ZYsQUBAslmJIdnlGA==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=54&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=524063959

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75996
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H2 200 t Show response
t.lkqd.net/ Frame 4FBA 0
168 B 111ms
110ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:08:01 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 93ms
93ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:08:01 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
140 B 403ms
402ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-7094677798399606&slotname=v-sunnewsonline-mid-1&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422480990&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=1386816460428683&ad_block=1&ged=ve4_td21_tt16_pd21_la21000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 18A5 965 B
855 B 41ms
40ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 46a76b6d3bb326a0bfba0dc53daea79c843d24060f6d88ae6c1fba64b0e84b1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:08:01 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 593
expires: Mon, 13 Dec 2021 19:08:01 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 18A5 0
222 B 9ms
8ms XHR
application/json 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-205-242.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 8AB1 152 KB
36 KB 47ms
47ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:01 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame E3C5 38 KB
14 KB 38ms
38ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=52096
expires: Tue, 14 Dec 2021 09:36:17 GMT
date: Mon, 13 Dec 2021 19:08:01 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 8AB1 38 KB
14 KB 37ms
36ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:01 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=52096
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Tue, 14 Dec 2021 09:36:17 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=55&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_apac&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=557669929

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75997
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 19ms
19ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
140 B 439ms
439ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-2403018226404213&slotname=ellipsis_v_sunnewsonline_v_pre_1&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&sdmax=99000&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422481422&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=3060937654407458&ad_block=1&ged=ve4_td21_tt16_pd21_la21000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 AdServerServlet
vid.pubmatic.com/AdServer/ Frame 8AB1 27 B
0 88ms
88ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,&us_privacy=&cb=1639422481105&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.sunnewsonline.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.sunnewsonline.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-13%2019:8:1&ranreq=0.2405560834553533&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:01 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 18A5 965 B
855 B 89ms
89ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 46a76b6d3bb326a0bfba0dc53daea79c843d24060f6d88ae6c1fba64b0e84b1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:08:01 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 593
expires: Mon, 13 Dec 2021 19:08:01 GMT

GET
H2 200 track
aktrack.pubmatic.com/ Frame 18A5 0
61 B 78ms
77ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639422481&wa=0&e=96&ier=901
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:01 GMT
content-length: 0
content-type: text/html

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 8C0E 152 KB
36 KB 43ms
43ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:01 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=56&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=2072633233

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75997
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 55E5 38 KB
14 KB 40ms
39ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=52096
expires: Tue, 14 Dec 2021 09:36:17 GMT
date: Mon, 13 Dec 2021 19:08:01 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 8C0E 38 KB
14 KB 37ms
37ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:01 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=52096
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Tue, 14 Dec 2021 09:36:17 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 229ms
229ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2Fsunnewsonline_EBDA_pubmatic&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&correlator=691849038783228&vpos=preroll&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422481893&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=2470665186677886&ged=ve4_td22_tt17_pd22_la22000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pjimage-18-2-750x375.jpg
www.sunnewsonline.com/wp-content/uploads/2021/12/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/12/pjimage-18-2-750x375.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/12/pjimage-18-2-750x375.jpg

27 KB
27 KB

32ms
32ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/12/pjimage-18-2-750x375.jpg
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 500642f1d60c9f484b10af297fca212c45e4283e57bef513730c609697df2f79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56290
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27368
pragma: public
referrer-policy
last-modified: Mon, 13 Dec 2021 03:28:24 GMT
server: cloudflare
etag: "6ae8-5d2feaa4daef3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDd2UOaj66fYOprcbTp%2FLw6KqSc5vXXKgnerXNXc35eE0uhSB7F2tvu0AGIjta%2FW1ZNrD370Nma9TQdzXQCMWHAk4DkMZ0FejyJqwAcjzr7angCjXoUL96YHx4fmTULC6wHm313c4gX9YsZYL4V%2Ffx9GG4A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17a904f404e4f-FRA
expires: Tue, 13 Dec 2022 03:29:51 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:08:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXMeia%2BtBzDugMd4k%2FTILEoCpNtGAPyCnAbiiD%2Fa1iUIQWfMdb1qPnvgaDWTf9KOpDv7AZp7ptgeoad0IwQl5qMq2dVJDTec1%2BmXQrystNAMhmkYSwWEnQTxf2h1CGaBwwxnpCHcZDVQ2S6jfPdiDw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/12/pjimage-18-2-750x375.jpg
cache-control: max-age=3600
cf-ray: 6bd17a902ee54e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:08:01 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=57&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1636083151

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75998
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 166ms
166ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2FDFP_Z1_Parent_Second_AdBreak%2Fz1_dfp_v_sunnewsonline_v_mid1_1&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&correlator=691849038783228&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422482140&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=1712081725904615&ged=ve4_td22_tt17_pd22_la22000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=58&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1793981288

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75998
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 22ms
21ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
140 B 396ms
396ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-7094677798399606&slotname=v-sunnewsonline-mid-2&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&sdmax=99000&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422482323&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=1468345811088005&ad_block=1&ged=ve4_td22_tt17_pd22_la22000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 AdServerServlet
vid.pubmatic.com/AdServer/ Frame 8C0E 27 B
0 97ms
97ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,&us_privacy=&cb=1639422481882&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.sunnewsonline.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.sunnewsonline.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-13%2019:8:2&ranreq=0.3512297056710143&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422477321,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:02 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

POST
H2 200 i Show response
vid-io-cle.springserve.com/vd/ Frame 18A5 0
120 B 111ms
110ms XHR
text/plain 3.20.211.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=e492012d&ps_id=356921&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.211.8 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-211-8.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:08:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H2 200 track
aktrack.pubmatic.com/ Frame 18A5 0
61 B 36ms
36ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639422481&wa=0&e=96&ier=901
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:02 GMT
content-length: 0
content-type: text/html

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 91ms
91ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:08:02 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

POST
H2 200 t Show response
t.lkqd.net/ Frame 4FBA 0
168 B 109ms
109ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:08:02 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET track
aktrack.pubmatic.com/ Frame 18A5 0
0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=59&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1991567557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75998
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 197ms
195ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2FDFP_Z1_Parent_third_AdBreak%2Fz1_dfp_v_sunnewsonline_v_mid2_1&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&correlator=691849038783228&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422482749&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=1058868601330458&ged=ve4_td23_tt18_pd23_la23000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=60&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1505714841

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75998
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 19ms
19ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 26ms
26ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
140 B 673ms
669ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-7094677798399606&slotname=v-sunnewsonline-mid-3&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&sdmax=99000&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422482986&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=2503415387775356&ad_block=1&ged=ve4_td23_tt18_pd23_la23000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 ad Show response
v.lkqd.net/ Frame A316 2 KB
2 KB 95ms
95ms XHR
application/xml 146.20.132.68
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1153679&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62285%2C1%2C&c5=&c6=62285&rnd=26577173&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.68 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 2b983ef092894d98ad7de2a9c68ffe22105184042498e02403a35b6224903dc9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:03 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1357

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 0C78 230 KB
61 KB 10ms
9ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:03 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1639422483.cds140.fr8.hn,1639422483.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 0D90 5 KB
2 KB 9ms
9ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 13 Dec 2021 19:08:03 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1639422483.cds140.fr8.hn,1639422483.cds226.fr8.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame 0C78 88 KB
6 KB 133ms
133ms XHR
application/json 146.20.132.68
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1153679&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62285%2C1%2C&c5=&c6=62285&rnd=26577173&m=&rtv=1&thost=www.sunnewsonline.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.68 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 3edf2d04def22c0d30b27c1d4720a29c76f88b42198a6082716adfedd85bc7ac

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Dec 2021 19:08:03 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 5828

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 93ms
93ms Preflight 146.20.132.68
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1153679&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62285%2C1%2C&c5=&c6=62285&rnd=26577173&m=&rtv=1&thost=www.sunnewsonline.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.68 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:08:03 GMT
content-length: 0
access-control-allow-origin: https://www.sunnewsonline.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
H2 200 cs
cs.lkqd.net/ Frame 0D90 43 B
308 B 92ms
91ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:03 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 0D90 43 B
308 B 305ms
304ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:03 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 0D90 43 B
308 B 94ms
93ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:03 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 0D90 43 B
308 B 303ms
302ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:03 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 0D90
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886

43 B
308 B

91ms
91ms

Image
image/gif

146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:03 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886
pragma: no-cache
date: Mon, 13 Dec 2021 19:08:02 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST
H2 200 t Show response
t.lkqd.net/ Frame 7D76 0
168 B 107ms
106ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:08:03 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
91ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:08:03 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
744 B 118ms
118ms XHR
text/xml 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.sunnewsonline.com%2F

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:03 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
723 B 204ms
204ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=0&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C14121301795300506837396767702%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:03 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639422483391006-377
Expires: Mon, 13 Dec 2021 19:08:03 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
723 B 171ms
171ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=0&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C53005068373967677022095133183%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:03 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639422483524087-406
Expires: Mon, 13 Dec 2021 19:08:03 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
744 B 121ms
121ms XHR
text/xml 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&t=2

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:03 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 995 B
871 B 35ms
34ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C53005068373967677021014429761%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 85c049b80c847fb623fcddc7c4b81a29a37ef8792194c03db545d7b32a91cba2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:08:03 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 609
expires: Mon, 13 Dec 2021 19:08:03 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 50ms
50ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C8826069695300506837396767702,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 33dc78a2a4e5677db54da3ff54394f0a1f501dfae5b8cee381e06a3082a6c7a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:03 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1156
x-sticky-vk: 1639422483553061-426
Expires: Mon, 13 Dec 2021 19:08:03 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 35ms
34ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C53005068373967677021319196624%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3c5512b1ba053136c7db4d3a8773cc3c1944ace22ed5a9dd6455daadbd0d2348

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:03 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1192
x-sticky-vk: 1639422483509095-424
Expires: Mon, 13 Dec 2021 19:08:03 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 30ms
30ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C5300506837396767702348952170%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7432ae62cd21799c1218abdd084cc10a34975285375e3893645655d15a6d0f74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:03 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1190
x-sticky-vk: 1639422483572012-580
Expires: Mon, 13 Dec 2021 19:08:03 GMT

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs= Show response
ads.adaptv.advertising.com/a/h/ 249 B
551 B 220ms
220ms XHR
text/xml 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=603326195&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.sunnewsonline.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62285&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-205-242.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 91ms
91ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:08:03 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

POST
H2 200 t Show response
t.lkqd.net/ Frame 7D76 0
168 B 133ms
133ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:08:04 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 0C78 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 3E76 152 KB
36 KB 55ms
54ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C53005068373967677021014429761%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:03 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

POST
H2 200 t Show response
t.lkqd.net/ Frame 7D76 0
168 B 111ms
110ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:08:04 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
91ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:08:03 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 8304 38 KB
14 KB 42ms
41ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C53005068373967677021014429761%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=52094
expires: Tue, 14 Dec 2021 09:36:17 GMT
date: Mon, 13 Dec 2021 19:08:03 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 3E76 38 KB
14 KB 45ms
44ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C53005068373967677021014429761%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:03 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=52094
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Tue, 14 Dec 2021 09:36:17 GMT

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 3E76 27 B
358 B 150ms
149ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C53005068373967677021014429761%2C%2C&us_privacy=&cb=1639422483960&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.sunnewsonline.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.sunnewsonline.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-13%2019:8:4&ranreq=0.34548487377687254&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C53005068373967677021014429761%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:04 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame F7F7 337 KB
114 KB 22ms
21ms Script
application/x-javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6250724039ed93b9a935e138a4bfb656f576e84950c56e719168f4b8a8cc731b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 19:08:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1639422464.dop012.ml1.t,1639422484.cds001.ml1.shn,1639422484.cds001.ml1.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 116217

GET
H2 200 track
aktrack.pubmatic.com/ Frame 3E76 0
61 B 57ms
56ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639422485&wa=0&e=95&vc=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:04 GMT
content-length: 0
content-type: text/html

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 94ms
92ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:08:04 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

POST
H2 200 t Show response
t.lkqd.net/ Frame 7D76 0
168 B 110ms
109ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:08:04 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame F7F7 25 KB
25 KB 18ms
18ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1639422484742
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 19:08:04 GMT
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1639422465.dop009.ml1.t,1639422484.cds019.ml1.shn,1639422484.cds019.ml1.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET
H2

200

freewheel
um.simpli.fi/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://x.bidswitch.net/sync?ssp=stickyads&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=stickyads&bsw_custom_parameter=80dcca2c-d676-49f5-a23a-0eb8ac5bfab6
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=stickyads&expires=10&bsw_param=80dcca2c-d676-49f5-a23a-0eb8ac5bfab6
https://ads.stickyadstv.com/user-registering?dataProviderId=204&userId=80dcca2c-d676-49f5-a23a-0eb8ac5bfab6
https://a.tribalfusion.com/i.match?p=b25&u=dd3ef9182a146ca43335a3409c61b&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D977%26userId%3D%24TF_U...
https://ads.stickyadstv.com/user-registering?dataProviderId=977&userId=18072662317486555609
https://image8.pubmatic.com/AdServer/ImgSync?p=156429&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156429%26mpc%3D4%26fp%3D1%26pmc%3DPM_PMC%26pr%3Dhttps%253A%25...
https://image4.pubmatic.com/AdServer/SPug?p=156429&mpc=4&fp=1&pmc=1&pr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D642%26userId%3D3ACD464A-A328-4DF4-8F1A-0DD8945657AC
https://ads.stickyadstv.com/user-registering?dataProviderId=642&userId=3ACD464A-A328-4DF4-8F1A-0DD8945657AC
https://um.simpli.fi/freewheel?

43 B
415 B

20ms
20ms

Image
image/gif

169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel?

Protocol

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 12 Dec 2021 19:08:05 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:05 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://um.simpli.fi/freewheel?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1639422485502084-363
Expires: Mon, 13 Dec 2021 19:08:05 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame F7F7 301 B
859 B 49ms
48ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fwww.sunnewsonline.com%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:04 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1639422484779014-351
Expires: Mon, 13 Dec 2021 19:08:04 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame F7F7 67 B
723 B 145ms
144ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&schain=1.0%2C1!vidoomy.com%2C62285%2C1%2C8826069695300506837396767702%2C%2C&vav=552b1fc89d0ca09e4c2270e29bc218c5&vaviv=935290ce43d265c1788fb73c787a757c&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.1.6&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.sunnewsonline.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:04 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639422484776047-419
Expires: Mon, 13 Dec 2021 19:08:04 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=

170 B
188 B

27ms
26ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:08:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:04 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1639422484912002-334
Expires: Mon, 13 Dec 2021 19:08:04 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

107ms
106ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:05 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 6E7Y9GBXAAAGB4B0SV6F
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:05 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1639422484908060-375
Expires: Mon, 13 Dec 2021 19:08:05 GMT

GET
H3 200 dc_oe=ChMIruSNzLzh9AIVOeu7CB2sNAjPEAAYACC_pORJQhMIva-2y7zh9AIVhSmWCh3e3ADs;met=1;&timestamp=1639422484915;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame E99B 42 B
63 B 45ms
44ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIruSNzLzh9AIVOeu7CB2sNAjPEAAYACC_pORJQhMIva-2y7zh9AIVhSmWCh3e3ADs;met=1;&timestamp=1639422484915;eid1=2;ecn1=0;etm1=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:08:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vpaid_25214542.js Show response
vpaid.springserve.com/production/ Frame 56F9 495 KB
87 KB 28ms
23ms Script
application/javascript 2600:9000:21c7:2400:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:2400:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:31:49 GMT
content-encoding: br
last-modified: Fri, 19 Nov 2021 18:30:16 GMT
server: AmazonS3
age: 2075777
etag: W/"185feb14359001049d144410afbeaaa4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: eonzH53zZcCixH8IdUdNZaCgwNZJ-NK8_pSAvx_MxXx7BST0PD5-Dw==

GET
H3 200 dc_oe=ChMIn9uXzLzh9AIVj5h7Ch1iSQUqEAAYACD585dNQhMI8v_Hy7zh9AIVqtC7CB1qGwQb;met=1;&timestamp=1639422485000;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame D8AE 42 B
63 B 47ms
45ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIn9uXzLzh9AIVj5h7Ch1iSQUqEAAYACD585dNQhMI8v_Hy7zh9AIVqtC7CB1qGwQb;met=1;&timestamp=1639422485000;eid1=2;ecn1=0;etm1=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:08:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 56F9 965 B
854 B 82ms
82ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422483471,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82b6396bafcc7bf4901f8f059a26116281737e578634c11cecd0e33d7e879767

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:08:05 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 592
expires: Mon, 13 Dec 2021 19:08:05 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 56F9 0
222 B 9ms
8ms XHR
application/json 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-205-242.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 56F9 160 B
1002 B 294ms
294ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

ca797cedc13965d9cdf3f332e635423aacd504af4686164780b3ca9979b7533a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:05 GMT
X-Proxy-Origin: 185.232.23.180; 185.232.23.180; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d495f316-a990-4118-84f6-cc0bac06cc9b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
91ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:08:05 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

POST
H2 200 t Show response
t.lkqd.net/ Frame 7D76 0
168 B 105ms
103ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:08:05 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H3 200 dc_oe=ChMI8ufDzLzh9AIV-eK7CB3WWgn7EAAYACDH-pdNQhMIu5f7y7zh9AIViJGWCh0uJA8N;met=1;&timestamp=1639422485131;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 1729 42 B
63 B 43ms
43ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8ufDzLzh9AIV-eK7CB3WWgn7EAAYACDH-pdNQhMIu5f7y7zh9AIViJGWCh0uJA8N;met=1;&timestamp=1639422485131;eid1=2;ecn1=0;etm1=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:08:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMItczFzLzh9AIV-eK7CB3WWgn7EAAYACC50LZNQhMI3vf6y7zh9AIVErOWCh3WQwJG;met=1;&timestamp=1639422485135;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame EEDC 42 B
63 B 48ms
48ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItczFzLzh9AIV-eK7CB3WWgn7EAAYACC50LZNQhMI3vf6y7zh9AIVErOWCh3WQwJG;met=1;&timestamp=1639422485135;eid1=2;ecn1=0;etm1=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:08:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
981 B 61ms
29ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

f9a39d3d7f33f85df45221d345b167201be7f11eb6fa1d37319ff633acd64c94

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:05 GMT
X-Proxy-Origin: 185.232.23.180; 185.232.23.180; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7c2fb040-6718-44f9-b747-09aca3a74028
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
64 B 189ms
189ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sunnewsonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:08:04 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3 200 dc_oe=ChMIjuzGzLzh9AIVSTvgCh3BCwUUEAAYACC50LZNQhMInaX7y7zh9AIVwraWCh3Ndwt0;met=1;&timestamp=1639422485166;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame A6EA 42 B
63 B 52ms
52ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjuzGzLzh9AIVSTvgCh3BCwUUEAAYACC50LZNQhMInaX7y7zh9AIVwraWCh3Ndwt0;met=1;&timestamp=1639422485166;eid1=2;ecn1=0;etm1=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:08:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 4E2E 152 KB
36 KB 58ms
57ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422483471,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:05 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 91B1 38 KB
14 KB 34ms
34ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422483471,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=52092
expires: Tue, 14 Dec 2021 09:36:17 GMT
date: Mon, 13 Dec 2021 19:08:05 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 4E2E 38 KB
14 KB 29ms
28ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422483471,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:05 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=52092
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Tue, 14 Dec 2021 09:36:17 GMT

GET
H2 200 AdServerServlet
vid.pubmatic.com/AdServer/ Frame 4E2E 27 B
0 149ms
149ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422483471,,&us_privacy=&cb=1639422485299&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.sunnewsonline.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.sunnewsonline.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-13%2019:8:5&ranreq=0.860572295159461&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422483471,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:05 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H3

200

efcc-edited.jpg
www.sunnewsonline.com/wp-content/uploads/2021/09/
Redirect Chain

https://sunnewsonline.com/wp-content/uploads/2021/09/efcc-edited.jpg
https://www.sunnewsonline.com/wp-content/uploads/2021/09/efcc-edited.jpg

31 KB
31 KB

21ms
21ms

Image
image/jpeg

2606:4700:3038::6815:ea95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sunnewsonline.com/wp-content/uploads/2021/09/efcc-edited.jpg
Protocol: H3
Server: 2606:4700:3038::6815:ea95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e91421648415d4768d4969bcec9ab2d9d0ebdd21108124a9dc3c20a904e2f7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56769
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31371
pragma: public
referrer-policy
last-modified: Fri, 03 Sep 2021 00:14:26 GMT
server: cloudflare
etag: "7a8b-5cb0c2eabddb3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdU60gzLLZoHsx9nsZE%2BhfqbJgbfHQzwxWtxgaTMGJMxFiC767e9DgpVlyL%2BtOmZB19ffGzUh67lmL9a6DtTgIwSf9lfz9SKQmi1i99TThsKm4BqU2n%2FGFCwiEMhvJxoZmIOdZ6U9MqWxObf1%2BJ%2FsdOKQKA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6bd17aa93bea4e4f-FRA
expires: Tue, 13 Dec 2022 03:21:56 GMT

Redirect headers

date: Mon, 13 Dec 2021 19:08:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60gh0lba8RbjreKUgAbY8h5cEVqSi0ShGsgnQegiZhe3vC8Nj5YTozeu8IrABWeJ8EENTkq7nOnk4%2B6onopegblIII8dPwCil5wRx%2BKTfG1kuT%2BSgXjmG9K%2FLaBlFQagB%2BpSTkkptcyof%2Bgdp4xYCA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://www.sunnewsonline.com/wp-content/uploads/2021/09/efcc-edited.jpg
cache-control: max-age=3600
cf-ray: 6bd17aa91bb94e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 13 Dec 2021 20:08:05 GMT

POST
H2 200 i Show response
vid-io-cle.springserve.com/vd/ Frame 56F9 0
120 B 110ms
109ms XHR
text/plain 3.20.211.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=757d5694&ps_id=356921&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.20.211.8 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-211-8.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:08:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H2 200 track
aktrack.pubmatic.com/ Frame 56F9 0
61 B 20ms
20ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639422485&wa=0&e=96&ier=901
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:05 GMT
content-length: 0
content-type: text/html

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
91ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:08:06 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

POST
H2 200 t Show response
t.lkqd.net/ Frame 7D76 0
168 B 101ms
101ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:08:06 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame A316 2 KB
2 KB 95ms
95ms XHR
application/xml 146.20.132.68
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1153679&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62285%2C1%2C&c5=&c6=62285&rnd=62416849&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.68 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 9943130367dc79fe4029ff76217da8358919b7d7dc17efc46d48b25c9845f718

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:06 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1360

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame D0CF 230 KB
61 KB 9ms
9ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:06 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 21:06:56 GMT
etag: "cca1f428155a1f13b17a4684f2c8ef1c"
x-hw: 1639422486.cds140.fr8.hn,1639422486.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62015

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 8CFA 5 KB
2 KB 10ms
9ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 13 Dec 2021 19:08:06 GMT
content-encoding: gzip
content-length: 1909
content-type: text/html
last-modified: Tue, 26 Oct 2021 15:08:45 GMT
accept-ranges: bytes
etag: "10c6626c1705141142b0302e29b3bd0e"
cache-control: public, max-age=1209600
x-hw: 1639422486.cds140.fr8.hn,1639422486.cds226.fr8.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame D0CF 123 KB
7 KB 287ms
287ms XHR
application/json 146.20.132.68
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1153679&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62285%2C1%2C&c5=&c6=62285&rnd=62416849&m=&rtv=1&thost=www.sunnewsonline.com
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.68 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e595a440551c1fd28bd13beac9ed7a226f31901fc6e0363be98ca19a27733a51

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Dec 2021 19:08:07 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 7005

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 93ms
93ms Preflight 146.20.132.68
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1153679&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C62285%2C1%2C&c5=&c6=62285&rnd=62416849&m=&rtv=1&thost=www.sunnewsonline.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.68 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:08:06 GMT
content-length: 0
access-control-allow-origin: https://www.sunnewsonline.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
H2 200 cs
cs.lkqd.net/ Frame 8CFA 43 B
308 B 93ms
91ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:06 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 8CFA 43 B
308 B 93ms
92ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:06 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 8CFA 43 B
308 B 93ms
92ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:06 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2 200 cs
cs.lkqd.net/ Frame 8CFA 43 B
308 B 93ms
93ms Image
image/gif 146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:06 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

cs
cs.lkqd.net/ Frame 8CFA
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886

43 B
308 B

92ms
91ms

Image
image/gif

146.20.132.112
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.132.112 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:07 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886
pragma: no-cache
date: Mon, 13 Dec 2021 19:08:06 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST
H2 200 t Show response
t.lkqd.net/ Frame 87A4 0
168 B 115ms
115ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:08:07 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
91ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:08:07 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
624 B 101ms
101ms XHR
text/xml 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.sunnewsonline.com%2F

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:08:07 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.sunnewsonline.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/xml
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
723 B 166ms
165ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=0&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C19461668861191972606325449985%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:07 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639422487258024-599
Expires: Mon, 13 Dec 2021 19:08:07 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
723 B 131ms
130ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=0&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C11919726063254499851810316055%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:07 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639422487208008-335
Expires: Mon, 13 Dec 2021 19:08:07 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
744 B 98ms
97ms XHR
text/xml 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&t=2

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:07 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc= Show response
ads.adaptv.advertising.com/a/h/ 249 B
551 B 213ms
213ms XHR
text/xml 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=450550523&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.sunnewsonline.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62285&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-205-242.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ= Show response
ads.adaptv.advertising.com/a/h/ 249 B
551 B 413ms
413ms XHR
text/xml 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHxk7bKbXb_mQ=?cb=398473582&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.sunnewsonline.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62285&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-205-242.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK 88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads.adaptv.advertising.com/a/h/ 249 B
551 B 424ms
424ms XHR
text/xml 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=838081201&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.sunnewsonline.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62285&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-205-242.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc= Show response
ads.adaptv.advertising.com/a/h/ 249 B
551 B 436ms
421ms XHR
text/xml 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelH9MRL4b0Zbrc=?cb=565183519&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.sunnewsonline.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-205-242.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 995 B
872 B 59ms
58ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C11919726063254499851945929577%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2df95c5e092331672697b37bb0688ec1608b83096bf468facf3332f7711381f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:08:07 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 611
expires: Mon, 13 Dec 2021 19:08:07 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 34ms
34ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C16579772231191972606325449985,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4754ba79b39c8eb7a4161278f91c700f1220f4919dd4e8586c70170f2424d26f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:07 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1158
x-sticky-vk: 1639422487205025-343
Expires: Mon, 13 Dec 2021 19:08:07 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 31ms
30ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C11919726063254499851737451758%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7d86a041dd9d3c03d876fdeebd8113ff3d92b98d158189799d82bb65d3e383a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:07 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1192
x-sticky-vk: 1639422487115094-407
Expires: Mon, 13 Dec 2021 19:08:07 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 46ms
46ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C11919726063254499852079182327%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d47079803887823d96a8eb9ae62ba1bb0a63606d0e21c63bb00c7175f8c17c26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:07 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1192
x-sticky-vk: 1639422487242016-356
Expires: Mon, 13 Dec 2021 19:08:07 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 37ms
30ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C11919726063254499851836990116%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 05f07496c02d3777eb6dc0a21b617f5af01ffd00cfb8ddc4094c9d87c127a345

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:07 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1192
x-sticky-vk: 1639422487164064-339
Expires: Mon, 13 Dec 2021 19:08:07 GMT

GET
H/1.1 200
OK LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs= Show response
ads.adaptv.advertising.com/a/h/ 249 B
551 B 427ms
412ms XHR
text/xml 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1908799792&gdpr=0&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.sunnewsonline.com%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=62285&hp=1

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-205-242.eu-central-1.compute.amazonaws.com

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
92ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:08:07 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

POST
H2 200 t Show response
t.lkqd.net/ Frame 87A4 0
168 B 140ms
140ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:08:07 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame D0CF 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame A299 152 KB
36 KB 74ms
74ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C11919726063254499851945929577%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:07 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 6B86 38 KB
14 KB 64ms
64ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C11919726063254499851945929577%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=52090
expires: Tue, 14 Dec 2021 09:36:17 GMT
date: Mon, 13 Dec 2021 19:08:07 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame A299 38 KB
14 KB 64ms
63ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C11919726063254499851945929577%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:07 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=52090
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Tue, 14 Dec 2021 09:36:17 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 87A4 0
168 B 108ms
107ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:08:07 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
92ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:08:07 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame A299 27 B
363 B 184ms
184ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C11919726063254499851945929577%2C%2C&us_privacy=&cb=1639422487782&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.sunnewsonline.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.sunnewsonline.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-13%2019:8:8&ranreq=0.30763729684053387&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0%2C1%21vidoomy.com%2C62285%2C1%2C11919726063254499851945929577%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:08 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame F91D 337 KB
114 KB 18ms
18ms Script
application/x-javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 6250724039ed93b9a935e138a4bfb656f576e84950c56e719168f4b8a8cc731b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 19:08:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1639422464.dop012.ml1.t,1639422488.cds001.ml1.shn,1639422488.cds001.ml1.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 116217

GET
H2 200 track
aktrack.pubmatic.com/ Frame A299 0
61 B 43ms
42ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639422488&wa=0&e=95&vc=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:08 GMT
content-length: 0
content-type: text/html

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame F91D 25 KB
25 KB 18ms
17ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1639422488548
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 19:08:08 GMT
Last-Modified: Wed, 10 Nov 2021 01:56:07 GMT
ETag: "1636509367"
X-HW: 1639422465.dop009.ml1.t,1639422488.cds019.ml1.shn,1639422488.cds019.ml1.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET
H2

200

freewheel
um.simpli.fi/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
https://freewheel.adhaven.com/bid-engine/cs/b714c175b3fe12d9388dfc1431d76197/v1?rd=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1217%26userId%3D%24UID&gdpr=0&gdpr_consent...
https://ads.stickyadstv.com/user-registering?dataProviderId=1217&userId=4c_42a42205-c0df-4d9d-b33b-07d04c2174c5
https://um.simpli.fi/freewheel?

43 B
415 B

37ms
36ms

Image
image/gif

169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel?

Protocol

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:08 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 12 Dec 2021 19:08:08 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:08 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://um.simpli.fi/freewheel?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1639422488718031-359
Expires: Mon, 13 Dec 2021 19:08:08 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame F91D 301 B
859 B 37ms
36ms XHR
text/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fwww.sunnewsonline.com%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:08 GMT
Server: nginx
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1639422488568011-392
Expires: Mon, 13 Dec 2021 19:08:08 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame F91D 67 B
723 B 251ms
250ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&schain=1.0%2C1!vidoomy.com%2C62285%2C1%2C16579772231191972606325449985%2C%2C&vav=2ac2cbb1f4972a91c33696f756c64b7d&vaviv=318174837f98dff6148741a3f5efdb24&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.1.6&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fwww.sunnewsonline.com%2F&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept: application/xml, text/xml
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:08 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639422488794079-554
Expires: Mon, 13 Dec 2021 19:08:08 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 87A4 0
168 B 100ms
100ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:08:08 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 92ms
91ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:08:08 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:08:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:08 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZGQzZWY5MTgyYTE0NmNhNDMzMzVhMzQwOWM2MWI=&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1639422488320021-344
Expires: Mon, 13 Dec 2021 19:08:08 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

107ms
107ms

Image
image/gif

52.46.154.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:08 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: CP0C3PH636ESESEW8GS6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:08 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=dd3ef9182a146ca43335a3409c61b&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1639422488302040-384
Expires: Mon, 13 Dec 2021 19:08:08 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=61&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=357589743

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76004
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D171 156 B
142 B 211ms
211ms XHR
text/xml 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2Fvdoai-dfp-parent-adunit%2Fz1_dfp_v_sunnewsonline_v_pre_1&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&correlator=691849038783228&vpos=preroll&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422488751&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=1661996628619214&ged=ve4_td29_tt24_pd29_la29000_er0.0.0.0_vi0.0.1200.1600_vp0_ts6_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vpaid_25214542.js Show response
vpaid.springserve.com/production/ Frame 683D 495 KB
87 KB 18ms
18ms Script
application/javascript 2600:9000:21c7:2400:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:2400:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 18:31:49 GMT
content-encoding: br
last-modified: Fri, 19 Nov 2021 18:30:16 GMT
server: AmazonS3
age: 2075780
etag: W/"185feb14359001049d144410afbeaaa4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: TBBZGX2HH6hmiBfaHfkDays4Izix8xVmgD3bcU175EKRMVhCgeoZNg==

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 683D 965 B
854 B 24ms
23ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422487098,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 86c22f4bf4e97335056c46a89eba3a8f3b8908af3033a913102f5f4a81fe5dc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:08:08 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 592
expires: Mon, 13 Dec 2021 19:08:08 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 683D 0
222 B 9ms
9ms XHR
application/json 35.157.205.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Vidoomy
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.205.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-205-242.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 683D 160 B
1002 B 55ms
55ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2fc7f929df686c1711e054fad8fe579676f464aa52ab1d91bd19ca6d4304b4a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 19:08:08 GMT
X-Proxy-Origin: 185.232.23.180; 185.232.23.180; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 06a2441f-072f-4945-a8d9-5536c7639e8f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sunnewsonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 160
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 529C 152 KB
36 KB 31ms
31ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422487098,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:08 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=62&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1538949535

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76004
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H2 200 t Show response
t.lkqd.net/ Frame 87A4 0
168 B 100ms
100ms XHR
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.sunnewsonline.com
date: Mon, 13 Dec 2021 19:08:09 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 93ms
93ms Preflight
text/plain 146.20.132.63
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.63 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sunnewsonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 13 Dec 2021 19:08:09 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.sunnewsonline.com

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
140 B 688ms
687ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-7094677798399606&slotname=v-sunnewsonline-mid-1&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422489001&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=3933323107595132&ad_block=1&ged=ve4_td29_tt24_pd29_la29000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 7BB7 38 KB
14 KB 25ms
25ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422487098,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=52088
expires: Tue, 14 Dec 2021 09:36:17 GMT
date: Mon, 13 Dec 2021 19:08:09 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 529C 38 KB
14 KB 23ms
23ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422487098,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:09 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=52088
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Tue, 14 Dec 2021 09:36:17 GMT

GET
H2 200 AdServerServlet
vid.pubmatic.com/AdServer/ Frame 529C 27 B
0 109ms
108ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422487098,,&us_privacy=&cb=1639422489012&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.sunnewsonline.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.sunnewsonline.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-13%2019:8:9&ranreq=0.6473100232269924&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422487098,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:09 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 683D 965 B
854 B 46ms
46ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422487098,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_25214542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a1e1712b68a2966fc7238bd4bddee7b56ade0cbcd4b05b71c02104bc59274fde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 19:08:09 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5c92d699e808f"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 592
expires: Mon, 13 Dec 2021 19:08:09 GMT

GET
H2 200 track
aktrack.pubmatic.com/ Frame 683D 0
61 B 41ms
41ms Image
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639422488&wa=0&e=96&ier=901
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:09 GMT
content-length: 0
content-type: text/html

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 6A0D 152 KB
36 KB 61ms
61ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422487098,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:09 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 05:02:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1408294-25f9a-5c92d699d3c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 36260

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=63&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_apac&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1478780941

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76005
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D171 156 B
140 B 392ms
392ms XHR
text/xml 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-2403018226404213&slotname=ellipsis_v_sunnewsonline_v_pre_1&ad_type=video&description_url=http%3A%2F%2Fsunnewsonline.com&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=click&sdmax=99000&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&sdkv=h.3.491.0&video_product_type=0&min_ad_duration=0&sz=498x280&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=807671657&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&dlt=1639422460162&idt=5512&dt=1639422489736&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&correlator=1785683810922488&ad_block=1&ged=ve4_td30_tt25_pd30_la30000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 7943 38 KB
14 KB 42ms
42ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422487098,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=52088
expires: Tue, 14 Dec 2021 09:36:17 GMT
date: Mon, 13 Dec 2021 19:08:09 GMT
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 6A0D 38 KB
14 KB 49ms
49ms Script
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422487098,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:09 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 10:00:01 GMT
server: Apache/2.2.15 (CentOS)
etag: "1302647-96ae-5ceb1b98ba7c4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=52088
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 13882
expires: Tue, 14 Dec 2021 09:36:17 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
10ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1219105699&t=event&_s=64&dl=https%3A%2F%2Fwww.sunnewsonline.com%2F&ul=en-us&de=UTF-8&dt=The%20Sun%20Nigeria%20%E2%80%93%20Nigeria%20news%20national%20tabloid%20newspaper&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=adrequest_google_dfp&el=v-sunnewsonline&_u=SCCACUABD~&jid=&gjid=&cid=654118136.1639422461&tid=UA-113932176-35&_gid=1070411777.1639422461&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=191870113

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Dec 2021 22:01:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76006
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 22ms
21ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 20ms
20ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sunnewsonline.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sunnewsonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 13 Dec 2021 19:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET ads
securepubads.g.doubleclick.net/gampad/ Frame D171 0
0

GET
H2 200 AdServerServlet
vid.pubmatic.com/AdServer/ Frame 6A0D 27 B
0 123ms
123ms XHR
application/xml 185.64.190.75
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422487098,,&us_privacy=&cb=1639422489767&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.sunnewsonline.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.sunnewsonline.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-12-13%2019:8:10&ranreq=0.5393158295620852&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.sunnewsonline.com%2F&schain=1.0,1!vidoomy.com,62285,1,1639422487098,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 19:08:10 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.sunnewsonline.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-vdbg: 1:0/165:-1
content-type: application/xml; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/simgad/185292643845051503?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qly70pWglUVdEh2miAMMDUb-3wHQg

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Domain: vhs.vdo.ai
URL: https://vhs.vdo.ai/uploads/thumbnails/16388516019461aee4118882a.png

Domain: vhs.vdo.ai
URL: https://vhs.vdo.ai/uploads/videos/16388516019461aee4118882a.m3u8

Domain: vhs.vdo.ai
URL: https://vhs.vdo.ai/uploads/videos/16388516019461aee4118882a.m3u8

Domain: s.vdo.ai
URL: https://s.vdo.ai/uploads/videos/16388516019461aee4118882a.m3u8

Domain: s.vdo.ai
URL: https://s.vdo.ai/uploads/videos/16388516019461aee4118882a.m3u8

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8

Domain: s.vdo.ai
URL: https://s.vdo.ai/uploads/videos/16388516019461aee4118882a.m3u8

Domain: s.vdo.ai
URL: https://s.vdo.ai/uploads/videos/16388516019461aee4118882a.m3u8

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Domain: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Domain: image4.pubmatic.com
URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=b8be61b7-99fe-4d00-bc17-b53262889e6e

Domain: pixel.onaudience.com
URL: https://pixel.onaudience.com/?partner=214&mapped=3ACD464A-A328-4DF4-8F1A-0DD8945657AC

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKfK0JqYzDbpCRDDiFVvPTo&google_cver=1

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:b8be61b7-99fe-4d00-bc17-b53262889e6e&gdpr=0&gdpr_consent=

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3474378168057276366&gdpr=0&gdpr_consent=

Domain: aktrack.pubmatic.com
URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639422465&wa=0&e=95&vc=2

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1

Domain: s.vdo.ai
URL: https://s.vdo.ai/uploads/videos/16388516019461aee4118882a.m3u8

Domain: s.vdo.ai
URL: https://s.vdo.ai/uploads/videos/16388516019461aee4118882a.m3u8

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=

Domain: bh.contextweb.com
URL: https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAKeek7DbzQAAD1DgdIPyg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2

Domain: a.audrte.com
URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=3ACD464A-A328-4DF4-8F1A-0DD8945657AC

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113932176-23

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?dsp_id=188&user_id=vpZ4P16DSmpCOB0B3AkRzrnoF7Q&user_group=1&ssp=stickyads&gdpr=0

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3534133052399560886

Domain: aktrack.pubmatic.com
URL: https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1639422481&wa=0&e=96&ier=901

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?env=instream&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&iu=%2F26001828%2Fsunnewsonline_EBDA_pubmatic&description_url=http%3A%2F%2Fsunnewsonline.com&tfcd=0&npa=0&sz=800x450%7C444x250%7C635x357%7C640x360%7C400x300&correlator=691849038783228&vpos=preroll&vad_type=linear&ad_type=audio_video&url=https%3A%2F%2Fwww.sunnewsonline.com%2F&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined%26pubmatic_ebda%3Dtrue%26rubicon_ebda%3Dtrue%26sovrn_ebda%3Dtrue%26unruly_ebda%3Dtrue&vpa=click&vpmute=0&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=44d&adk=2054189184&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fwww.sunnewsonline.com%2F8fb1baca-f1e6-44c5-a61e-cef9748be3a4&sid=C72CECAE-FB40-459B-9778-A2D07A48EC1D&nel=1&dlt=1639422460162&idt=5512&dt=1639422490168&cookie=ID%3D395cd4a97f3f9c50%3AT%3D1639422460%3AS%3DALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ&scor=439937056492557&ged=ve4_td30_tt25_pd30_la30000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Verdicts & Comments Add Verdict or Comment

448 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

148 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.sunnewsonline.com/	1970-01-19 23:23:43	Name: IRtrack Value: com
www.sunnewsonline.com/	1970-01-19 23:23:44	Name: IRcookieTime Value: {"stopclick1":"1s","stopclick2":"1s","stopclick3":"3s","stopclick4":"4s","blockipclick2":"1s","blockipclick3":"2s","blockipclick5":"9s","blockipclick7":"1m","blockipclick9":"2m","blockipclick10":"5m","cookiesinterval":"30m","blockcookies":"720m","viewport":"true","cookiescheck":"true","blacklistip":"3m","stopadsclick":"0","adsrefresh":"true","adsrefreshtime":"40"}
www.sunnewsonline.com/	1969-12-31 23:59:59	Name: quads_browser_width Value: 1600
www.sunnewsonline.com/	1970-01-19 23:24:25	Name: incRevIpCheck Value: 2001:ac8:20:8f:137::1
.sunnewsonline.com/	1970-01-20 16:54:54	Name: _ga Value: GA1.2.654118136.1639422461
.sunnewsonline.com/	1970-01-19 23:25:08	Name: _gid Value: GA1.2.1070411777.1639422461
.sunnewsonline.com/	1970-01-19 23:23:42	Name: _gat_gtag_UA_75348301_1 Value: 1
.vdo.ai/	1970-01-19 23:23:44	Name: __cf_bm Value: GEwd6cD4V5BTmc1uES_7najq7Js0OW768R5MxTcPasU-1639422460-0-AUbcMvKBWJqtuTCyC+Zg+WlTnaTDh8OevqDTTpQmXw5oEQFN3c/7Tynn9btbYHtQF5hhzw33toO3/5PqLGWhcFI=
ads.stickyadstv.com/	1970-01-20 00:06:54	Name: UID Value: dd3ef9182a146ca43335a3409c61b
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 7cfe97cfca25497eb476c6b2358ea78
.feedify.net/	1970-01-19 23:23:44	Name: __cf_bm Value: T3ULeVpvwHTyDSlP2s8QZqXkFXLPP9Yj0UtNOhk.Fms-1639422461-0-Abk1j+GHKKuh4NUi8b+9AMhFQvNWIUvJk+A4M4rNpQdxjUwG79C3AVzWuWhnQu/0ewTcn/3VG5a1nmJgODF94IE=
www.sunnewsonline.com/	1970-01-20 16:54:54	Name: feedify_trackvisit Value: 1639422461106.192168154144
.sunnewsonline.com/	1970-01-19 23:23:42	Name: _gat_gtag_UA_113932176_35 Value: 1
.sunnewsonline.com/	1970-01-20 08:45:18	Name: __gads Value: ID=395cd4a97f3f9c50:T=1639422460:S=ALNI_MajA4Ytx79wKpcY0s1kQ-Df_JO5mQ
.turn.com/	1970-01-20 03:42:54	Name: uid Value: 3534133052399560886
.doubleclick.net/	1970-01-20 08:45:18	Name: IDE Value: AHWqTUm22NyEeE8qa568Hb9bSU5xRbVm6wK8OPp07tAWZu-Qp61krjTzB3FXadwxAVA
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: UblNJOQNFxw
.youtube.com/	1970-01-20 03:42:54	Name: VISITOR_INFO1_LIVE Value: A7M8RBoTRCc
.bidswitch.net/	1970-01-20 08:09:18	Name: tuuid Value: 80dcca2c-d676-49f5-a23a-0eb8ac5bfab6
.bidswitch.net/	1970-01-20 08:09:18	Name: c Value: 1639422462
.bidswitch.net/	1970-01-20 08:09:18	Name: tuuid_lu Value: 1639422462
.mathtag.com/	1970-01-20 08:49:37	Name: uuid Value: b8be61b7-99fe-4d00-bc17-b53262889e6e
.doubleclick.net/	1970-01-19 23:23:46	Name: DSID Value: NO_DATA
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: pxId Value: 7169
.vidoomy.com/	1970-01-20 08:09:18	Name: vidoomy-uids Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjgwZGNjYTJjLWQ2NzYtNDlmNS1hMjNhLTBlYjhhYzViZmFiNiIsImV4cGlyZXMiOjE2NDIwMTQ0NjJ9LCJDRU4iOnsidWlkIjoibm8tY29uc2VudCIsImV4cGlyZXMiOjE2NDIwMTQ0NjJ9fX0=
.casalemedia.com/	1970-01-20 08:09:18	Name: CMID Value: YbeZ-x.qV.BQvM.QozvQXAAA
.casalemedia.com/	1970-01-20 01:33:18	Name: CMPS Value: 5202
.casalemedia.com/	1970-01-20 01:33:18	Name: CMPRO Value: 1135
.adnxs.com/	1970-01-20 01:33:18	Name: uuid2 Value: 3474378168057276366
.adnxs.com/	1970-01-20 01:33:18	Name: anj Value: dTM7k!M41.D>6NRF']wIg2InAv7C<'!]tbPl1M>e)ZlrFUfJ+tGXxoHL?:#f^H:.>L!9B28_/4iIRx$i]5.g`uRpP@bpRzqF1`ba=6IRTZ
.casalemedia.com/	1970-01-20 08:09:18	Name: CMRUM3 Value: 2d61b799ff2760CAESEOA7z96ulZdzSDOJNBcfpAY
.quantserve.com/	1970-01-20 08:53:56	Name: mc Value: 61b799ff-a925e-0fb27-fdf0d
.rlcdn.com/	1970-01-20 08:09:18	Name: rlas3 Value: 3xOhd7smXgO9ynMffNzfHomqY+T2XCpNdzalorMdReU=
.rlcdn.com/	1970-01-20 00:50:06	Name: pxrc Value: CP+z3o0GEgUI6AcQABIGCOndKhAA
.pubmatic.com/	1970-01-20 01:33:18	Name: KADUSERCOOKIE Value: 3ACD464A-A328-4DF4-8F1A-0DD8945657AC
.spotxchange.com/	1970-01-20 08:09:22	Name: audience Value: f36e1edb-5c47-11ec-8637-10a0cca80106
.innovid.com/	1970-01-20 01:33:18	Name: uuid Value: 0c2da4ce-3ad5-4ba0-bdd4-bfa7435040d7-20211213 14:07:43
.yahoo.com/	1970-01-20 08:09:40	Name: A3 Value: d=AQABBP-Zt2ECEBIMwzLZan0lLQrQxsxLsU0FEgEBAQHruGHBYQAAAAAA_eMAAA&S=AQAAAlS1zqdhDuRQtksMEk1m53k
.e.dlx.addthis.com/	1970-01-20 08:53:56	Name: na_tc Value: Y
.addthis.com/	1970-01-20 08:53:56	Name: na_id Value: 2021121319074400012789977709
.addthis.com/	1970-01-20 08:53:56	Name: na_tc Value: Y
.addthis.com/	1970-01-20 08:53:56	Name: uid Value: 61b79a0008631268
.addthis.com/	1970-01-20 08:53:56	Name: ouid Value: 61b79a000001a76594a771203395cd142cc787adc37ca3c20312
.dlx.addthis.com/	1970-01-20 00:06:54	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 00:06:54	Name: na_sr Value: 20211213
.dlx.addthis.com/	1970-01-19 23:23:42	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 00:06:54	Name: na_sc_e Value: 0
.pubmatic.com/	1970-01-20 01:33:18	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 01:33:18	Name: pp Value: 156498
.pubmatic.com/	1970-01-19 23:25:08	Name: PMDTSHR Value: cat:
.adfarm1.adition.com/	1970-01-20 01:33:18	Name: UserID1 Value: 7041265867236767896
.adform.net/	1970-01-20 00:08:20	Name: C Value: 1
.adform.net/	1970-01-20 00:50:06	Name: uid Value: 6379734603191744295
.simpli.fi/	1970-01-20 08:10:44	Name: suid Value: BC645DDB5A294CCFBD7267F3192E45F7
.de17a.com/	1970-01-20 08:02:06	Name: guid2 Value: 1.1790455566403472678
.adsrvr.org/	1970-01-20 08:09:18	Name: TDID Value: ec54adb6-4271-4109-b238-fbfa812e8263
.pubmatic.com/	1970-01-20 00:06:54	Name: KRTBCOOKIE_1101 Value: 23040-7041265867236767896
.mathtag.com/	1970-01-20 00:06:54	Name: mt_mop Value: 4:1639422464
.blismedia.com/	1970-01-20 08:09:22	Name: b Value: 61B79A0004953DB8D3BA9DD6BLIS
.ctnsnet.com/	1970-01-20 08:09:18	Name: cid_1d8c0b506788440389a810c8389b2993 Value: 1
.m6r.eu/	1970-01-19 23:23:46	Name: test Value: true
.pubmatic.com/	1970-01-20 00:06:54	Name: KRTBCOOKIE_336 Value: 5844-1790455566403472678
.casalemedia.com/	1970-01-19 23:25:08	Name: CMST Value: YbeZ-2G3mgAA
.pubmatic.com/	1970-01-20 00:06:54	Name: KRTBCOOKIE_27 Value: 16735-uid:b8be61b7-99fe-4d00-bc17-b53262889e6e&KRTB&16736-uid:b8be61b7-99fe-4d00-bc17-b53262889e6e&KRTB&23019-uid:b8be61b7-99fe-4d00-bc17-b53262889e6e&KRTB&23114-uid:b8be61b7-99fe-4d00-bc17-b53262889e6e
.pubmatic.com/	1970-01-20 00:06:54	Name: KRTBCOOKIE_80 Value: 22987-CAESEKfK0JqYzDbpCRDDiFVvPTo&KRTB&16514-CAESEKfK0JqYzDbpCRDDiFVvPTo&KRTB&23025-CAESEKfK0JqYzDbpCRDDiFVvPTo
.pubmatic.com/	1970-01-20 00:06:54	Name: KRTBCOOKIE_57 Value: 22776-3474378168057276366
.onaudience.com/	1970-01-20 08:09:18	Name: cookie Value: 064eebcb93d5cc35
.onaudience.com/	1970-01-19 23:25:08	Name: done_redirects104 Value: 1
.targeting.unrulymedia.com/	1970-01-20 08:09:18	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-1f9ab7a2-77b3-4762-8294-e8b0be90fe4c-003%22%7D
.m6r.eu/	1970-01-20 01:33:18	Name: cct Value: 1639422464890
.m6r.eu/	1970-01-20 01:33:18	Name: id Value: 39287af3eff7ee7bced8735bb0d130f5
.agkn.com/	1970-01-20 08:09:18	Name: ab Value: 0001%3AJjED3IEbbi9zMOgPUVnyXa8Zcahg7UUj
.agkn.com/	1970-01-20 08:09:18	Name: u Value: C\|0CEApSlaAKUpWgAAAAAABAQ13AQEAAQpAAAAAAA
.blau.de/	1970-01-19 23:33:47	Name: webShopPV Value: ?partnerId=BLU_DSP_TRA_HAV_34114_PV&mediacode=25093339_4307561_290584500_154735167_PO1003A&ref=25093339_4307561_290584500_154735167_PO1003A
.fwmrm.net/	1970-01-20 03:42:54	Name: _uid Value: "pc029_7041265871502952442"
ads.stickyadstv.com/	1970-01-19 23:43:52	Name: uid-bp-30833 Value: 1
ads.stickyadstv.com/	1970-01-20 00:50:06	Name: uid-bp-36033 Value: pc029_7041265871502952442
ads.stickyadstv.com/	1970-01-20 00:50:06	Name: MRM_UID Value: pc029_7041265871502952442
www.sunnewsonline.com/	1970-01-19 23:23:44	Name: requestCount Value: 1
ads.stickyadstv.com/	1970-01-20 00:50:06	Name: uid-bp-159 Value: CAESEGaqlGB3hwfuNPDWGdeMhrc
ads.stickyadstv.com/	1970-01-20 00:50:06	Name: uid-bp-892 Value: ec54adb6-4271-4109-b238-fbfa812e8263
ads.stickyadstv.com/	1970-01-20 00:50:06	Name: uid-bp-951 Value: 3474378168057276366
.quantserve.com/	1970-01-20 01:33:18	Name: d Value: EIUBDgH5JIEO-TA
ads.stickyadstv.com/	1970-01-20 00:06:54	Name: uid-bp-717 Value: y-go.435RE2oM0GlU32GIXyqeyclweV3fkopLFi649~A
.analytics.yahoo.com/	1970-01-20 08:10:44	Name: IDSYNC Value: 18z8~222j
.pubmatic.com/	1970-01-20 00:06:54	Name: KRTBCOOKIE_153 Value: 1923-Eo0krh2FIP8J3X-rEdlrqULedK4J2iL_FNikSV1M&KRTB&19420-Eo0krh2FIP8J3X-rEdlrqULedK4J2iL_FNikSV1M&KRTB&22979-Eo0krh2FIP8J3X-rEdlrqULedK4J2iL_FNikSV1M
.fiftyt.com/	1970-01-20 08:09:18	Name: fifid Value: 312dceaf-590b-4a9b-65ca-137a4a4b56d1
.fiftyt.com/	1970-01-20 08:09:18	Name: cs Value: MTYzOTQyMjQ2NnxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fMJQzMTn8UaTt8fvfoGjJNxWhvPE1Kjzzq_xypB6VXd7
.pubmatic.com/	1970-01-20 00:06:54	Name: KRTBCOOKIE_188 Value: 3189-no-consent
.adsrvr.org/	1970-01-20 08:09:18	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwi2mKqIvJ2fOhAFGAEgASgCMgsIgLz_wdKdnzoQBTgBWgthZGNvbmR1Y3RvcmAC
.fiftyt.com/	1970-01-19 23:33:47	Name: fppm Value: 20211213190746
.1rx.io/	1970-01-20 08:09:18	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-1f9ab7a2-77b3-4762-8294-e8b0be90fe4c-003%22%2C%22nxtrdr%22%3Afalse%7D
.semasio.net/	1970-01-20 08:09:18	Name: SEUNCY Value: DA258A4A22E021B5
ads.stickyadstv.com/	1970-01-20 00:50:06	Name: uid-bp-529 Value: b8be61b7-99fe-4d00-bc17-b53262889e6e
.zeotap.com/	1970-01-20 08:09:18	Name: zc Value: 3e3ffe40-b56c-48ca-6413-aa1faff4d08a
.pubmatic.com/	1970-01-20 00:06:54	Name: KRTBCOOKIE_594 Value: 17107-RX-1f9ab7a2-77b3-4762-8294-e8b0be90fe4c-003
ads.avct.cloud/	1970-01-20 08:09:18	Name: uuid Value: 789ad8c0-7391-4f67-9651-6626b4b716bf
.everesttech.net/	1970-01-20 08:09:18	Name: everest_g_v2 Value: g_surferid~YbeaAgAL0Bn6mABG
.w55c.net/	1970-01-20 08:53:56	Name: wfivefivec Value: CIJXfyNx1MWQFQ5
.pubmatic.com/	1970-01-20 00:06:54	Name: KRTBCOOKIE_22 Value: 14911-3534133052399560886
.w55c.net/	1970-01-20 00:06:54	Name: matchfreewheel Value: 5
.pubmatic.com/	1970-01-20 00:06:54	Name: KRTBCOOKIE_218 Value: 4056-YbeaAgAL0Bn6mABG&KRTB&22978-YbeaAgAL0Bn6mABG&KRTB&23194-YbeaAgAL0Bn6mABG&KRTB&23209-YbeaAgAL0Bn6mABG
.bidr.io/	1970-01-20 08:52:12	Name: bito Value: AAKeek7DbzQAAD1DgdIPyg
.bidr.io/	1970-01-20 08:52:12	Name: bitoIsSecure Value: ok
ads.stickyadstv.com/	1970-01-20 00:50:06	Name: uid-bp-23329 Value: CIJXfyNx1MWQFQ5
.pubmatic.com/	1970-01-20 00:06:54	Name: KRTBCOOKIE_466 Value: 16530-80dcca2c-d676-49f5-a23a-0eb8ac5bfab6
ads.stickyadstv.com/	1970-01-20 00:50:06	Name: uid-bp-617 Value: 6379734603191744295
ads.stickyadstv.com/	1970-01-20 00:50:06	Name: uid-bp-45 Value: YbeaAgAL0Bn6mABG
.pubmatic.com/	1970-01-20 01:33:18	Name: DPSync3 Value: 1639440000%3A174%7C1640563200%3A226_227_241_235_201_197_219_221
.weborama.fr/	1970-01-20 08:55:23	Name: AFFICHE_W Value: YXpV6p25WhZh49
.taboola.com/	1970-01-20 08:09:18	Name: t_gid Value: 3561ddb8-9d66-434e-9c26-05202515e1b0-tuct8b11f82
.erne.co/	1970-01-20 08:09:18	Name: u Value: 2HgDlJ61k0lPGnzsWU4HX-f7
.pubmatic.com/	1970-01-20 00:06:54	Name: KRTBCOOKIE_409 Value: 22966-2HgDlJ61k0lPGnzsWU4HX-f7
.adsby.bidtheatre.com/	1970-01-19 23:33:47	Name: __kuid Value: 99c5cb9b-3293-4a73-8aaf-9dccfc8cd9fb.408636467
ads.playground.xyz/	1970-01-19 23:33:37	Name: connect.sid Value: s%3AZNQhBM6AOl9EEOR-6lt_aTrzVNr_EiWD.QkpKO%2Fc%2Fz5W28tE33p6nPD9YvDXtinKW033J4%2F6j0ro
sync.srv.stackadapt.com/	1970-01-20 08:09:18	Name: sa-user-id Value: s%3A0-be96783f-5e83-4a6a-4238-1d01dc0911ce.DFxnhw8fVrs%2BbfSNgUOic2%2FLx%2FJlz4uxxcWrLr6tKWk
.srv.stackadapt.com/	1970-01-20 08:09:18	Name: sa-user-id-v2 Value: s%3A0-be96783f-5e83-4a6a-4238-1d01dc0911ce%24ip%24185.232.23.180.Zmb%2FrTeJAqrx4xwrLW%2FqOJNUIf0CAJgVmi0S%2F4jMQyg
.pubmatic.com/	1970-01-20 00:06:54	Name: KRTBCOOKIE_860 Value: 16335-vpZ4P16DSmpCOB0B3AkRzrnoF7Q
.pubmatic.com/	1970-01-20 01:33:18	Name: SyncRTB3 Value: 1641945600%3A203%7C1640563200%3A8_233_56_166_99_189_57_3_104_222_204_238_22_230_234_161_81_71_7_21_165_176_5_88_220_54_55_231_13%7C1640649600%3A35%7C1639958400%3A223_2_15%7C1640217600%3A63%7C1644537600%3A69
.w55c.net/	1970-01-20 00:06:54	Name: matchpubmatic Value: 5
.pubmatic.com/	1970-01-20 00:06:54	Name: KRTBCOOKIE_107 Value: 1471-uid:CIJXfyNx1MWQFQ5
.pubmatic.com/	1970-01-20 00:06:54	Name: PugT Value: 1639422468
.ipredictive.com/	1970-01-20 08:09:18	Name: cu Value: f6458fe6-5c47-11ec-96ba-955e0c724771\|1639422468583
.pubmatic.com/	1970-01-20 00:06:54	Name: KRTBCOOKIE_279 Value: 22890-f6458fe6-5c47-11ec-96ba-955e0c724771&KRTB&23011-f6458fe6-5c47-11ec-96ba-955e0c724771
.sunnewsonline.com/	1970-01-19 23:23:44	Name: __cf_bm Value: b1Usyhru5N43jUDy4ky31e39C4GCGt7xoahB7AJkmGk-1639422469-0-AZNqmhg2NeVlOlTXQQBUwc8B7ko38fRCu4yPCyhKlnpXm7IVv8drzvznkAiX35AgejtqX226l6aq1zuhlayYsFU=
ads.stickyadstv.com/	1970-01-20 00:06:54	Name: uid-bp-26913 Value: AAKeek7DbzQAAD1DgdIPyg
ads.stickyadstv.com/	1970-01-20 00:06:54	Name: uid-bp-171 Value: 3534133052399560886
ads.stickyadstv.com/	1970-01-20 00:50:06	Name: uid-bp-25746 Value: f6458fe6-5c47-11ec-96ba-955e0c724771
.ads.pubmatic.com/	1970-01-19 23:25:08	Name: pubsyncexp Value: 1639444070479
ads.stickyadstv.com/	1970-01-20 00:50:06	Name: uid-bp-25522 Value: no-consent
.adotmob.com/	1970-01-20 08:52:30	Name: uid Value: 070f22040087ccafb263a1f3
.adotmob.com/	1970-01-20 08:52:30	Name: uuid Value: 070f22040087ccafb263a1f3
.adotmob.com/	1970-01-20 08:52:30	Name: partners Value: STI%3A1639422478481
ads.stickyadstv.com/	1970-01-20 00:50:06	Name: uid-bp-1501 Value: 070f22040087ccafb263a1f3
ads.stickyadstv.com/	1970-01-20 00:50:06	Name: uid-bp-27649 Value: ac4a84fe66644cd08ef91bc3d984374a
ads.stickyadstv.com/	1970-01-20 00:50:06	Name: uid-bp-33281 Value: pc029_7041265871502952442
.sundaysky.com/	1970-01-20 16:54:54	Name: sskyu Value: d6.067168ccd0cd48eeab51aa3af646926d
.sundaysky.com/	1970-01-20 16:54:54	Name: sskyCreationTime Value: 1639422480068
.sundaysky.com/	1970-01-19 23:33:47	Name: sskya Value: "e2Z3Ont0czoiMzN0anRjIix0OiJuaSJ9fQ=="
ads.stickyadstv.com/	1970-01-20 00:50:06	Name: uid-bp-23521 Value: d6.067168ccd0cd48eeab51aa3af646926d
ads.stickyadstv.com/	1970-01-20 00:50:06	Name: uid-bp-838 Value: 80dcca2c-d676-49f5-a23a-0eb8ac5bfab6
.tribalfusion.com/	1970-01-20 01:33:18	Name: ANON_ID Value: atnwYSriItgP3PTReCy437cbr3JMhNjdsMsEjLX7GL40OFU6ZbhVIkl5EMpvEZbSviHFygbGGAJHBce3qYseTqxscOGfPNgmO5xZaFgEKTRRJ5Hv3QnCaRlTFSxZdWIZc
ads.stickyadstv.com/	1970-01-20 00:50:06	Name: uid-bp-31665 Value: 18072662317486555609
.pubmatic.com/	1970-01-20 01:33:18	Name: chkChromeAb67Sec Value: 6
.pubmatic.com/	1970-01-20 00:06:54	Name: SPugT Value: 1639422484
ads.stickyadstv.com/	1970-01-19 23:33:47	Name: uid-bp-24418 Value: 3ACD464A-A328-4DF4-8F1A-0DD8945657AC
.adhaven.com/	1970-01-23 14:59:42	Name: uid Value: 4c_42a42205-c0df-4d9d-b33b-07d04c2174c5
ads.stickyadstv.com/	1970-01-20 00:50:06	Name: uid-bp-36433 Value: 4c_42a42205-c0df-4d9d-b33b-07d04c2174c5

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	Message: Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
network	error	URL: https://tpcf.feedify.net/uploads/settings/8d6b4600ec59c11748c05c5693f15b59.js?ts=0.25957226590814675 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://vhs.vdo.ai/uploads/thumbnails/16388516019461aee4118882a.png Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://vhs.vdo.ai/uploads/videos/16388516019461aee4118882a.m3u8 Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://s.vdo.ai/uploads/videos/16388516019461aee4118882a.m3u8 Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://s.vdo.ai/uploads/videos/16388516019461aee4118882a.m3u8 Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://s.vdo.ai/uploads/videos/16388516019461aee4118882a.m3u8 Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_gid=CAESEPiLHkzO2FHMDhFCpYxfrjk&google_push=AYg5qPLIyj2-7_ESmuItYgWiXsFlg60aRED8U4EgleYp0GBoTmBwUkb54Teyo4KdShULDrybgZP1sZOpa3EP1-kGH0LhYfbDnDrr&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPJglm0Mujo6SNJjQFcGkn17cGjXsAhSiK-Z_qr6zGgTbaivx3TAONyGSFVDasuSc54AKujp_riMV9_6XwB3dstgR2bGIxPE&google_gid=CAESEIMLOFF6Z5rskG-Xb60Se-8 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLI4uJk0vCZnek5I8uJQMmaXuVvL0c4OLHbNiqA1ISHfCAeSG9F-Nz9tKO58Ch0F_HG5PaX6X7v3N3nxyD9g0V0dWy9O1WG&google_gid=CAESEB3Rz0jO_hrYKyHxT9SYIC8&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_push=AYg5qPJ3tXkf2Vw1EAezmbeGB9KhShWh4Msy-C52UNymVn-nMCRBQDf1jIcGxpdpOX1Iv75jp2y9REZ4Hek-7dHQcL9D8pJvMYvI Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_push=AYg5qPLOZZzlJxg_df918TPZRRyEhMtwLT5ePydHaQ7ImSKcMY5B1r_4H5iw0hH6pAs_KanO0xOPrewvHx2MM1Cq2p07BWfFfa4&google_gid=CAESELpa1mBQySi-UH_puFCXN1c&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YbeZ_x-qV-BQvM-QozvQXAAABG8AAAIB&google_cver=1&google_push=AYg5qPLFmNc9135knogz4DxpxOlcMu30Yt97nwORvsWd78CQ1dqVXe6TJKDBkyAJcYLhSkW9-_MT-N3Oi_wySOMJsmpKwaeuo9A9&google_gid=CAESELpa1mBQySi-UH_puFCXN1c Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: https://www.sunnewsonline.com/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network	error	URL: https://x.bidswitch.net/sync?dsp_id=188&user_id=vpZ4P16DSmpCOB0B3AkRzrnoF7Q&user_group=1&ssp=stickyads&gdpr=0 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9ddccda7aa7ae7a8252fbc75455c9b9b.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
a.vdo.ai
a.vidoomy.com
acdn.adnxs.com
ad.lkqd.net
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.adaptv.advertising.com
ads.avct.cloud
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adx.adform.net
ag.innovid.com
ajax.googleapis.com
aktrack.pubmatic.com
analytics.vdo.ai
aud.pubmatic.com
banner.vdo.ai
bh.contextweb.com
bidswitch-eu.splicky.com
c1.adform.net
cdn.ampproject.org
cdn.feedify.net
cdn.stickyadstv.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
core.iprom.net
cr.frontend.weborama.fr
cs.lkqd.net
csync.loopme.me
d.agkn.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
encrypted-tbn0.gstatic.com
feedify.net
fonts.googleapis.com
fonts.gstatic.com
freewheel.adhaven.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
green.erne.co
hbopenbid.pubmatic.com
ib.adnxs.com
id.rlcdn.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
increaserev.com
js.genieessp.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mwzeom.zeotap.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.everesttech.net
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.wp.com
pm.w55c.net
portal.blau.de
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
rtb.gumgum.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
s.vdo.ai
s0.2mdn.net
secure.adnxs.com
secureads.increaserev.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
stats.g.doubleclick.net
stats.wp.com
stg.vidoomy.com
sunnewsonline.com
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.lkqd.net
targeting.vdo.ai
tpc.googlesyndication.com
tpcf.feedify.net
tr.blismedia.com
tracking.m6r.eu
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
v.lkqd.net
vhs.vdo.ai
vid-io-cle.springserve.com
vid.pubmatic.com
visitor.fiftyt.com
vpaid.pubmatic.com
vpaid.springserve.com
www.cloudflare.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.sunnewsonline.com
www.youtube.com
x.bidswitch.net
a.audrte.com
ads.pubmatic.com
ads.stickyadstv.com
aktrack.pubmatic.com
bh.contextweb.com
c1.adform.net
cm.g.doubleclick.net
cs.lkqd.net
image2.pubmatic.com
image4.pubmatic.com
match.adsrvr.org
match.prod.bidr.io
pagead2.googlesyndication.com
pixel.onaudience.com
s.vdo.ai
securepubads.g.doubleclick.net
simage2.pubmatic.com
tpc.googlesyndication.com
vhs.vdo.ai
www.googletagmanager.com
x.bidswitch.net
104.111.215.191
104.111.242.245
142.250.184.194
142.250.184.226
142.250.185.66
142.250.185.98
146.20.132.112
146.20.132.63
146.20.132.68
151.101.1.108
151.101.1.44
151.101.194.49
151.139.128.11
169.50.137.182
172.217.18.98
173.231.180.197
178.250.2.151
178.62.202.251
18.196.159.27
18.196.197.61
18.197.219.57
185.29.134.244
185.33.220.241
185.33.221.90
185.64.189.110
185.64.189.112
185.64.190.75
185.64.190.79
185.64.190.80
185.64.190.81
185.64.190.87
185.94.180.125
188.34.152.202
192.0.76.3
195.5.165.20
198.47.127.19
198.47.127.20
2.18.233.180
2.18.234.21
2.18.234.233
2001:4de0:ac19::1:b:3a
205.185.216.10
213.155.156.165
213.19.147.44
217.182.200.29
222.230.178.131
23.88.75.189
2600:9000:21c7:2400:15:6f6c:b180:93a1
2606:4700:10::6816:1857
2606:4700:20::681a:17e
2606:4700:3031::ac43:b662
2606:4700:3033::ac43:de92
2606:4700:3038::6815:ea95
2606:4700:3039::6815:c087
2606:4700::6810:7c60
2606:4700::6812:d05
2620:112:f002:bbbb::21
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:80:800::7000
2a00:1450:4001:803::2004
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2006
2a00:1450:4001:828::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9b
2a02:fa8:8806:20::2040
2a04:4e42::300
2a05:d018:d29:3601:32f1:6bb5:fef5:f5d6
2a05:d01c:1d8:8101:fca3:6f47:214a:2d54
3.122.131.186
3.126.56.137
3.129.250.65
3.20.211.8
3.227.93.166
34.102.253.54
34.194.7.56
34.251.173.19
34.96.105.8
34.98.64.218
35.157.205.242
35.186.193.173
35.186.253.211
35.201.81.244
35.201.96.126
35.227.208.19
35.244.174.68
35.244.210.213
37.157.2.239
37.157.6.242
38.27.122.126
38.91.45.7
51.77.119.11
52.214.235.66
52.223.40.198
52.46.154.242
54.39.16.115
54.73.238.193
66.155.71.149
72.251.244.141
77.243.60.138
8.39.36.142
82.113.101.236
85.114.159.118
87.98.228.78
99.83.189.147
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
01cb7ad44c858eeea652bbd539f5222195c738674fde666199126beaffa19746
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
045d305f397996f9ed7cbbc69281fdfeefba499e9992e759ae060f30e0a72d1a
0493f79ed9925b96386392d145d82700629ead432c3985d478c5162e3cef3192
0591755f89250c33625d47d23675218bbcaf5f677ff20bee0bf832c943f7fac0
05f07496c02d3777eb6dc0a21b617f5af01ffd00cfb8ddc4094c9d87c127a345
064e3b6316d70280aa108cc9e48e78e1a50ca5542f84de69077800dc6bc0b065
0707cba2c0c05efff37b7f6fd3bc0630b57c808f351c63279f7d40bf58d69399
08c431e1feb1cd291123f0750b5a08e1c166d45e4cab9f18342754beeee30c44
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0993d89e313de81dd76bf67e3303c289a7f674ab571eff2ff34483215883b285
0a45e6aa2cebc209fb91180492d693411826d16325d6d44838548381b3664619
0a7c2cb3b6802ccb119bfb927481635803508fdcc9acdfac03e2459011fedce9
0abd9be5da5c4268ef7c7872e00bdcdd93adee5fcba8766577a17fbf9ca089b9
0b80c73014dbbd03a6e1c398f2a95dc38f7bd0e08cedddfb33c296bc1a158bf5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
105830fb09c42dc3c68fe66c0e3103dfc3721d180525999bc5d01326dff2814e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12aae45dbaf66e541e14694a7810a96fdd8b17f9ac5f5346fdc23d61d6fd74b0
131fc94431963db2aafd9df8e135a76ff12eb7a9c1701196a48c7c08aa1145e9
133c84b8050c781bcb8cebe90fa01d2c630fd1c61343930d829dbc1782db67a1
13578d1af4231b0fe1dce97d8c588932ffd2f70cd593575640a8315463bd2c37
1360589474f77d3bec64fcab2ee437f060862b31399a91aae6a4fea229b7e731
13c1ab8db979abe38ed33d2f1becb5d085f3281286097f5ccf7ef8ee287072ac
14ac160c9d66dcf424c5081e906f9860b52a432e980feb72c319119608db7145
14c002033dc1786c188abba1b97aea814ef0945b03e5d3858dfc753e8063169a
1532c83a8f3a0da783ad1f65510b3d387200c9c6f34982293ce00c4470be5674
1571f1bece418ee90d63337858269630c13b63c4bc5d8fcbb6caf1ea8b29d998
159faf7827be43b4c85a35fc941924a9de59a169d42d600b49161f60debf9dff
16129be6d96996cae2eacf76da2731026c3488e318b9cf5df8dbb5a78fdf595f
172b3618d2818b4f9c26f94f9fa2c2011841f71af487e7b54af34c91ef218290
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
184158b86609c0805441583af03684e5d2e349b481bc5e0b405eef4f63d0f25f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18704e6392962f33591db3d201b3f4ee70a07488fb319d44d3b2c25e98a4dd78
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a
1d8283bc2c24de125493fe4f32af4eb4fdada52bbdfcbfff7ab7988569c409dc
1e055bff06cdf3e1bf729d3a1e3a391b280510c0cf7081fd44e00753ee33f2bf
1edbe951e7c9185bebdda55840f2cb7244ede8b95b6da9fe3dc0ed6d87acb1b1
1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9
21118991f8361c8c1d263c1c05d434a8d49c14c702907522c96577bd0bbf1199
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
239760dc1843c5976b72f9c09da7f2991c412dc6e6123e73937079584896a5a8
23d078e0fd295ce67350e7e5c1a857f4d651984136a8006e3bdeafc236ec4261
244098a858198521c6dd4200fe28501cf71f4bd5f06e99987e08bba9507dd767
2465d58adda3a12113dd1062513e388c06fcc9bd9f74eab1d2d45de250b4994c
24d55719a30f093e7c70435b1be4c24f2a806100b217014a479c55e69f60faae
257ee5eb94e65ae5ecc318ff256cf717b723e69844381ba1d217e56e385f5aa7
26b4fd911fd3061a6b5ec2c594473fc80419beb99150cd89487438fca0aa3489
2704d2088a5b5d086dd1807b74956a32f1491f263cf78afee0be311627fd887a
282c86db3fc6cedcc79b172069ba09831ce0e6ba235d13bff382f57f0d3977ff
286581662da8bca9cd145b8e17ce42675baf4c1664222a0dfbe3e0cc98912ab1
291393add7441fcfc3260bc3cc21cfaa232e99ceeeda60384e589d9844167b80
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
29c4954f5085d109f7a501ebf1349153e9133f1aa1b21926d918ed7b0a4a3402
29c9837d879a61c89343a4961a24baec69825d8fb1da68bdaa329869596455c1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b983ef092894d98ad7de2a9c68ffe22105184042498e02403a35b6224903dc9
2cc36b7e19b912c6d09739d2c3edbbb05a272be96736ae9fb0b0a70c2a331d48
2cd83d5a29914ad4797748d8e80fbc42c2131fbce9bbcdf2749a275fc7db875f
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2db670154ae9f6597538740b3f981569693f75548ca6811059622fad020d9a8e
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
2df95c5e092331672697b37bb0688ec1608b83096bf468facf3332f7711381f5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e1757bc29902d8a5fe2b37730889a243f140b067f61e5f0da57ab715fe999c8
2e736674bedaa8d406ed24f80576a57f419ecacc065edb614aeaf91309018e78
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
333c02f6e5d67a49e94daeceb911c878f6f5ffda7b4cea5bd10c83e3facc81b7
33dc78a2a4e5677db54da3ff54394f0a1f501dfae5b8cee381e06a3082a6c7a1
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3684b8902fe2f3f96b32be42dca7f2621827f8c8b92fde984b5b1787dd06a17b
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37d62116c41bc38c3219c6dcc4dc86dc0a435dab55c7d0cf950954003863cabc
37dbd9c8838bf7334757a235906507a14287f9a2a676ca05b557d28939ef6c17
3845869a51bea384409c38e0b428da617913e5557f12001868773e75a0836bf4
3bbd3334d8682fe68a10c5f18fce42c65bbcc0eb4af62344dfc97c16c19ebd72
3c5512b1ba053136c7db4d3a8773cc3c1944ace22ed5a9dd6455daadbd0d2348
3d5f33e4272e764851d54af7e81ed73a8898097a0ba054df3406571a9b739a96
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3e350296077add7888269c3002415c1e3ace7c53c57ba2f4816af61e1e31b538
3e6acde1a483c1cfd05ef515b8a74523c2aa0c12e16d8ce04ae32275731d8782
3e77bf595ec38754729a9d0fe5d33c71c6dac576a76972409e3ea3af7dd7d89a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3edf2d04def22c0d30b27c1d4720a29c76f88b42198a6082716adfedd85bc7ac
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
4682c09868a7ae8a5db277b7f6b8b7850b9d3960cc75b0df125859d17a9aa816
46a76b6d3bb326a0bfba0dc53daea79c843d24060f6d88ae6c1fba64b0e84b1b
46e6f42a22054a793841935920cbbc723856e339fead50fa33c1f1bb3ec5a251
46fd794594d2e7812dc66743e584ee40a6ab470408332106702690836c6cccd2
4754ba79b39c8eb7a4161278f91c700f1220f4919dd4e8586c70170f2424d26f
480cc82812c36e795d6ad86fb4627351331396178e063c8ac711366c0cc40df0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a280a86a8faf49108c13456175f4b096a2f102fe522ca434c1c65fd856fccd9
4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc6543bef1098b4a5c4e3baf27e2148e5ba98220cdc86e3738a811c0a82a527
4c4ff337fe4b852c5c7cd04d2230b3879009a55373cf624a2b564189260f6e2e
4c62c820213f1ab28757a744fd3d15b65fc1ac9e148c8db2c50eb8a20959f930
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0ccd95ba8accfd8f5cd891dab572e972ef3088e88b85e3b670f4d10336393b
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
500642f1d60c9f484b10af297fca212c45e4283e57bef513730c609697df2f79
5036d77bc45902a3567f499ebf981076387d71995d6fab43c9be0cd0b962b230
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5063da00180af2162da852b56e843427ec6a29e3da624254006b74e83c757dfd
509c829a283e3358370d1861ee9d0b04bafcdeebe0c4015d2990e6dd21b3a070
5158e3f2d06b36c0c2af9fee133e0086e24f3477ee10219d014f10ce724ecdcc
51a9197b871e6300a58ee887e4478ef220d8c070d73ac8db90ed959f8597c015
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55093ef3093d5d8a68abace3b036af1c50bb38f4a200d08af8b9e2f75ac6cb91
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56f96596698065b2f31870cdf6cd8a305d562a3795e84b4b59f2e1bf329b8251
57872629913f02ec5d88b1fa4103bfd5f1566f1b36a24c2c35dd1094b63f36ea
57fc45c17ac9839b316b57474077eec23bf08c280f4160d259d51d3e05ce5c04
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
5847707988b0ee28c7b583abaabd6c203ad910326e5b9fe12149a0bc8ac43e5c
59fe446ae8decae4bc5369528d893745b4d195c1d96daccc8f69db2f8e5a15d4
5d6f9e14926444bdb66fb6812c46a00f47482a1f7d85ab97ff435d6cc38c69bd
5f3612bf25750515b739a4e06fbe81a492ff61ce1db452c2eb9f68269ce235a2
604b9516de6269a392ee157e8146c79d44428608fb3607d6bb1e659812ecc8cf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d0b25f3a7150bd34efb8e37492f3de253b0bb5f7fbcc1ba91adf6eec8b3c6b
620868fffea46c4a2156cadc23d3f74d131299a8abf8367e17a57c9eda312c0f
6250724039ed93b9a935e138a4bfb656f576e84950c56e719168f4b8a8cc731b
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
6554cc4fd404ee3c0b0228d628e6a60cf8aba9b234fdfac2723b463b6b5188f9
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
65ec5e0481c4ceacde8c5e8fab9d5305fc68496b8c75d7d58fb0e91feaf7f598
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
661e00570c65c29528d9ce6ee19e5e9939986716c293def67b07f8b6a191b018
67022dd84cd67017dfcab4819f83bc49963b89a148b39cc90c4a2fc5dd9faec7
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429
68b13fb32ac97aaa547176f77229f00ec488d14fd5cc823f395f722deb56766f
6918c5da7b7c6aef1dbc7d60375409304269fc56ae7c1c7fc6840ce7b183a2a8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae709e6a05010fb606069e88a308928c3a9bad8bfeecc796b17a88b980c918f
6b065f38eaed75574515532e2d687fd23450a662a972d044626b848d6e9d1045
6b830b5f6370e256e3a56799d9fae9e6a8023114e5cf4da574d7ade0114ea649
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6d9a143285e5bd82df6d96b21d54f5c19b08dbe41ec0774ee28951682f85505f
6da9d256b7a0d5b69e9fddb56491463fecc0ae806c15a58f703cc00475c65c44
6dba0b3bbebbefcedcc283f54c336521a4064b0d2cd773ba5c1b8519f3db1419
6e91421648415d4768d4969bcec9ab2d9d0ebdd21108124a9dc3c20a904e2f7c
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7432ae62cd21799c1218abdd084cc10a34975285375e3893645655d15a6d0f74
74ab92dc46f44488e8d778df80a76886d5d1cb874071097414b37db078cf25cc
757f5e4b89cdbe392ff6e02ee733c2186889a607d0e33ec2a08c334d9fb68556
7926760a16e663bcc86fde09ece1a895916dc2708d264c8e92dfdd8b9548cbb5
797734b81543fd3b4ac20d2293d1470e297cfce588ae67cc2113b501a2dc3d55
79944b92e07248134a2a52bd6794a8c8c80bfbbd8084d6e48ed03719b2c67070
79e648e6bc0816bb24386c01283b58d120d2e5c4e939b4eb64b9c5e2a302b89f
7ba2ade7baf1718720f4b5b120373d0de35479aec15324d20ee6d08fa161bdfb
7c567b905d6f2ff0a29572d7cb8c39e004d1016c3184afbf9f7f7746eebb2c90
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7d86a041dd9d3c03d876fdeebd8113ff3d92b98d158189799d82bb65d3e383a8
7dbd4a51eaa3c1cd59c2ffe2bfbeabbd15a4b93464adde0bf10d58cd90d371ab
7ebf50619e55a11730fe84f741b2e489a801ebeaf2b0a65424fe5d73724b5bed
7ec0a8ad2257f9bbb4df0783932ca06c0aba83866a16590531ca3e1e802c2474
7f232b426b18f8f4806ae1586ad4582c9eb1d72dc015f1357e562193ada3b070
7f450685ea0f856215ba39ab2119ab6fc467f9151d7bc544ee1783dabe57003a
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
800b5e93616451d2bf1d5d1c21c827d92af53762800cbe2fc774ede2a48ea627
8026c981f557f8b0aa6f23bc42f126f51c8f7ef085d06bd9129e6c37949665ab
815f326804dc1e3b6c15614ce46a4b254485a84fb5a16b82958405e5b7172a61
81732ef8a3370a547b35a2c25cfa71e1bda0c8c2dfb27f0a57f43e78c72e4261
82b6396bafcc7bf4901f8f059a26116281737e578634c11cecd0e33d7e879767
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8447832343bd281487dbe2782febd51cc2a95fa1950b50d5efe402a070091802
847d2854bb34bc89ab8514267909dbec0fe245278448227d23714781f9dfab71
85666896bec68d08a9211fb2e4c66431b91027cd3e7d860b2d887a234c4a6ae2
85c049b80c847fb623fcddc7c4b81a29a37ef8792194c03db545d7b32a91cba2
86c22f4bf4e97335056c46a89eba3a8f3b8908af3033a913102f5f4a81fe5dc7
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
89efa6f3c7df1e983c818b3f09515515a7095c5a0db4ef51de37ae3beb924e38
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8c6b15da07e90ce81dde5ad2f2d571cac2c4cbdb7e7632b5ec28a205fc17e01d
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8e32695eb554644820130b6b6c39187282bfaef34cf5b88b9a8c9b10d2da1e03
8ed8d8b22f52814cb0257bf740d673b67613604b2be7f74e5cbb383aca830189
8f78f12bf3b24dcaad0c6128a6ac1ebbe79799b7da7254c93918ff5264791026
8fb617004b64b07b4178dec8d7e58f45a7c29ccde598f5245ef597c3df194517
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
90522800375d2af39a942f1b7bba8c525ce5926ad91b6cc273eb2af6acfc18f5
90ac3d0f08ccea495221504d16abd0048248dc4dbfbeeb54a14a4f8ed209a766
91091d6006ecff5fa207be0f6b27571209952fc05901b9cd37990c5ed4afbe67
911f534724b2932a0056892f85838e332698ff2e03688b63e32e087389c39491
91d6157d0e51f7705acc396d5032e439d1dffaeeef652b91127f7690e35b4399
92426eb5437b357b9046670556ba89baa8384edcc8734f56b813745bdb9e1cc6
94cd8fb3f7c0ca7db20d2104fd194cb8f94b1ea5e0ad509eb29be4cd15ef32e8
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
955c98325a7e06af12c0e9a93a342ce5abe84b545e181ca0bdf110a1b5331139
970d08b0edc4bfc0925495d8b11564f3c2fd368f745f7b3510a7fced11848894
97cea91f708ce68495370f2cdfcdffecf1f4f7fb5cf8c2951d3790784d29f92b
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
9943130367dc79fe4029ff76217da8358919b7d7dc17efc46d48b25c9845f718
9959b3eaa45e57c09c54a58955b2dd957b731df24036b5438785fc207bf7b03c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b
9d1f720c83939294288a639ba0c5ed441b4e3b794183a06922b1755b893528fa
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9dcc3de69173638a7bd338b34bfe1ee20989b46b3c828bb91fa23d0690680d38
9e3a050ee87de4feefd57a65d71a8d95ad2c1733cca02947f6d904e5b236e8df
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9ea86f4a80f90475866329b7799c0d32a29c19a9eb7ee07fb377b378ed7e78d4
9ee6725802ec47954fa8878da0f9f4e80341bb932e53d37a04784652c81e3558
9f1f5c9503316e2857c0485e17897d36d4a457647789f2875e37734529df4721
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a05b5c6f3d2ebf0a27eb700a499a8860699ce224b61eebab608215ea1ddf2531
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a109f00170ce2ef5fc5b05fb04e6f6a11e7f1e3be8c513f137569f74741a783a
a138a96f11ae3681d0c1e058943c99b07593d743dba592b22ad2dad56eb8f71b
a15fe7bae8c205fa538c69efcdd4294694658c603bfdf50c5a63fd32c313fa37
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a86586e73a2daff4b9bccc2eef0e09c34c1683c5487e710a7f10c742f6bce0
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
a1e1712b68a2966fc7238bd4bddee7b56ade0cbcd4b05b71c02104bc59274fde
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2a6756fe9d96a2d326e4371c67a89da7ab3892e5682b70dafb54ff9f1953130
a3a6b52281723025c65dabcc7ad9a983004c70717e67704d6d6b25b01c67534d
a3ed4eeb6ff0371ee043785da9c48b790cd734172ffe02155621376ff9284cd2
a484287840aae7b683b09950901743fbd88e18c82cc78d8c0c1ec3c5eed9467e
a48570cfc133b372a1e604cd87fcf5f7d0f0bbdd22acb14961a2919c98c86b62
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57fd4180e4e71f5df4ef7cce909eaf91c363ac25866f5a41590a016ce704cee
a6e7ffdd51aa5cc7f935933c7c826c43ccde1b746868e01790213f77af66edac
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8145ab903ac8e8f9fa2c932668659d5765d32103a98852f05fa189981a0bf52
a879171a66a111d671f04e2cb962310a7150409181a57428a76e4bff9a6b5ae6
a9c00cd2aa794a4c3ba057148c8ba0142731a9492d540d522f4f2c3acf93d724
ae91e5b31272bd7791c3745753949bd8aa8651c16a8edaccf474c8b6b55a0b39
aff26e720dc8a963b63000515ebdb330a66bd0a552b503bcbb180c6df82c6430
b0dcc6f6fed806506e1a8f558303ecadf3249452732b1c50fc97250d3b7c14d9
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25dfb7c3bebe66b6adceb5a43da514c6e12f650d5f2e34f547acaaf87055f0b
b2fc7f929df686c1711e054fad8fe579676f464aa52ab1d91bd19ca6d4304b4a
b37a604b4add99725c3a9e6b0440fc4452f71139517e7d7deb452ed98499068c
b3936700e2210aabe50261a52445f9b73801fe843117ed624e56f385279bd6ae
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b666cd4fde0554c6dbd946339abca10c1aba4fd4ebebc434e7fe38aa32b301e6
b6ff02c733394664dbb2178c88a0d8ab1292602aaad412e44ee83c3ab7943faf
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b72805902e02fb3e4dd61d116e8f34a240f5609bdfb0c699ffb950a418e5a162
b73de5deab9f21db9fe1495c57dd3a11fe2c63f661b496f21a44b18e91fd4545
b753e48c286fdf30a88157671ff645ace5b179c36a1ab2afdf889b0d79971127
b834a80037718e3da7f92199034dc59611ed774af41f1e84fa1e0d97c4261192
b862b2a9bbcc5be914cdba0d6dcf72b071b431fb3300fbcbeebfeb43fb9e0bad
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bdb02d532d7bfd45b67a7b2cdec2f9022e4b53fcbc99e8dca2a4d8dbfafacd72
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf32a69e5d346fb56d81b27e31d7597457560758f461682e0669238eaeb49550
bf6fbc51028fcf2ce45a24cb5c61a395578d29c94b824f91d557c0f9d0c98f20
bff5f7bcf90f0e5dc74b31faaac34df2262eac1ef005f37440a5523c5ada7659
c04837b935b6d1fac0cbffc4a53bf19a6d89029742dbc4c8ad001c1078f5f957
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3116cf02f55b00f2550be805d898a15ea25310fd6cef9d3b9d72dc12a9a0702
c3175a38ab781a8193dabc061429ca7b4d5f41ef73749ce1ad8ededd865fc457
c38345206c9dcf7f7b0ef2dac8ded7dc02abbd82850c9d9ca92aa98fc2e46c30
c45f0df5c905d3ec2aca255fdc56f2c64a8642ad3c62368c6b38833fa612e086
c494303c840bf72dbf0391137bdac5239f98f1d66a28eb3e2b3827b6e5fe0985
c4bfade3e46d2b26c8f8cddab814721312540f18400dbe3544c05ca75371b63f
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c5c872efcd40bf95ffacbadaefb31eed30094992908d7cf7b5b00c74ee435c93
c6420ab9ec6ebff1cd61333dade6ba9ac879d3617a59334148672dee6af12fec
c83c3688188a8fee52e49f7c0eae243c1c1026c24f359f3afe01fd99dfd84d08
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
ca797cedc13965d9cdf3f332e635423aacd504af4686164780b3ca9979b7533a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf614182676ac274a01b2c3e0919fe59361d83e319ab1015fe40ff9dc72afdc
cf08e51ccfa7b19b6f03697c91bd6720d75e5c7ee12347e0485d8fe1dd16eea3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06df4184ba84e09a4be6a6ed101d1c3adefea0eaa833ddecf2f2251f6af33a3
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d326635e56937afa3a6d8ae58eb0c7962ff5443b5e5fc080db8f279934538430
d47079803887823d96a8eb9ae62ba1bb0a63606d0e21c63bb00c7175f8c17c26
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7ccb8aed2134fdf0640ad1a0566ecdaa3f939b984fc0f893598836749cf1a72
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
dab5fc88424d51257fc91bb0cd946e4f61dec6af379c8c6659a4e4d231ff607b
dc01323987c050dd4e410f0cc5c845502df1eaa1198f40ba5ffe1a36fa5ae52e
ddc303d0552ce118da25b7863669380f62f1e07d01de80a2a6768f34177fb3f6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7d05464cd157566946e9d50e7fbf0fef26439bf9481aebd3ce4c9905ba6c52
e08fd52b5d458a183b7c087a062f8cbc04801eda3b59415cd5bc4e18c3a0588e
e18bf5ffe2eed29710bcdcc074089ab0691e4a181cda1fba3a05ad7046b83679
e1a497aa80de74bb74dbf9c0d69770434dc810e717c657292a82d50afc2e552f
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2cbc207d04c342b875f668b96554ced9f8a5cef07615d35e2fb74e0c8f8a1be
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e548abcd8734bfcf8b4ebbbca1af98f9e8ae1e0ff884c0971f29498a4fc108f4
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e595a440551c1fd28bd13beac9ed7a226f31901fc6e0363be98ca19a27733a51
e768459111b9115b7e773728a9a1ed464223625c6e2259e9134f2afe8b3b0495
e839720e33c1841bde2bbf7566d6c800500057ef99e2fd380473500a14cc70e7
e94d6a3d8f161cc306ddabb1ac1a4e84f3954fb0dd279413a8311f3019b358cd
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
ed79c160fb40117ca06fbf088292aa6e03c346cd806108f7f700636cb7da6456
ede50788bfddf15e5f2b2efd0cf1cdf5e8ef979c865edd3707a41db0483e72c7
eef13f112d8cb82209eb83bcd24d0ac5b8f13f17d1b549a6f40db9bbf3a74626
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab
f02c33786cc824e96f0063fe52f7e401bc88246a756ed67d97eb3105e0c8cb20
f099665125f72f80838efc25d3b354820dcc576de6f5d79af7f95dfe96ba956f
f0a1df13547331b665688fe713ba80cf9e053dc3bdb8a833e73fd3fb7b140527
f0c400c8be6122ab2a8797b3c495be63393e3f1ec93426a88bb2a87a9996f8a9
f0f6a8b6c19b0c4d1cab075ab2f4f755cfef747424837668e65f431410f816e8
f0fdca9a356a2b320e254e99d7108e89a4c81c412d25dddb0384a1bde4055e43
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3b1121ed267c69383048c07e4a815797bf07803fb63e2cf2643846f5217beb3
f3ba0e62f56eda713cffebaef2120dba4f5d372c07b6e8fa276e269b336f4090
f532cb23befd979ab2963ae2c32e6f39146adefe6eea1b20b9b44a6237f8b987
f5346c794b978bca76ef77177a5be9ccceb755e3a63a2c9ff179cf800d614fce
f6e6915b1d46b97fabc0b2b9a4d95ed05ede5ccaa3bc97cc30483b79237227a6
f7cdba9178cece3f6a4219c9685547ada86ee47ba48fe928316b5e474eae97f6
f850f6688128ee7eb5db514514c97b1ec19ae0189486f8c4dd8c9776f23d9501
f8c0113ea7191e31106326198a504c0a675d8e3495dbb9c7459a71e23989850c
f9a39d3d7f33f85df45221d345b167201be7f11eb6fa1d37319ff633acd64c94
faee908c3c6c520580b45261c3453f787874e263befbed4a555741be85ea548c
fbd54cadb8a8409287018c30be8ead649b9483ea9c08b7fe3bbd3c86b7afa0e8
fe2ac5219992a3608a5c9e2bc4759fac8fb2189b88d7a674d395ff6c435da536
fe5d43bed73b4c6b97447faa75b4f7b22a2bb75333432399634d5df31dbed0c6
fe68999ebdc2cf1ca0dd4f1da397eaaf4a692da3901af417c83a4c34b3339dda
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

www.sunnewsonline.com Open in urlscan Pro 2606:4700:3038::6815:ea95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

1196 Requests

85 %HTTPS

31 %IPv6

84 Domains

135 Subdomains

86 IPs

14 Countries

12894 kBTransfer

31255 kBSize

148 Cookies

16 Outgoing links

Page URL History

Redirected requests

1196 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 21 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sunnewsonline.com Open in urlscan Pro
2606:4700:3038::6815:ea95 Public Scan

Screenshot
Live screenshot

Full Image

1196
Requests

85 %
HTTPS

31 %
IPv6

84
Domains

135
Subdomains

86
IPs

14
Countries

12894 kB
Transfer

31255 kB
Size

148
Cookies

1196 HTTP transactions
21 data transactions