all-news.co Open in urlscan Pro
2606:4700:3032::ac43:8293 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u13130857.ct.sendgrid.net/ls/click?upn=bU-2FM-2F-2FvzQP6Fre3sy09ujkDhtgXKG7rT3V6pTmkNJynoeT-2BZmRyyZfD2xKlRSFI-2BAPbqt7-2F...
Effective URL:
https://all-news.co/
Submission: On June 29 via api (June 29th 2021, 12:22:39 am UTC) from BE

Summary HTTP 228 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 24 domains to perform 228 HTTP transactions. The main IP is 2606:4700:3032::ac43:8293, located in United States and belongs to CLOUDFLARENET, US. The main domain is all-news.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 2nd 2020. Valid for: a year.

This is the only time all-news.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.28 167.89.118.28	11377 (SENDGRID) (SENDGRID)
1 1	199.217.115.48 199.217.115.48	30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC)
1 61	2606:4700:303... 2606:4700:3032::ac43:8293	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	35.190.90.202 35.190.90.202	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:2104:3600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
46	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
4 4	34.246.227.69 34.246.227.69	16509 (AMAZON-02) (AMAZON-02)
5 25	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
5 5	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	2a05:d01c:1d8... 2a05:d01c:1d8:8100:2610:105e:4515:ae1b	16509 (AMAZON-02) (AMAZON-02)
2 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
228	25

1 167.89.118.28 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x28.outbound-mail.sendgrid.net

u13130857.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.217.115.48 (St Louis, United States) 1 redirects

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: eagle1093.startdedicated.net

mandiree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 2606:4700:3032::ac43:8293 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

all-news.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.90.202 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 202.90.190.35.bc.googleusercontent.com

steadfastsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:3600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)

track.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.246.227.69 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-227-69.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.186.162 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.78 (United Kingdom) 5 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a05:d01c:1d8:8100:2610:105e:4515:ae1b (London, United Kingdom) 4 redirects

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	512 KB
61	all-news.co 1 redirects all-news.co	1 MB
39	doubleclick.net 5 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	170 KB
22	gstatic.com fonts.gstatic.com www.gstatic.com	326 KB
9	google.com adservice.google.com www.google.com	1 KB
7	googletagservices.com www.googletagservices.com	255 KB
7	googleapis.com fonts.googleapis.com	5 KB
5	pubmatic.com 5 redirects image6.pubmatic.com	2 KB
4	innovid.com 4 redirects ag.innovid.com	2 KB
4	mookie1.com odr.mookie1.com	424 B
4	everesttech.net 4 redirects pixel.everesttech.net	1 KB
3	openx.net 2 redirects us-u.openx.net	963 B
3	rlcdn.com 1 redirects id.rlcdn.com	872 B
2	casalemedia.com dsum-sec.casalemedia.com	630 B
2	rubiconproject.com 2 redirects token.rubiconproject.com	608 B
2	seadform.net track.seadform.net
2	google.de adservice.google.de	287 B
2	google-analytics.com www.google-analytics.com	19 KB
2	steadfastsystem.com steadfastsystem.com	30 KB
1	adsafeprotected.com static.adsafeprotected.com	482 B
1	googleadservices.com partner.googleadservices.com	256 B
1	onesignal.com cdn.onesignal.com	3 KB
1	mandiree.com 1 redirects mandiree.com	291 B
1	sendgrid.net 1 redirects u13130857.ct.sendgrid.net	355 B
228	24

	Domain	Requested by
61	all-news.co	1 redirects all-news.co
46	tpc.googlesyndication.com	googleads.g.doubleclick.net all-news.co tpc.googlesyndication.com pagead2.googlesyndication.com
25	cm.g.doubleclick.net	5 redirects all-news.co googleads.g.doubleclick.net
19	pagead2.googlesyndication.com	all-news.co pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
18	fonts.gstatic.com	fonts.googleapis.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net all-news.co
7	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
7	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	fonts.googleapis.com	all-news.co googleads.g.doubleclick.net tpc.googlesyndication.com
5	image6.pubmatic.com	5 redirects
4	ag.innovid.com	4 redirects
4	odr.mookie1.com	googleads.g.doubleclick.net
4	pixel.everesttech.net	4 redirects
4	www.gstatic.com	googleads.g.doubleclick.net
3	us-u.openx.net	2 redirects
3	id.rlcdn.com	1 redirects googleads.g.doubleclick.net
2	dsum-sec.casalemedia.com	googleads.g.doubleclick.net
2	token.rubiconproject.com	2 redirects
2	track.seadform.net	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	all-news.co www.google-analytics.com
2	steadfastsystem.com	all-news.co steadfastsystem.com
1	static.adsafeprotected.com	all-news.co
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.onesignal.com	all-news.co
1	mandiree.com	1 redirects
1	u13130857.ct.sendgrid.net	1 redirects
228	28

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-12-02` - `2021-12-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
steadfastsystem.com R3	`2021-06-16` - `2021-09-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2020-10-03` - `2021-11-03`	a year	crt.sh
*.seadform.net DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-03`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://all-news.co/
Frame ID: 56948F34F1F256F827716ADAF337D1A3
Requests: 87 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210624/r20190131/zrt_lookup.html
Frame ID: FFF7F3B68ED9D2D8FC725BE4944BFC6A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1624926129&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926129493&bpp=10&bdt=370&idt=288&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3077665818520&frm=20&pv=2&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=311
Frame ID: 1480610A59BC0957C6A69125C4E88C60
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624926129&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926129503&bpp=47&bdt=380&idt=340&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3QxlbBcDxB&p=https%3A//all-news.co&dtd=346
Frame ID: C6193537A841195E739A196B7F89C0D0
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=1&bdt=1007&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178&nras=2&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1485&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=m7fgvHLICA&p=https%3A//all-news.co&dtd=43
Frame ID: 5F012F53BABD12C99EFDC1A406D3170B
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=772987173&adf=3107455062&pi=t.aa~a.4180898312~rp.2&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=1&bdt=1007&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Qw8IjUValV&p=https%3A//all-news.co&dtd=50
Frame ID: 52D76BA2DA50DB5F0475D2EBE993F9B8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=2&bdt=1008&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=RVeMePlNKo&p=https%3A//all-news.co&dtd=55
Frame ID: D4883E3FFC03A07107EAE31CD0F637C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=7&bdt=1008&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C324x250&nras=5&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=v7tt32mDQu&p=https%3A//all-news.co&dtd=59
Frame ID: 41D25227FFE3CA3BDFA4263CFF42BD1C
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=2&bdt=1007&idt=2&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C324x250%2C1200x280&nras=6&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=Rt29vRcIUi&p=https%3A//all-news.co&dtd=63
Frame ID: ADBEAA91485786CBD0ABEBE45DC5E90B
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3F541552CDFC819CC4CC2E2DD310D140
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
Frame ID: 55ADE04161430630F6217899DB4A8E52
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 37FDCDE2C56A5931721B285472EDF518
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
Frame ID: A827D21267CC0FD5758E4F90A7B20EF9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html
Frame ID: 0671AE1BA45AA7795B667730846664E4
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Co1gmsmfaYO-7DOq4lQeY-6PIDJ6d8oth0teK36cN29keEAEgzNPsggFglQKgAaKg7_MDyAEJqQIVxzF1SQG0PqgDAcgDSKoEpwFP0H7ud99j0ZmUAeyidWwy_keYFMKHKjVpnW9LWunYtD6lnMWA4X30fvlQ3t41Ie5W1J8AjxZCUcXuEajq1Mxkh-7sTVAT4RK6m2RjfYe0PQDGEg0Tau5PgfZLRRAxqklffjn_Otq7Dr1eT-PTodm2J_ml0s6FzzQ_zxyfyYnTk7h-EEweT4Uylf07pTC37LKAuWm1nCMSXTviDbrQ-EwOLX2uDXpq9MAEstqzyZECkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8bfkAyoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ0JEO0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTg0MzkwMjQ4NzczMzEwNDk&sigh=wfA1ApYJp6E&template_id=419
Frame ID: CFFB2C85E269A947A0586E2E6EC8096E
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/index.html
Frame ID: A09D5E1B7A45DB083BCCAA872E4EA11B
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CDuoXsmfaYLnWDLyU7_UPpcChqAmenfKLYfmp2tPBDdvZHhABIMzT7IIBYJUCoAGioO_zA8gBCakCBD5OZdACtD6oAwHIA0iqBKcBT9BhmW7yQSwfmw-6ml9RFMG9Nigr5vHVSfPp0zk_eb7DSRZi4f9JdcUtubZB3MYhhpe2ELBfiggzPHO1BzuXbA4UDS7aUeZyPX7eGco4KYtcHU-1muqVg-DB75_Zx9BKjacUfz3lNLml-LFz23mpSd35PqY-NXav_SFof1KRMXCzJvPu3tnUexPMADWq2RszZbrjRT0TWZIB_ett93G_40_7BZeH6dPABLLas8mRApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfG35AMqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEP-RBtIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi04NDM5MDI0ODc3MzMxMDQ5&sigh=Ptp6QimgQj4&template_id=419
Frame ID: 89AF70A17386F3FACB5C930D102CEEA0
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 63A8F4003A804E19BF6037C4492A3405
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ACA613F923D80959C334A742BCAA3381
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js
Frame ID: D8EF8A5CF13E48DCAC43B0926D38BCFF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 6501FF9EC8EDCFA9BC693B460E2F9EE7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3FF5D3EA7CBFA1F65E53C71F3BA75678
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://u13130857.ct.sendgrid.net/ls/click?upn=bU-2FM-2F-2FvzQP6Fre3sy09ujkDhtgXKG7rT3V6pTmkNJynoeT-2BZmRyyZfD... HTTP 302
http://mandiree.com/c4ca4238a0b923820dcc509a6f75849b/933dea7a2525182cb321d084633172a3/987cb91f0e... HTTP 302
http://all-news.co/ HTTP 301
https://all-news.co/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

228
Requests

98 %
HTTPS

57 %
IPv6

24
Domains

28
Subdomains

25
IPs

5
Countries

2695 kB
Transfer

6051 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/AllNews25193679

Search URL Search Domain Scan URL

URL: https://www.facebook.com/https://www.facebook.com/All-news-102583708540001
Title: Like

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u13130857.ct.sendgrid.net/ls/click?upn=bU-2FM-2F-2FvzQP6Fre3sy09ujkDhtgXKG7rT3V6pTmkNJynoeT-2BZmRyyZfD2xKlRSFI-2BAPbqt7-2F27DdSgkRXlYbNcElM8mgQRjD5AK2PL6lzXhmJz-2FD85C9KRa65G5G2awYOTDtm9c98JE-2BezblX-2BzNh4fahmh7TxMVscKu5H3Gt4RVNO7CoLUokNKqVjEHbtAuOSLh3aJudgsG4mPoaLcW6EA-3D-3Duncd_9fPzQDk84HdIdaYw1i7z6c-2BCjrQVJ40-2FdEuRDNu1iSkxsvVn7wo6-2Byl5IGoMU3PQzeQA1JpGez8VvHG0NWF3Lg4n-2BtR8y2vpi25AUgPwlQKfp7XEN-2FS-2BU6Mong2Chqanmj8jgt8Q-2F83RGXsqzgqITibXYi5zEev0T5xIiyB0aChbCLfub8B80t-2BRO0U3JMTuEU-2BYwOqQk7QfdOt4I3UArw-3D-3D HTTP 302
http://mandiree.com/c4ca4238a0b923820dcc509a6f75849b/933dea7a2525182cb321d084633172a3/987cb91f0e0e42b16314ed0df45c4ad8/11aedd0e432747c2bcd97b82808d24a0 HTTP 302
http://all-news.co/ HTTP 301
https://all-news.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJf-3rcdEaFl7C3zddAqFaSMzFPIOYLTlDpxCkjBYMtG2h4Kf1ic1Ca2kSn9CXmaCrotb1WXDMkdopc2WOfopBR8d9HnCo&google_gid=CAESEBQfDjJ2x-d6IHwlcfsaNKg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5wbnNnQUFBWVFGWXctMg&google_push=AYg5qPJf-3rcdEaFl7C3zddAqFaSMzFPIOYLTlDpxCkjBYMtG2h4Kf1ic1Ca2kSn9CXmaCrotb1WXDMkdopc2WOfopBR8d9HnCo

Request Chain 77

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAB6BEO24_CR8lqk2e387cI&google_cver=1&google_push=AYg5qPKDXuRnZqMnQbmIvwNTDBO35wfKH3EbUurHqTKYpNvIBPwR0CFHS2xEKxqb6XPm1ig8DgFAondunUmJwjhjWLDXbpHW8g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=24Y-JjFCQJuWb15wOSpjxw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKDXuRnZqMnQbmIvwNTDBO35wfKH3EbUurHqTKYpNvIBPwR0CFHS2xEKxqb6XPm1ig8DgFAondunUmJwjhjWLDXbpHW8g

Request Chain 78

https://token.rubiconproject.com/token?pid=2249&pt=n&google_gid=CAESEA_g1QvOurZARDdvNEprZck&google_cver=1&google_push=AYg5qPInRRUUsoWp_mN97QsynOy09dU2fWdmBhMnFw3UiKveuy7_0BLqYKC_MtPK7Q0uQ3U4BEZCVd5wZYn6_1eDboAkTviiHg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

Request Chain 80

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGcAnCbCuIXtydpDwIeUT0o&google_cver=1&google_push=AYg5qPKyfoEVFavJnl6ZQoaNS3svKPS1uyNZzWl2cpxVvziliUIPhsIGInMlkj6Kd2zTHgOrN-jnDkhCMVn7Y6B6byBJQ0CTFqE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPKyfoEVFavJnl6ZQoaNS3svKPS1uyNZzWl2cpxVvziliUIPhsIGInMlkj6Kd2zTHgOrN-jnDkhCMVn7Y6B6byBJQ0CTFqE&google_hm=yOaUSwg2TeGF0kWqUH3gxw

Request Chain 99

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJEW4R5iEkBOcS7ZWPFpkyptAlEPpQpgxjG4SPmpUrREpttV8IZnTw3VxfaPVBOUCMcIaL-f6XtXiiTT_lXCsH5b6OT7W4&google_gid=CAESEBQfDjJ2x-d6IHwlcfsaNKg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5wbnN3QUFBUUpkMlVjbw&google_push=AYg5qPJEW4R5iEkBOcS7ZWPFpkyptAlEPpQpgxjG4SPmpUrREpttV8IZnTw3VxfaPVBOUCMcIaL-f6XtXiiTT_lXCsH5b6OT7W4

Request Chain 100

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPIAWkCJV-5fVOoUuUl8wXZJSw3CBHhRXi398pUQXUHtYdEQ5p52mL3mMc3HTbsV-RszWWSTy6RhMkpw-28wcYVrJM0Q3C0&google_gid=CAESEPQOl8TAImSaGZiBsjjHzYs&google_cver=1 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZ0o4aTlOQzB2QWM2WW9VTjdRMkxUU2xwU01nbFR3Zi1NWDZZY2pxN2l3Yw==&google_push

Request Chain 102

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAB6BEO24_CR8lqk2e387cI&google_cver=1&google_push=AYg5qPKGQvLXA5RK1X5pv6DCdNkhobyWUAbHZQ1qXVE0rI3m9EV_K_hBkwCDuM6hn66-238mqCitiVb5zV8E4YOQoLv_RY726LJv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=24Y-JjFCQJuWb15wOSpjxw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKGQvLXA5RK1X5pv6DCdNkhobyWUAbHZQ1qXVE0rI3m9EV_K_hBkwCDuM6hn66-238mqCitiVb5zV8E4YOQoLv_RY726LJv

Request Chain 103

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGcAnCbCuIXtydpDwIeUT0o&google_cver=1&google_push=AYg5qPIlRODe9HlHc0ZbMYY-wh_l_xVsTpjvykj4deyG-Oafcf8GISchI6L_8IYQ8LTyIl9Y3LVwIF3X0PVRmnRKYA1GuHPtj-E- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPIlRODe9HlHc0ZbMYY-wh_l_xVsTpjvykj4deyG-Oafcf8GISchI6L_8IYQ8LTyIl9Y3LVwIF3X0PVRmnRKYA1GuHPtj-E-&google_hm=yOaUSwg2TeGF0kWqUH3gxw

Request Chain 169

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLkCoS42FNE--SP8Wgs7tByEI0TDwX3jyqHDkh0TfcSqgA9XSSTld3IqBf6I8XMml8au96721FW9GLaoOPqS3tI1mSOgeg&google_gid=CAESEBQfDjJ2x-d6IHwlcfsaNKg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5wbnN3QUFBUEZJQkRzeA&google_push=AYg5qPLkCoS42FNE--SP8Wgs7tByEI0TDwX3jyqHDkh0TfcSqgA9XSSTld3IqBf6I8XMml8au96721FW9GLaoOPqS3tI1mSOgeg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5wbnN3QUFBUEZJQkRzeA&google_push=AYg5qPLkCoS42FNE--SP8Wgs7tByEI0TDwX3jyqHDkh0TfcSqgA9XSSTld3IqBf6I8XMml8au96721FW9GLaoOPqS3tI1mSOgeg&google_tc=

Request Chain 172

https://us-u.openx.net/w/1.0/pd?ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc&google_gid=CAESELVxOes9LfNSCfEtKJy-2hs&google_cver=1&google_push=AYg5qPIn72m3tx-y7NVtDabIU0YWrRIIppqSUvF2ft3WQkJUafqv6ei5cZODO0VPQBOcIMkJHqUGCRVif5b6D3JdcwqiqYUxzTat HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDdyejDvRyFsSBrpy53KYPo&google_cver=1

Request Chain 173

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAB6BEO24_CR8lqk2e387cI&google_cver=1&google_push=AYg5qPKjQQR474mJkjhs4E0vFwEpM7a_RoQUAevOde6HTB0TYVB_LjjrD5wyRUd4sg4pDXy3Th4cw-DlOHZSWGw0BClaJmVTkyc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=24Y-JjFCQJuWb15wOSpjxw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKjQQR474mJkjhs4E0vFwEpM7a_RoQUAevOde6HTB0TYVB_LjjrD5wyRUd4sg4pDXy3Th4cw-DlOHZSWGw0BClaJmVTkyc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=24Y-JjFCQJuWb15wOSpjxw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKjQQR474mJkjhs4E0vFwEpM7a_RoQUAevOde6HTB0TYVB_LjjrD5wyRUd4sg4pDXy3Th4cw-DlOHZSWGw0BClaJmVTkyc&google_tc=

Request Chain 174

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGcAnCbCuIXtydpDwIeUT0o&google_cver=1&google_push=AYg5qPJNnjUXrSYRoZFxJkPHR-w3yQ0H8HjeKeQ_vHTLPw0HBeQFzzH8CJu6vcSFoPCQCKgpGeeDvkeyTUVRD1OllnDGBdwWoC5_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPJNnjUXrSYRoZFxJkPHR-w3yQ0H8HjeKeQ_vHTLPw0HBeQFzzH8CJu6vcSFoPCQCKgpGeeDvkeyTUVRD1OllnDGBdwWoC5_&google_hm=yOaUSwg2TeGF0kWqUH3gxw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPJNnjUXrSYRoZFxJkPHR-w3yQ0H8HjeKeQ_vHTLPw0HBeQFzzH8CJu6vcSFoPCQCKgpGeeDvkeyTUVRD1OllnDGBdwWoC5_&google_hm=yOaUSwg2TeGF0kWqUH3gxw&google_tc=

Request Chain 185

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPL-UxvkIb1GU8AGiDFBnOoGxEFGy68lHvjMpJHhJ9FVtrn23GBswRp8O0IgOMdjQTdU8J3JNWVJzmzHaHEIj1F7PaJgv8cXdA&google_gid=CAESEBQfDjJ2x-d6IHwlcfsaNKg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5wbnN3QUFBRUZoS0gyYw&google_push=AYg5qPL-UxvkIb1GU8AGiDFBnOoGxEFGy68lHvjMpJHhJ9FVtrn23GBswRp8O0IgOMdjQTdU8J3JNWVJzmzHaHEIj1F7PaJgv8cXdA

Request Chain 187

https://us-u.openx.net/w/1.0/pd?ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc&google_gid=CAESELVxOes9LfNSCfEtKJy-2hs&google_cver=1&google_push=AYg5qPJ15q7iyYqEYIbn2Gto1IaD-tlCPE50Ckz7rgkBqP8NZIKz2qFTGReWeTGBA-dFU3etd8sMKBvaiRCWfr65wZKvshYCt2ihWw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDVmNTdhOWQtMGVmZS0yOWExLWM3OTctNmM5NjBlNTI0ZWI1

Request Chain 188

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAB6BEO24_CR8lqk2e387cI&google_cver=1&google_push=AYg5qPLzMnYlP472KxDVD373obhawX4j_WhDEKUhJEiMXjq3PLxAxZppIlSJpmury9jhKMhajiceXceATp0tEvLrT1cOeB0kYIY_OA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAB6BEO24_CR8lqk2e387cI&google_cver=1&google_push=AYg5qPLzMnYlP472KxDVD373obhawX4j_WhDEKUhJEiMXjq3PLxAxZppIlSJpmury9jhKMhajiceXceATp0tEvLrT1cOeB0kYIY_OA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TPBIeYb_Sxe9S69phErSFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLzMnYlP472KxDVD373obhawX4j_WhDEKUhJEiMXjq3PLxAxZppIlSJpmury9jhKMhajiceXceATp0tEvLrT1cOeB0kYIY_OA

Request Chain 189

https://token.rubiconproject.com/token?pid=2249&pt=n&google_gid=CAESEA_g1QvOurZARDdvNEprZck&google_cver=1&google_push=AYg5qPJDeV8U7RMm7vj6FqwG6MfoX4KXI4XXnn5Gp11GjR4eg-LXtjKiGLL85rkxoInXbtCnjgQ_pCuBEvUv7jLJ4P6efbj0fEESOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

Request Chain 191

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGcAnCbCuIXtydpDwIeUT0o&google_cver=1&google_push=AYg5qPLR1gn0Nuc9NEeQMFKWUklYgAmbOWEwaPgXO4_WmBhD97empnT_hs01S6vk8aSoOGpdIeE5JbXbpnnU_s5laMGoOiWfCRKvDg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLR1gn0Nuc9NEeQMFKWUklYgAmbOWEwaPgXO4_WmBhD97empnT_hs01S6vk8aSoOGpdIeE5JbXbpnnU_s5laMGoOiWfCRKvDg&google_hm=yOaUSwg2TeGF0kWqUH3gxw

228 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
all-news.co/
Redirect Chain

https://u13130857.ct.sendgrid.net/ls/click?upn=bU-2FM-2F-2FvzQP6Fre3sy09ujkDhtgXKG7rT3V6pTmkNJynoeT-2BZmRyyZfD2xKlRSFI-2BAPbqt7-2F27DdSgkRXlYbNcElM8mgQRjD5AK2PL6lzXhmJz-2FD85C9KRa65G5G2awYOTDtm9c98...
http://mandiree.com/c4ca4238a0b923820dcc509a6f75849b/933dea7a2525182cb321d084633172a3/987cb91f0e0e42b16314ed0df45c4ad8/11aedd0e432747c2bcd97b82808d24a0
http://all-news.co/
https://all-news.co/

568 KB
53 KB

1252ms
1252ms

Document
text/html

2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.25
Resource Hash: 8d665f82bed12dd4424b7ea578d9f69a90e04925d4b146cb4c3cb64049a1899e

Request headers

:method: GET
:authority: all-news.co
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.25
cf-edge-cache: cache,platform=wordpress
link: <https://all-news.co/wp-json/>; rel="https://api.w.org/" <https://all-news.co/wp-json/wp/v2/pages/1027>; rel="alternate"; type="application/json" <https://all-news.co/>; rel=shortlink
cf-cache-status: DYNAMIC
cf-request-id: 0af6be1efd00004e9dd4b73000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BdKddWSbCLZLQYrMjoDZIZHZ6%2Fq16vFsRYC18k8bu%2FTrQ5mhDgcqqeS9am3TTZTnEnq4tgHwqJ5cwtr8fP28dWdcnhqrvj8O7B9CTcT%2BUwi4MlAUTZ04ccnhHVyD2onWgTO9GGM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 666affab2c2c4e9d-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date: Tue, 29 Jun 2021 00:22:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 29 Jun 2021 01:22:07 GMT
Location: https://all-news.co/
cf-request-id: 0af6be1eef0000d711ca1ff000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Bo55I7oQu1iZWbfGcuMsNqIPDLoN7nTPMiYUkWhWYGM6oR%2F%2BKXAvZ5SkK9vrvtQCzScK5UhI5A530z1%2FRFPsh2EtDdX%2B8WNsSKR7pR%2Bra1RJyr58GZKFIV4ev079aSrIYZ11mKU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 666affab1935d711-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 style.min.css
all-news.co/wp-includes/css/dist/block-library/ 57 KB
8 KB 17ms
15ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be23e90000d6dd9a227000000001
last-modified: Thu, 15 Apr 2021 14:30:28 GMT
server: cloudflare
etag: W/"e33b-5c003b4785ea5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qLeKSe46QuYaMkBAcgKayGuBjjimN13ZE1kfZVtIdfdhwWZIwwhYZg3Blx6shKZ0MudOroy0fxpi8dYrAGeV4yEHGwbiPY4LMQyHGG%2BpeTy1bZwfKGsbjvE0WmRMbiEGnxY02TA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 666affb30b2cd6dd-FRA

GET
H3-29 200 cookie-law-info-public.css
all-news.co/wp-content/plugins/cookie-law-info/public/css/ 3 KB
1 KB 14ms
11ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.4
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be

Request headers

:path: /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.4
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
cf-polished: origSize=3109
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be23e90000d6ddf887a000000001
last-modified: Fri, 25 Jun 2021 16:45:43 GMT
server: cloudflare
etag: W/"c25-5c599dee3c94b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pf2Gre91tSmm0Apiu5rorzfNyGqrYveDraikfmRMojsgnWeNA%2BMO53eTePZidZHVTc1tKreBdAjg1ARVz%2FWB3%2F7SHUn%2F4qj8zbuK0cH4LqERSFQv4lp4Oof1EK8W7OtAIdWJTEI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 666affb30b2dd6dd-FRA
cf-bgj: minify

GET
H3-29 200 cookie-law-info-gdpr.css
all-news.co/wp-content/plugins/cookie-law-info/public/css/ 22 KB
4 KB 18ms
15ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.4
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d641d794ffeb8ab4a93449307f4da1d4cb4a9c7020ad7da4c2f630b03de6d1f7

Request headers

:path: /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.4
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
cf-polished: origSize=28525
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be23ea0000d6dda7901000000001
last-modified: Fri, 25 Jun 2021 16:45:43 GMT
server: cloudflare
etag: W/"6f6d-5c599dee3c94b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=k87EbTQN8DCShsP9gi0HrVmOe6w%2BEhoe7x7kDgH8Nq0Fj%2Bjip%2F8cqS6hMZnLlpRtR%2FAIJcbFzloYWe2pdtZJ9E74ujE5NWOiNmn3j8UKEMJqKhdM84OApYjzZPJ2%2BxEdrBP5Nw4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 666affb30b2fd6dd-FRA
cf-bgj: minify

GET
H3-29 200 form-basic.css
all-news.co/wp-content/plugins/mailchimp-for-wp/assets/css/ 2 KB
1 KB 26ms
23ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.8.6
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c518ad5d0adbc0754bac8b71c958312a6bd77d4e318500fec44d929e00f857ec

Request headers

:path: /wp-content/plugins/mailchimp-for-wp/assets/css/form-basic.css?ver=4.8.6
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
cf-polished: origSize=1682
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be23ea0000d6dd06b55000000001
last-modified: Thu, 24 Jun 2021 15:50:11 GMT
server: cloudflare
etag: W/"692-5c584fa6bcff6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RIjTf4Qga88y8bwUS%2FGN3ZynijTzYOLi%2BHOGa2buE388eDluas6JikuKMdl5p%2BHkaaroD6lRcSZvCyxBjfH%2FDnSP5dyBmfYl7hRuUqIcOET%2BDZhOYFPyo9ohba5bXUl9eflNKms%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 666affb31b31d6dd-FRA
cf-bgj: minify

GET
H3-29 200 style.css
all-news.co/wp-content/plugins/td-newsletter/ 6 KB
2 KB 20ms
16ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-newsletter/style.css?ver=11
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ae14082f4d2088f2bcc4f8e3da3955343dd1e39e0a5f9333c45d6428c3cfc5

Request headers

:path: /wp-content/plugins/td-newsletter/style.css?ver=11
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
cf-polished: origSize=5831
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be23ea0000d6ddf290e000000001
last-modified: Sat, 19 Jun 2021 15:29:55 GMT
server: cloudflare
etag: W/"16c7-5c5201cb84492"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0Q%2B6XcyVrIb3GgeOx%2FgqPkMsQxQBonum00eBEvyCTmM4mEwx76KZeKyPBXTYYUG9hLJbdMpz3JhPt4EYZWvg3ClxofQOPv5gn8JhQYGpVwdKWIU2GQmoJUeqRUrL2Xh1n8Tr6Jg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 666affb31b32d6dd-FRA
cf-bgj: minify

GET
H3-29 200 style.css
all-news.co/wp-content/plugins/td-composer/td-multi-purpose/ 36 KB
5 KB 19ms
16ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=978887166a39c57c36d5cf4a5ec10289
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e7088c707941d170c9345ce3004dec27cf3fe8e57088ba398ead8086f2b2583

Request headers

:path: /wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=978887166a39c57c36d5cf4a5ec10289
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
cf-polished: origSize=37284
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be23ea0000d6dde7a17000000001
last-modified: Sat, 19 Jun 2021 15:29:35 GMT
server: cloudflare
etag: W/"91a4-5c5201b905db7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=B33MvDlvfhwNGbhDTwXtzlap%2FaIUuYbBu61Stg5y5uxwbUcxrpwbPIHrwiWG5kK0w3OqUb7iWNocEYEWA9DJdZ5v4M04qhkCVRa7rO6n4BoFUegmdeQUk1Kh58Gjcxsx4EMceTg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 666affb31b33d6dd-FRA
cf-bgj: minify

GET
H3-29 200 css
fonts.googleapis.com/ 17 KB
1004 B 21ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f89adb807450b421fba04a426e97d1ee2fdd2ec3be9b67c0d9bb8531b782bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 00:11:43 GMT
server: ESF
date: Tue, 29 Jun 2021 00:22:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Jun 2021 00:22:09 GMT

GET
H3-29 200 style.css
all-news.co/wp-content/themes/Newspaper/ 104 KB
18 KB 20ms
17ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=11
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90931b70bd659f14792b02d664eddbea5dd7dda5c1f70f31e4be330f84cf3dd6

Request headers

:path: /wp-content/themes/Newspaper/style.css?ver=11
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
cf-polished: origSize=149057
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be23eb0000d6dd0a975000000001
last-modified: Sat, 19 Jun 2021 15:29:28 GMT
server: cloudflare
etag: W/"24641-5c5201b25fb08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dOONICnn1KCEUThNn98bkbnhKreAFcpEytZtDHO9aRZSDapDG8%2FS%2F4GLfu20mDuUgO6jqhcZdB3stxagQl0TPZbB8BWPmWqNZ0oMgJ96C5lSlwKsyyK7Hv5hawIPBNarc%2FZTiUw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 666affb31b34d6dd-FRA
cf-bgj: minify

GET
H3-29 200 QoWmwStuyYWa.css
all-news.co/wp-content/uploads/mQfuTlzSXWhq/ 3 KB
1 KB 15ms
12ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/uploads/mQfuTlzSXWhq/QoWmwStuyYWa.css?ver=2.2.3
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7da8d792ef771180eef9e592f2a3b5ebcc0f74eea6f5475d1a1e9e5665bb8448

Request headers

:path: /wp-content/uploads/mQfuTlzSXWhq/QoWmwStuyYWa.css?ver=2.2.3
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be23eb0000d6ddfb310000000001
last-modified: Mon, 26 Apr 2021 13:36:17 GMT
server: cloudflare
etag: W/"adc-5c0e03ae7e792"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FLQuITEMFWdWxDn2QZdnU738iKQTdjKscR5NElO%2Fis%2F4mqUr3LqFPHMT998CbcaTShZnwb%2BGbaKzB%2Fbg4%2B9r0dBB5cWO9JYFCZlG9pPlat3Mafa%2FFj7i1ulTnVSPQzRZZ2tdnuo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 666affb31b35d6dd-FRA
cf-bgj: minify

GET
H3-29 200 td_legacy_main.css
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 125 KB
19 KB 22ms
19ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b515a59174f30fe7c694f1b81a78f567ce671b24988e2e6e737ecaed26871af

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
cf-polished: origSize=158728
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be23eb0000d6dd98234000000001
last-modified: Sat, 19 Jun 2021 15:29:35 GMT
server: cloudflare
etag: W/"26c08-5c5201b8741a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Q%2B1OHQOgkf%2FU%2FvoEG5gQQbrLYRPre64pqKHzdpxHYIawVipQRclqIFM5tSZX5aZDG%2FHyFXo0fr2vxLBllpunRi1OTYbp0XEHEzZqo0HPrZR3ESI5YWBSfqUA53%2B8dZJRMFDUXnw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 666affb31b38d6dd-FRA
cf-bgj: minify

GET
H3-29 200 td_standard_pack_main.css
all-news.co/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 569 KB
46 KB 28ms
26ms Stylesheet
text/css 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=9aa5e1ff3d260687f7ac21c07b85571f
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6956cbfddf2ce28aee043ecd2b7dbc3ada3954646d7009c6dd1b5ca173f136f9

Request headers

:path: /wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=9aa5e1ff3d260687f7ac21c07b85571f
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
cf-polished: origSize=732364
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be23ee0000d6dded38b000000001
last-modified: Sat, 19 Jun 2021 15:30:00 GMT
server: cloudflare
etag: W/"b2ccc-5c5201d1276ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rolQDv1rGBbEbScRRtr0alFsTJ1rf2X57VRQWn45fvtzbwBsAAmdWdLraXrWUavCx4HxyCAWypuG2hIkZI%2BTSaT3DU1p63l5YagJ9LKHkayE8nII5mIHWvxSY3A7SiD4HbdNEC4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 666affb31b3cd6dd-FRA
cf-bgj: minify

GET
H3-29 200 jquery.min.js Show response
all-news.co/wp-includes/js/jquery/ 87 KB
30 KB 20ms
19ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1339
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be23ed0000d6ddf59df000000001
last-modified: Thu, 07 Jan 2021 11:51:38 GMT
server: cloudflare
etag: W/"15d98-5b84e0ffaa786"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MDKY5pdOmVKMIyIKvWZ0LFV11hmO5ioilH%2Fy%2BTR1V3Yx6NWP523Pbp%2FRN4ZHZLNPvW7rDmZ%2F6JwSjaWpr%2Bmrc6JMyEyO9RPS5kpvmToJPrgZ0Uli01TW9LLLWdO5pnbf%2Bo8z5eI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 666affb31b3dd6dd-FRA

GET
H3-29 200 jquery-migrate.min.js Show response
all-news.co/wp-includes/js/jquery/ 11 KB
4 KB 22ms
20ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1339
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be23ee0000d6ddfd3d0000000001
last-modified: Thu, 07 Jan 2021 11:51:38 GMT
server: cloudflare
etag: W/"2bd8-5b84e0ffba56e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Gec8tmmqUrOJVjD8hTvjm%2F3BXZTN0kK6lQupWU%2Bb4doFPsIMJfS9s85pk4HfM4DICI2a3Lo6XnKmGVGa6yrqXgsTQmRoEvp9we2%2BMzFiJGcSPjMVwCz23cKprw3Viv1jBMPUMm0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 666affb31b3ed6dd-FRA

GET
H3-29 200 cookie-law-info-public.js Show response
all-news.co/wp-content/plugins/cookie-law-info/public/js/ 28 KB
7 KB 17ms
15ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.4
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f8c9f1c471da8dae19554e26c6c423f31e5e687ea3892e4a73ada4be3179f86

Request headers

:path: /wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.4
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1339
cf-polished: origSize=36312
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be23ee0000d6dd0398f000000001
last-modified: Fri, 25 Jun 2021 16:45:43 GMT
server: cloudflare
etag: W/"8dd8-5c599dee3c94b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bUSKbyZsOSPgZCdlkZSQvhjvf0sns9AMkgZ4tewMP9j%2BgRwqqHzkZ5Kw9%2Fs5gRWHEYPqtuE7VCWMWFi0JqC8BVaw6l9bKd6%2F6Z9AAC0p2WmfwIcWR2Wi3o0v%2BXcW3%2FInk8P6WHw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 666affb31b3fd6dd-FRA
cf-bgj: minify

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f8064965f15b802f5e8585daa147c7cdd71467a270ef3fe5afe3037e7558dc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49123
x-xss-protection: 0
server: cafe
etag: 9912502780553662519
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Jun 2021 00:22:09 GMT

GET
H3-29 200 wp-emoji-release.min.js Show response
all-news.co/wp-includes/js/ 14 KB
5 KB 12ms
12ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1339
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be243d0000d6ddf59e3000000001
last-modified: Thu, 04 Feb 2021 02:30:35 GMT
server: cloudflare
etag: W/"3795-5ba797d0ae7be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DwBP4WLQgmpMZMCWGam2gMGjd34v%2Fp69iAGmZ15hmqb0YI7NdUUKc2lM%2FE5byWUugp4ZpBGSWRGsa7QrNmjzFiISezKsF0WizzWaP%2B%2Bor3%2BBGFIwHbux%2BXR13XJ58%2BM87Tq8Kx8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 666affb39bbed6dd-FRA

GET
H3-29 200 tdn_pic_2.png
all-news.co/wp-content/uploads/ 38 KB
38 KB 16ms
15ms Image
image/png 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/tdn_pic_2.png
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d89e938fe1ae43fab7b2c2724a54677a3f4ff882075196ef184993bd63ffd6b3

Request headers

:path: /wp-content/uploads/tdn_pic_2.png
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38534
cf-request-id: 0af6be24620000d6ddcd836000000001
last-modified: Tue, 25 May 2021 04:49:47 GMT
server: cloudflare
etag: "9686-5c3204168bad0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CiSk6seYtj5VRz1%2F5hMoOFFr2vf2bk2mKfDuays6aEfm3VKuCuV68T8XNdJdaxc2LWiWNPlRf8%2FC2y7IcCdM15zfNtm3dlcJsPWu91Na5YeDHXnaChvNiKzyOHEGvy5UzDnwfYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affb3dbfdd6dd-FRA

GET
H2 200 v2cncWsqZKWNNXvjs5EPxS-5LVw5tJf8bN0T8GWN8WGlUFDNEym8oRg3f3vG8NsRNJ538yy7xcY6kKZysn85qFJ5Kzl_ro8aTfBX74iLrDF6__joFOK_O992Ee-jR Show response
steadfastsystem.com/ 103 KB
30 KB 233ms
232ms Script
text/javascript 35.190.90.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://steadfastsystem.com/v2cncWsqZKWNNXvjs5EPxS-5LVw5tJf8bN0T8GWN8WGlUFDNEym8oRg3f3vG8NsRNJ538yy7xcY6kKZysn85qFJ5Kzl_ro8aTfBX74iLrDF6__joFOK_O992Ee-jR

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.90.202 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

202.90.190.35.bc.googleusercontent.com

Software

Resource Hash

f8ab733c1d2cfd50c84622ebdaddb7a4624dc9a7d9e1da00ed757e1bf2d9a6ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "a5c66ac2b32b3d70feab8bccd6fe98d660e75b57ef7c35886924e6b6624570bf"
vary: Accept-Encoding, Accept-Language
x-hostname: ea392c14
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Tue, 29 Jun 2021 00:22:09 GMT
timing-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 3024
date: Mon, 28 Jun 2021 23:31:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Tue, 29 Jun 2021 01:31:45 GMT

GET
H3-29 200 mobile-bg.jpg
all-news.co/wp-content/uploads/2021/01/ 43 KB
43 KB 13ms
12ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/01/mobile-bg.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c55a840772f4c19f2cb8e3a077caaaf723715f7a8bbd80b3f54ac9e5b151383a

Request headers

:path: /wp-content/uploads/2021/01/mobile-bg.jpg
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43847
cf-request-id: 0af6be24760000d6ddba0c5000000001
last-modified: Sat, 30 Jan 2021 22:15:34 GMT
server: cloudflare
etag: "ab47-5ba2575ae8adc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1coP3wRLRqoEZijJ17TJNa4bHU1ePQUzXKp2XHa5kRVqDzAR8gGnizrd1NcuvkAavpdvfd1%2B9BdYqnyKKJVyBe6hTKsqxTh3xco%2F7YdTgWqQoEPO5fgofBssKp11SBRo5l0ICU8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affb3ec23d6dd-FRA

GET
H3-29 200 newspaper.woff
all-news.co/wp-content/themes/Newspaper/images/icons/ 24 KB
17 KB 23ms
22ms Font
application/font-woff 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=11
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd

Request headers

sec-fetch-mode: cors
origin: https://all-news.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
:path: /wp-content/themes/Newspaper/images/icons/newspaper.woff?19
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: all-news.co
referer: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=11
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://all-news.co
Referer: https://all-news.co/wp-content/themes/Newspaper/style.css?ver=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5495
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be247a0000d6dde4a84000000001
last-modified: Sat, 19 Jun 2021 15:29:28 GMT
server: cloudflare
etag: W/"6120-5c5201b260aa8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AvrKhoHV1mdn%2Bp2nOr27VlTDod4r9iennIELi6SbFeBlS325TiWy9BHH2pB5mstypi4xdJ6TKaCQ5s%2Bl2kj0V5%2FtmVEiVM560GalluquCbWomzPEyY7z08gKNzT0rdkg4WTftzA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 666affb3fc36d6dd-FRA

GET
H3-29 200 newspaper-icons.woff
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/ 6 KB
4 KB 14ms
13ms Font
application/font-woff 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.woff?1
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808

Request headers

sec-fetch-mode: cors
origin: https://all-news.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
:path: /wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.woff?1
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: all-news.co
referer: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://all-news.co
Referer: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be247a0000d6dd0a97b000000001
last-modified: Sat, 19 Jun 2021 15:29:34 GMT
server: cloudflare
etag: W/"1744-5c5201b86b508"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FPIdbCb9xMEvXY9kkweA%2FyxYE3zTMRdoEvMKU8W3x35YurvuRklkU%2F1iQqHlrlG7cXqsVkyki4RQr7jxKy21HSAuqutLcRu%2FyBdwiclgZyXOSHq5vWLKux%2FjIMh7lTlGQRRO7ew%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 666affb3fc38d6dd-FRA

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://all-news.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 13:09:35 GMT
x-content-type-options: nosniff
age: 472354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 13:09:35 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://all-news.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 10:48:51 GMT
x-content-type-options: nosniff
age: 480798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 10:48:51 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://all-news.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 22:51:50 GMT
x-content-type-options: nosniff
age: 523819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 22:51:50 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/ 240 KB
89 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77dc4e5bc1c42cd2a6f390b77286de6df5f0ead908357a4c0df4c2de59f60716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91041
x-xss-protection: 0
server: cafe
etag: 14008214618944263571
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 29 Jun 2021 00:22:09 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://all-news.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 16:31:16 GMT
x-content-type-options: nosniff
age: 546653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 16:31:16 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://all-news.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 21:40:02 GMT
x-content-type-options: nosniff
age: 528127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 21:40:02 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://all-news.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 17:22:06 GMT
x-content-type-options: nosniff
age: 543603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 17:22:06 GMT

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210624/r20190131/ Frame FFF7 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210624/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210624/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmzbXNfrQeXG3riGbdaiSXxBDY_azQNhVdFtWRWPBS6LH4CiJPr5V9JSIr3htg; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 28 Jun 2021 17:39:14 GMT
expires: Mon, 12 Jul 2021 17:39:14 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 24175
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 email-decode.min.js Show response
all-news.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
8ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://all-news.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 0af6be25be0000d6dddfa13000000001
last-modified: Tue, 22 Jun 2021 16:56:35 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60d21643-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HedAr%2FbaNVAjMmauR%2FdiEgl0FQeyQGzBtCgCWMmYL2188xYXfyvUOzyGodiFvaoWnzFk2n3qiyHakPsnORK4xEn4e9bRK4iNscZwq5fCG0UFFVjghBp4Iq77r0hGB20%2Bk4Wd%2FkI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 666affb5fe2dd6dd-FRA
expires: Thu, 01 Jul 2021 00:22:09 GMT

GET
H3-29 200 underscore.min.js Show response
all-news.co/wp-includes/js/ 16 KB
6 KB 20ms
20ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9

Request headers

:path: /wp-includes/js/underscore.min.js?ver=1.8.3
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1339
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be25c10000d6dd8b317000000001
last-modified: Thu, 15 Apr 2021 14:30:28 GMT
server: cloudflare
etag: W/"3ead-5c003b4783b7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pVHkem0Go3AWgQFkTpKSkDr5GDboLrGDzbWtmkw%2FQobpmMh4FkQYKtRlWsGHqeJI2Ci9a%2BycjbAuwFrxlId6Z8UmGoLh%2BP5AGu%2FKIXb9uAdsYnwghVTXyZ0lDHEOlLRXWYmlItw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 666affb5fe2fd6dd-FRA

GET
H3-29 200 js_posts_autoload.min.js Show response
all-news.co/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 13ms
12ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=45456ad3a6d583e9cee0a9fe2cdd86cb
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dd95d9bfc689b8862a9dd8ae8166ca21df149fb24f3d0830423b66ae00d426e

Request headers

:path: /wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=45456ad3a6d583e9cee0a9fe2cdd86cb
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1339
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be25bf0000d6ddcc975000000001
last-modified: Sat, 19 Jun 2021 15:29:42 GMT
server: cloudflare
etag: W/"1428-5c5201c00d31a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UV6ikUR58%2BcevoL2A8ykSAdhecnEFvBmvb1OdLNFjlCCMqCB9ximRO7X3G2KFSOn6NKmJKWt1p2Guy7s1yH%2FaOXiTOIEKrZqN6eeepAEKQhYWzNPcGgkBW39J6GCF8ST4HxhlxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 666affb5fe30d6dd-FRA

GET
H3-29 200 tagdiv_theme.min.js Show response
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/js/ 257 KB
56 KB 26ms
25ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d036346b18bf4c27bc91f0416f8b59427e32bfc6c2724a27e6fe2e5a7b58574

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1339
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be25c40000d6ddf59f3000000001
last-modified: Sat, 19 Jun 2021 15:29:35 GMT
server: cloudflare
etag: W/"4029c-5c5201b875148"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5ZRn102KNlL0WhlXcGVo1yEFRdCVAgRduD4%2BHwvh8j8mEWo%2BcGrFEBGT94bbY8ui7PSPVpy3Z6WH0AXkW5SraoY886M0hRB3NLEsRMI1KFErOjZcMGq6DjRiGAnPMks84%2FO%2FT50%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 666affb60e34d6dd-FRA

GET
H3-29 200 comment-reply.min.js Show response
all-news.co/wp-includes/js/ 3 KB
2 KB 35ms
33ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/comment-reply.min.js?ver=5.7.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

:path: /wp-includes/js/comment-reply.min.js?ver=5.7.2
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1339
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be25c70000d6ddf59f4000000001
last-modified: Thu, 15 Apr 2021 14:30:28 GMT
server: cloudflare
etag: W/"ba8-5c003b4783f65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7A42LiG20XG0OaWjyN2YthForZTqRX3Q6zcDcXMYjQMp1GZM0DPkoaQ2EseyapIsqRx1fLqXXBUMUuTsNxlmbtZIFvkGAVWeQ5GYgHbyvvtXisW2H1MQP16EqvalER4JIjueCJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 666affb60e35d6dd-FRA

GET
H3-29 200 kddsnszlCWqm.js Show response
all-news.co/wp-content/uploads/mQfuTlzSXWhq/ 14 KB
4 KB 15ms
13ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/uploads/mQfuTlzSXWhq/kddsnszlCWqm.js?ver=2.2.3
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df85aac876d06864d10bb0fc5f45c6fa28870ed4eda966f3082d52e42173d962

Request headers

:path: /wp-content/uploads/mQfuTlzSXWhq/kddsnszlCWqm.js?ver=2.2.3
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1339
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be25c40000d6dda8b5c000000001
last-modified: Mon, 26 Apr 2021 13:36:17 GMT
server: cloudflare
etag: W/"396a-5c0e03aea02a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=21BKCIFH%2BIbuX9BsukZKFn1p3dyEa8Jmx82hjA5MSLb8XK6Itavs%2BjbxwTpdzm%2FaZyXuzuvJ3LchYUhnCKkeTLep43Dp4kQgyFC81HTJw5YRxFufNOUuZ%2BKcHxxk7LrLUAMaw6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 666affb60e36d6dd-FRA
cf-bgj: minify

GET
H3-29 200 js_files_for_front.min.js Show response
all-news.co/wp-content/plugins/td-cloud-library/assets/js/ 36 KB
8 KB 17ms
16ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=45456ad3a6d583e9cee0a9fe2cdd86cb
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15c510fe49c3ec5fd57ac7ead341655699156a63fe10195347dfeae1dc53f909

Request headers

:path: /wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=45456ad3a6d583e9cee0a9fe2cdd86cb
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1339
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be25c40000d6dd8db37000000001
last-modified: Sat, 19 Jun 2021 15:29:42 GMT
server: cloudflare
etag: W/"9176-5c5201c00d31a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Pl3ynMC%2BaamiBqNJXODjwGUERYpBbU5VhcaRarjrWPIDUurZBUJEUBnJ6ovsq8cQjGuftOqvAEiJbU8AV3I%2BBLGxYj9DnOjlEiRCXdsxo42cLZ4FnF1egQw11NxFpMKJkcvzPzI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 666affb60e37d6dd-FRA

GET
H3-29 200 wp-embed.min.js Show response
all-news.co/wp-includes/js/ 1 KB
1 KB 19ms
18ms Script
application/javascript 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://all-news.co/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.7.2
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1339
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be25c40000d6ddf888d000000001
last-modified: Thu, 04 Feb 2021 02:30:35 GMT
server: cloudflare
etag: W/"592-5ba797d0ae3d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=T3A%2FgV6G67pf%2FYGCjGC0QPLCpCYnURX%2BwVjZyuFzYUzjjuYUeRlFSJvgieeMLq1h9Esn0I4VjNr2WUWQ0SJz1aakIswOwVMhk60GNkVxgQ26HSyp7%2F9kCAqOyjpVEvmtcVIQjYI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 666affb60e38d6dd-FRA

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 15ms
14ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.7.2
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe8b2264b7ef7ae4f5b3ee5fa827b2744a843804a417cc0b39a4f0e9f64f07ed

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2277
etag: W/"5fc2f559bc639be298da1ed4b804eeda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 666affb60c07d72d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be25c30000d72d54a9d000000001
expires: Fri, 02 Jul 2021 00:22:09 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=735618377&t=pageview&_s=1&dl=https%3A%2F%2Fall-news.co%2F&ul=en-us&de=UTF-8&dt=Home%20-%20all-news&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1749175173&gjid=2035936885&cid=63778348.1624926130&tid=UA-185019636-1&_gid=210634481.1624926130&_r=1&_slc=1&z=646850275

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://all-news.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
256 B 31ms
30ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=all-news.co&callback=_gfp_s_&client=ca-pub-8439024877331049

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210624/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8439024877331049&plah=all-news.co&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

1d7154e6f0f3acdb2fe2c2def3d39a515ab59e089f19b8d8c5434b71f2450576

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1480 18 KB
1 KB 61ms
60ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1624926129&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926129493&bpp=10&bdt=370&idt=288&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3077665818520&frm=20&pv=2&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=311

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb91a46b218b9d0f871d66c92160019ebd0a3104fd78f7826209deacbd44872c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&adk=1812271804&adf=3025194257&lmt=1624926129&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fall-news.co%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926129493&bpp=10&bdt=370&idt=288&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3077665818520&frm=20&pv=2&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=311
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmzbXNfrQeXG3riGbdaiSXxBDY_azQNhVdFtWRWPBS6LH4CiJPr5V9JSIr3htg; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Jun 2021 00:22:09 GMT
server: cafe
content-length: 1138
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879999447392"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27719
x-xss-protection: 0
expires: Tue, 29 Jun 2021 00:22:09 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
39ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-8439024877331049&c=13&e=2570847921467975139&n=0&t=0&w=425&x=7

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C619 71 KB
25 KB 400ms
400ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624926129&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926129503&bpp=47&bdt=380&idt=340&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3QxlbBcDxB&p=https%3A//all-news.co&dtd=346

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9c9be4270108611680d51d44a1bffdb794619dcfad2ce43a4374580512a6a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624926129&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926129503&bpp=47&bdt=380&idt=340&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3QxlbBcDxB&p=https%3A//all-news.co&dtd=346
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmzbXNfrQeXG3riGbdaiSXxBDY_azQNhVdFtWRWPBS6LH4CiJPr5V9JSIr3htg; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Jun 2021 00:22:10 GMT
server: cafe
content-length: 25742
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 elements.png
all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ 4 KB
5 KB 13ms
12ms Image
image/png 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by: Host: all-news.co
URL: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0; _ga=GA1.2.63778348.1624926130; _gid=GA1.2.210634481.1624926130; _gat=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=978887166a39c57c36d5cf4a5ec10289
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:09 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6819
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4149
cf-request-id: 0af6be26cf0000d6dd09815000000001
last-modified: Sat, 19 Jun 2021 15:29:34 GMT
server: cloudflare
etag: "1035-5c5201b86b120"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vd0VCS%2FmUal7C8Fnl6ACxEfz1b5J69N4Ad8xujautXMUfQjxUpUU4bZan%2BSsEZeg7IIDAKOzBOksKGRuAEOUS8fl9ag6zndl41XODOeYr7odYldnE0wcQE1Tde3fjDsB0UGcqVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affb7bf80d6dd-FRA

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 00:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=all-news.co

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 00:22:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5F01 69 KB
25 KB 810ms
810ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=1&bdt=1007&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178&nras=2&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1485&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=m7fgvHLICA&p=https%3A//all-news.co&dtd=43

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a22ae82d21bf67a4611f1f436e3ab4df13b16969315e9c1d8c299a13d662f3fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=1&bdt=1007&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178&nras=2&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1485&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=m7fgvHLICA&p=https%3A//all-news.co&dtd=43
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmzbXNfrQeXG3riGbdaiSXxBDY_azQNhVdFtWRWPBS6LH4CiJPr5V9JSIr3htg; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Jun 2021 00:22:10 GMT
server: cafe
content-length: 25392
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 52D7 107 KB
35 KB 973ms
973ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=772987173&adf=3107455062&pi=t.aa~a.4180898312~rp.2&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=1&bdt=1007&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Qw8IjUValV&p=https%3A//all-news.co&dtd=50

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cbe29d1f85fb03cd20d992c1560592deabecadf2c776e8045a61f81e2da32e5

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO_cm8bJu_ECFWpc5QodmP0IyQ&gqi=smfaYLniC-Sjx_AP66u20AY&layout=/sadbundle/%24csp%253Der3%24/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=772987173&adf=3107455062&pi=t.aa~a.4180898312~rp.2&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=1&bdt=1007&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Qw8IjUValV&p=https%3A//all-news.co&dtd=50
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmzbXNfrQeXG3riGbdaiSXxBDY_azQNhVdFtWRWPBS6LH4CiJPr5V9JSIr3htg; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO_cm8bJu_ECFWpc5QodmP0IyQ&gqi=smfaYLniC-Sjx_AP66u20AY&layout=/sadbundle/%24csp%253Der3%24/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Jun 2021 00:22:11 GMT
server: cafe
content-length: 35397
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D488 107 KB
35 KB 992ms
992ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=2&bdt=1008&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=RVeMePlNKo&p=https%3A//all-news.co&dtd=55

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7a9100f85d8ca82c558146d7ed9d4e3521878c5bb1d40dcb6b74a8591610b89

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLn3m8bJu_ECFTzKuwgdJWAIlQ&gqi=smfaYOyTDIzvgQfCz7X4BQ&layout=/sadbundle/%24csp%253Der3%24/534895642919901748/Walbusch_TV-Banner_300x250/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=2&bdt=1008&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=RVeMePlNKo&p=https%3A//all-news.co&dtd=55
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmzbXNfrQeXG3riGbdaiSXxBDY_azQNhVdFtWRWPBS6LH4CiJPr5V9JSIr3htg; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLn3m8bJu_ECFTzKuwgdJWAIlQ&gqi=smfaYOyTDIzvgQfCz7X4BQ&layout=/sadbundle/%24csp%253Der3%24/534895642919901748/Walbusch_TV-Banner_300x250/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Jun 2021 00:22:11 GMT
server: cafe
content-length: 35389
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 41D2 72 KB
25 KB 968ms
967ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=7&bdt=1008&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C324x250&nras=5&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=v7tt32mDQu&p=https%3A//all-news.co&dtd=59

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d30c86414403cb23cc586453d82c59e889147bcfd54ea6b0aa2d3e2a29baf156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=7&bdt=1008&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C324x250&nras=5&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=v7tt32mDQu&p=https%3A//all-news.co&dtd=59
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmzbXNfrQeXG3riGbdaiSXxBDY_azQNhVdFtWRWPBS6LH4CiJPr5V9JSIr3htg; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Jun 2021 00:22:11 GMT
server: cafe
content-length: 25817
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ADBE 54 KB
17 KB 1093ms
1093ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=2&bdt=1007&idt=2&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C324x250%2C1200x280&nras=6&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=Rt29vRcIUi&p=https%3A//all-news.co&dtd=63

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a0f2b0f0bd327760c7f8583c882c9e5d76d3a920e23f8904692ec567ff2497d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=2&bdt=1007&idt=2&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C324x250%2C1200x280&nras=6&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=Rt29vRcIUi&p=https%3A//all-news.co&dtd=63
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmzbXNfrQeXG3riGbdaiSXxBDY_azQNhVdFtWRWPBS6LH4CiJPr5V9JSIr3htg; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Jun 2021 00:22:11 GMT
server: cafe
content-length: 17130
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 footer_bg.jpg
all-news.co/wp-content/uploads/2021/01/ 105 KB
106 KB 13ms
13ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/01/footer_bg.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 231c611d7b6ead714207b6ad2a59ebf8f84feb7142c87326d9d145b80b884b6a

Request headers

:path: /wp-content/uploads/2021/01/footer_bg.jpg
pragma: no-cache
cookie: _awl=2.1624926128.0.4-7a26c10f-265a157fcf3d01e186e8ba5d61d6db35-6763652d6575726f70652d7765737431-60da67b0-0; _ga=GA1.2.63778348.1624926130; _gid=GA1.2.210634481.1624926130; _gat=1; __gads=ID=1ef8270dee3a904e-22084ab442c900ef:T=1624926129:RT=1624926129:S=ALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:10 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1125
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 107441
cf-request-id: 0af6be286c0000d6ddf2939000000001
last-modified: Sat, 30 Jan 2021 22:15:20 GMT
server: cloudflare
etag: "1a3b1-5ba2574d2c0a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LCoLVLZgegaY7PC%2B6NAqOLCt67%2F0TNC2HDLCn1OMhbr9f%2BGIakrusjq7futPs70ls5HIZydCPr0YYFXivw5bEmsapvTAc2CMu3VPrSxwQZ5jxTlpVGnD%2B1ZAoK9JksWrBPflJlc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affba4971d6dd-FRA

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CAdamina%3A800&display=swap&ver=11

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://all-news.co
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 07:58:29 GMT
x-content-type-options: nosniff
age: 491021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 07:58:29 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 13ms
13ms Image
image/gif 2600:9000:2104:3600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:3600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 08:09:03 GMT
via: 1.1 9385401cebb473e4ed1da6c81b927c52.cloudfront.net (CloudFront)
age: 9907988
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: 2HxWdV37FOrEqfdj8AIw0AZu-OEIVdzv_szB61ZryMF28VT-exfvHw==

GET
H3-29 200 css
fonts.googleapis.com/ Frame C619 4 KB
617 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624926129&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926129503&bpp=47&bdt=380&idt=340&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3QxlbBcDxB&p=https%3A//all-news.co&dtd=346

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 23:54:45 GMT
server: ESF
date: Tue, 29 Jun 2021 00:22:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Jun 2021 00:22:10 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame C619 1 KB
923 B 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 23:51:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:51:29 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame C619 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 23:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3529
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:23:21 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame C619 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 00:20:09 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C619 125 KB
38 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:10 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Tue, 29 Jun 2021 00:22:10 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame C619 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 23:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1964
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:49:26 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame C619 0
0 15ms
14ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_iRgofu2bn7jCuUVddTdvBf_BgIin-4S91EO6Uofj85_mH9f8GvDj_lkAI6qvdijuFtdgpkmVEBcBtLq9lJ1G9vbvQQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624926129&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926129503&bpp=47&bdt=380&idt=340&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3QxlbBcDxB&p=https%3A//all-news.co&dtd=346
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 5be26e13f65761684aaaff0594247b1f.js Show response
www.gstatic.com/mysidia/ Frame C619 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5be26e13f65761684aaaff0594247b1f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e36f48120b748ca10f6efeb242a7cdbd118a72f0e40b3812a5f3dbe286de818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 10:15:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10687
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 02:45:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 26 Sep 2021 10:15:31 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15493501565930346513/ Frame C619 11 KB
11 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15493501565930346513/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c9ef034019aa39323b351f1d81fb4ac07a736f696b8204c20986fd31c8b9bdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 12:28:54 GMT
x-content-type-options: nosniff
age: 474796
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11383
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 15:05:47 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 12:28:54 GMT

GET
H2 200 /
track.seadform.net/adfserve/ Frame C619 35 B
0 33ms
32ms Fetch
image/gif 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.seadform.net/adfserve/?bn=43890171;1x1inv=1;srctype=3;ord=1390548932

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:10 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame C619 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8itxsWfaYOf9NIi07_UPxMKiwAXk5YLNYsGzw6unDb_qwdveDxABIMzT7IIBYJUCoAHI5NeKA8gBBqkCFccxdUkBtD6oAwHIA8sEqgSnAU_Q37ZZX6kLlHWLM86dlQvs_rtwbQjkETPtISXBuPBdAV1HbUqf2NTjwObsXOZXTOd5Mq83Vbf4L-Dz4UBjBMOy515PWgbuyFiu_EH_HVVe8A69-2bwUtqyFjKLIq5Ns1hxSYzJ0eKPuQv2bBnPh9vc5LqBLBKAhbUd7qcSMY6ThI_-olPVCEwX2QxRZ0R9csQ7ZWkCOew5_U4njb_IbsF93ntCZE3OwATU4OXlsgOSBQQIBBgBkgUECAUYBKAGN4AHoJuodagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDE1mHSCAkIgOGAEBABGB-ACgHICwHYEw2IFALQFQGYFgGAFwGyFxoKGAgAEhRwdWItODQzOTAyNDg3NzMzMTA0OQ&sigh=1HaQmq3_h2Y&template_id=492

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624926129&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926129503&bpp=47&bdt=380&idt=340&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3QxlbBcDxB&p=https%3A//all-news.co&dtd=346
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 29 Jun 2021 00:22:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3F54 1 KB
749 B 6ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 28 Jun 2021 08:59:18 GMT
expires: Tue, 29 Jun 2021 08:59:18 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 55372
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C619 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0d2c2cc4135489b4fb78048e88cbd0a5c9bec0097da94fd798e0a61b20dcd5c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame C619 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 10:48:51 GMT
x-content-type-options: nosniff
age: 480799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 10:48:51 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame C619 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 17:22:06 GMT
x-content-type-options: nosniff
age: 543604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 17:22:06 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3F54
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJf-3rcdEaFl7C3zddAqFaSMzFPIOYLTlDpxCk...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5wbnNnQUFBWVFGWXctMg&google_push=AYg5qPJf-3rcdEaFl7C3zddAqFaSMzFPIOYLTlDpxCkjBYMtG2h4Kf1ic1Ca2kSn9CXmaCrotb1WXDMkdopc2WOfopBR8d9HnCo

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5wbnNnQUFBWVFGWXctMg&google_push=AYg5qPJf-3rcdEaFl7C3zddAqFaSMzFPIOYLTlDpxCkjBYMtG2h4Kf1ic1Ca2kSn9CXmaCrotb1WXDMkdopc2WOfopBR8d9HnCo

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5wbnNnQUFBWVFGWXctMg&google_push=AYg5qPJf-3rcdEaFl7C3zddAqFaSMzFPIOYLTlDpxCkjBYMtG2h4Kf1ic1Ca2kSn9CXmaCrotb1WXDMkdopc2WOfopBR8d9HnCo
Date: Tue, 29 Jun 2021 00:22:10 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 466606.gif
id.rlcdn.com/ Frame 3F54 42 B
316 B 26ms
24ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJw64mSL2ISrQV4-ulA-A_lV3RC9-V_qWIUw3H4QJWa-Ay5gW5c9MU6-GsPZGEIn8cMZ-CU50gvXB7g_NSuX2DonB4EZXQ&google_gid=CAESEPQOl8TAImSaGZiBsjjHzYs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624926129&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926129503&bpp=47&bdt=380&idt=340&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3QxlbBcDxB&p=https%3A//all-news.co&dtd=346
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 00:22:10 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 3F54 43 B
106 B 25ms
23ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEK7OEPUSWr4BAb6muHCiHHc&google_push=AYg5qPI4ey94tPMxLwB87Kh-lQIVXOxw8wSIpvbk7dkHmgmRxPx0S3QxarPPwZb6C3nenLZXICjf8odKeU_GLaOrHC6wbnMNsA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624926129&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926129503&bpp=47&bdt=380&idt=340&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3QxlbBcDxB&p=https%3A//all-news.co&dtd=346
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:10 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3F54
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=24Y-JjFCQJuWb15wOSpjxw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=24Y-JjFCQJuWb15wOSpjxw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKDXuRnZqMnQbmIvwNTDBO35wfKH3EbUurHqTKYpNvIBPwR0CFHS2xEKxqb6XPm1ig8DgFAondunUmJwjhjWLDXbpHW8g

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=24Y-JjFCQJuWb15wOSpjxw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKDXuRnZqMnQbmIvwNTDBO35wfKH3EbUurHqTKYpNvIBPwR0CFHS2xEKxqb6XPm1ig8DgFAondunUmJwjhjWLDXbpHW8g
date: Tue, 29 Jun 2021 00:22:09 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3F54
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&google_gid=CAESEA_g1QvOurZARDdvNEprZck&google_cver=1&google_push=AYg5qPInRRUUsoWp_mN97QsynOy09dU2fWdmBhMnFw3UiKveuy7_0BLqYKC_MtPK7Q0uQ3U4BEZCVd5...
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK cma
dsum-sec.casalemedia.com/ Frame 3F54 43 B
315 B 85ms
32ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/cma?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_10}&google_gid=CAESEBdBZTf4eO80rBBw9-NpxK4&google_cver=1&google_push=AYg5qPLti45LDdPa9ePdWUEkItIwQpoqn2UyY87yi64kkqetG4x6AcIO4EBDytu8o-iPAueCINVSZ57CY1EjSbhH7T_JTB_Sb7w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=178&slotname=6740426067&adk=1170913138&adf=793176254&pi=t.ma~as.6740426067&w=712&fwrn=4&lmt=1624926129&rafmt=11&psa=0&format=712x178&url=https%3A%2F%2Fall-news.co%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926129503&bpp=47&bdt=380&idt=340&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3QxlbBcDxB&p=https%3A//all-news.co&dtd=346
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 00:22:10 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 29 Jun 2021 00:22:10 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3F54
Redirect Chain

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGcAnCbCuIXtydpDwIeUT0o&google_cver=1&google_push=AYg5qPKyfoEVFavJnl6ZQoaNS3svKPS1uyNZzWl2cpxVvziliUIPhsIGInMlkj6Kd2zTHgOrN-jnDkhCMVn7Y6B6byBJQ0C...
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPKyfoEVFavJnl6ZQoaNS3svKPS1uyNZzWl2cpxVvziliUIPhsIGInMlkj6Kd2zTHgOrN-jnDkhCMVn7Y6B6byBJQ0CTFqE&google_hm=yOaUSwg2TeGF0kWqU...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPKyfoEVFavJnl6ZQoaNS3svKPS1uyNZzWl2cpxVvziliUIPhsIGInMlkj6Kd2zTHgOrN-jnDkhCMVn7Y6B6byBJQ0CTFqE&google_hm=yOaUSwg2TeGF0kWqUH3gxw

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPKyfoEVFavJnl6ZQoaNS3svKPS1uyNZzWl2cpxVvziliUIPhsIGInMlkj6Kd2zTHgOrN-jnDkhCMVn7Y6B6byBJQ0CTFqE&google_hm=yOaUSwg2TeGF0kWqUH3gxw
pragma: no-cache
date: Tue, 29 Jun 2021 00:22:10 GMT
cache-control: no-cache
content-length: 0
request-time: 1
expires: -1

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 3F54 0
12 B 31ms
30ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I6v0F8gPP1d7wDb6IBqcTVpD3NDmYlP4-mPlsbYTo6IICJ88z8fAHAahAgHoef7WNW4O69

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js Show response
pagead2.googlesyndication.com/bg/ Frame 55AD 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 19:36:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5744
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Jun 2022 19:36:31 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 5F01 6 KB
669 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=1&bdt=1007&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178&nras=2&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1485&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=m7fgvHLICA&p=https%3A//all-news.co&dtd=43

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 23:52:33 GMT
server: ESF
date: Tue, 29 Jun 2021 00:22:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Jun 2021 00:22:11 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 5F01 1 KB
923 B 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 23:51:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:51:29 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame 5F01 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 23:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3529
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:23:21 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 5F01 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 00:20:09 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5F01 125 KB
38 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:11 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Tue, 29 Jun 2021 00:22:11 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 5F01 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 23:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:49:26 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 5F01 0
0 15ms
14ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1HiYTklVLLigx6-WCP_ln4QRGyHiRVzwfSjqqhJk3bQD2rO372ZRYWArjFoQjVztdHDWC7AnO3DN1eKeZNLKRTv5EmQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=1&bdt=1007&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178&nras=2&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1485&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=m7fgvHLICA&p=https%3A//all-news.co&dtd=43
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 5be26e13f65761684aaaff0594247b1f.js Show response
www.gstatic.com/mysidia/ Frame 5F01 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5be26e13f65761684aaaff0594247b1f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e36f48120b748ca10f6efeb242a7cdbd118a72f0e40b3812a5f3dbe286de818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 10:15:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10687
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 02:45:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 26 Sep 2021 10:15:31 GMT

GET
H2 200 /
track.seadform.net/adfserve/ Frame 5F01 35 B
0 33ms
31ms Fetch
image/gif 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.seadform.net/adfserve/?bn=43977234;1x1inv=1;srctype=3;ord=4145782236

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5F01 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwBdGsmfaYLPdC9fb7_UPgrOtqASQv52NYray69qIDYHggrKPDhABIMzT7IIBYJUCoAHI5NeKA8gBCakCFccxdUkBtD6oAwHIA8sEqgSoAU_Q0hGM-N6-nbTJtk-zH0YfB5HV58PkXNV7ArAATOhx-NZRvZbIoLy1YbU7tuGaKqnYOQej-IJoKjzhQcKDydbiQnNlYp0xP0BKzQzkIRz_N38tyBQ9tTGmB49ggLegWRzpuv5VdlE3Gl2lnUOAXa_KpATPQXTfG7y0qVp87fHdOR0peMRpL5DnNfN9tdR7Mon9dMYeNBcvuZQrxjkKSGCyW4AXocTWocAEjfua6LYDkgUECAQYAZIFBAgFGASgBi6AB6CbqHWoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQheIJ0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBmBYBgBcBshcaChgIABIUcHViLTg0MzkwMjQ4NzczMzEwNDk&sigh=PKWN6l7K6MY&template_id=484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=1&bdt=1007&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178&nras=2&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1485&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=m7fgvHLICA&p=https%3A//all-news.co&dtd=43
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 29 Jun 2021 00:22:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 37FD 1 KB
749 B 6ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 28 Jun 2021 08:59:18 GMT
expires: Tue, 29 Jun 2021 08:59:18 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 55373
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16409631892908578422/ Frame 5F01 15 KB
15 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16409631892908578422/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be6138d0e7312f9c3f2c1ac3172e56de95bd3435fd87b0e3c3d86dd8482db54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 10:09:39 GMT
x-content-type-options: nosniff
age: 483152
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15436
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 13:29:24 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 10:09:39 GMT

GET
DATA 200
OK truncated
/ Frame 5F01 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5F01 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa1337616335c113614b284c33f0aa5fcaab20f04e49c33989ae3cd448a6a3de

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 5F01 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 22:51:50 GMT
x-content-type-options: nosniff
age: 523821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 22:51:50 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 5F01 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 07:58:29 GMT
x-content-type-options: nosniff
age: 491022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 07:58:29 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 37FD
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJEW4R5iEkBOcS7ZWPFpkyptAlEPpQpgxjG4SP...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5wbnN3QUFBUUpkMlVjbw&google_push=AYg5qPJEW4R5iEkBOcS7ZWPFpkyptAlEPpQpgxjG4SPmpUrREpttV8IZnTw3VxfaPVBOUCMcIaL-f6XtXiiTT_lXCsH5b6OT7W4

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5wbnN3QUFBUUpkMlVjbw&google_push=AYg5qPJEW4R5iEkBOcS7ZWPFpkyptAlEPpQpgxjG4SPmpUrREpttV8IZnTw3VxfaPVBOUCMcIaL-f6XtXiiTT_lXCsH5b6OT7W4

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5wbnN3QUFBUUpkMlVjbw&google_push=AYg5qPJEW4R5iEkBOcS7ZWPFpkyptAlEPpQpgxjG4SPmpUrREpttV8IZnTw3VxfaPVBOUCMcIaL-f6XtXiiTT_lXCsH5b6OT7W4
Date: Tue, 29 Jun 2021 00:22:11 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 37FD
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPIAWkCJV-5fVOoUuUl8wXZJSw3CBHhRXi398pUQXUHtYdEQ5p52mL3mMc3HTbsV-RszWWSTy6RhMkpw-28wcYVrJM0Q3C0&google_gid=CAESEPQOl8TAImSaGZiBsjjHzYs&goog...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZ0o4aTlOQzB2QWM2WW9VTjdRMkxUU2xwU01nbFR3Zi1NWDZZY2pxN2l3Yw==&google_push

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZ0o4aTlOQzB2QWM2WW9VTjdRMkxUU2xwU01nbFR3Zi1NWDZZY2pxN2l3Yw==&google_push

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 29 Jun 2021 00:22:11 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZ0o4aTlOQzB2QWM2WW9VTjdRMkxUU2xwU01nbFR3Zi1NWDZZY2pxN2l3Yw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 37FD 43 B
106 B 25ms
24ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEK7OEPUSWr4BAb6muHCiHHc&google_push=AYg5qPKX65cyivjjcfTxaCHhsWKQBtWueNfGrWwEH0Er09LwY3Y1TprcGb0hxA0QxobS-I_xafyKt3rAZg0iYi48g1rQKJxpp9o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1500449826&pi=t.aa~a.2368139338~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=1&bdt=1007&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178&nras=2&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1485&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=m7fgvHLICA&p=https%3A//all-news.co&dtd=43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 37FD
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=24Y-JjFCQJuWb15wOSpjxw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=24Y-JjFCQJuWb15wOSpjxw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKGQvLXA5RK1X5pv6DCdNkhobyWUAbHZQ1qXVE0rI3m9EV_K_hBkwCDuM6hn66-238mqCitiVb5zV8E4YOQoLv_RY726LJv

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=24Y-JjFCQJuWb15wOSpjxw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKGQvLXA5RK1X5pv6DCdNkhobyWUAbHZQ1qXVE0rI3m9EV_K_hBkwCDuM6hn66-238mqCitiVb5zV8E4YOQoLv_RY726LJv
date: Tue, 29 Jun 2021 00:22:09 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 37FD
Redirect Chain

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGcAnCbCuIXtydpDwIeUT0o&google_cver=1&google_push=AYg5qPIlRODe9HlHc0ZbMYY-wh_l_xVsTpjvykj4deyG-Oafcf8GISchI6L_8IYQ8LTyIl9Y3LVwIF3X0PVRmnRKYA1GuHP...
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPIlRODe9HlHc0ZbMYY-wh_l_xVsTpjvykj4deyG-Oafcf8GISchI6L_8IYQ8LTyIl9Y3LVwIF3X0PVRmnRKYA1GuHPtj-E-&google_hm=yOaUSwg2TeGF0kWq...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPIlRODe9HlHc0ZbMYY-wh_l_xVsTpjvykj4deyG-Oafcf8GISchI6L_8IYQ8LTyIl9Y3LVwIF3X0PVRmnRKYA1GuHPtj-E-&google_hm=yOaUSwg2TeGF0kWqUH3gxw

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPIlRODe9HlHc0ZbMYY-wh_l_xVsTpjvykj4deyG-Oafcf8GISchI6L_8IYQ8LTyIl9Y3LVwIF3X0PVRmnRKYA1GuHPtj-E-&google_hm=yOaUSwg2TeGF0kWqUH3gxw
pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
cache-control: no-cache
content-length: 0
request-time: 1
expires: -1

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 37FD 0
12 B 31ms
30ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LQxBHueiBvuHTWZI5tnN9MQYE_ytdc-kd4v-MMjLkjru2EZxbBreIQ6A8

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js Show response
pagead2.googlesyndication.com/bg/ Frame A827 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 19:36:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5744
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Jun 2022 19:36:31 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 41D2 6 KB
669 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=7&bdt=1008&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C324x250&nras=5&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=v7tt32mDQu&p=https%3A//all-news.co&dtd=59

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 23:53:13 GMT
server: ESF
date: Tue, 29 Jun 2021 00:22:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Jun 2021 00:22:11 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 41D2 1 KB
923 B 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 23:51:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:51:29 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame 41D2 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 23:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:23:21 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 41D2 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 00:20:09 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 41D2 125 KB
38 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:11 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Tue, 29 Jun 2021 00:22:11 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 41D2 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 23:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:49:26 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 41D2 0
0 14ms
13ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTFj0qpNvnqIog90hrKbTeBYjNdIm3T8S544Xc7y-kt-j_WrYJ6mMF5EqYP--WAS3REqqzYGlI-gZgO7HVGzotvzH-cqw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=7&bdt=1008&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C324x250&nras=5&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=v7tt32mDQu&p=https%3A//all-news.co&dtd=59
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 5be26e13f65761684aaaff0594247b1f.js Show response
www.gstatic.com/mysidia/ Frame 41D2 25 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5be26e13f65761684aaaff0594247b1f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e36f48120b748ca10f6efeb242a7cdbd118a72f0e40b3812a5f3dbe286de818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 10:15:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10687
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 02:45:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 26 Sep 2021 10:15:31 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/ Frame 0671 35 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3676681eb5c78cd81431f74868b5ea3e704aafa387927218fe20a90774ecbf7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 22 Jun 2021 10:52:44 GMT
expires: Wed, 22 Jun 2022 10:52:44 GMT
last-modified: Tue, 20 Apr 2021 20:54:04 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 5232
age: 566967
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame CFFB 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Co1gmsmfaYO-7DOq4lQeY-6PIDJ6d8oth0teK36cN29keEAEgzNPsggFglQKgAaKg7_MDyAEJqQIVxzF1SQG0PqgDAcgDSKoEpwFP0H7ud99j0ZmUAeyidWwy_keYFMKHKjVpnW9LWunYtD6lnMWA4X30fvlQ3t41Ie5W1J8AjxZCUcXuEajq1Mxkh-7sTVAT4RK6m2RjfYe0PQDGEg0Tau5PgfZLRRAxqklffjn_Otq7Dr1eT-PTodm2J_ml0s6FzzQ_zxyfyYnTk7h-EEweT4Uylf07pTC37LKAuWm1nCMSXTviDbrQ-EwOLX2uDXpq9MAEstqzyZECkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8bfkAyoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ0JEO0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTg0MzkwMjQ4NzczMzEwNDk&sigh=wfA1ApYJp6E&template_id=419

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=772987173&adf=3107455062&pi=t.aa~a.4180898312~rp.2&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=1&bdt=1007&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Qw8IjUValV&p=https%3A//all-news.co&dtd=50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 29 Jun 2021 00:22:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame CFFB 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=772987173&adf=3107455062&pi=t.aa~a.4180898312~rp.2&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=1&bdt=1007&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Qw8IjUValV&p=https%3A//all-news.co&dtd=50

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 23:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:23:21 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame CFFB 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 00:20:09 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CFFB 125 KB
38 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:11 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Tue, 29 Jun 2021 00:22:11 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame CFFB 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 23:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:49:26 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame CFFB 0
0 14ms
14ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWu6CfVnWOp9h0haYpfnCSKb7OQkUxtDMnvkx4ooWHQMP4AL_k-_dqJYaimHw4lkOU4ATvsFge8qqNkuG6HP_RZSuXOw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=772987173&adf=3107455062&pi=t.aa~a.4180898312~rp.2&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=1&bdt=1007&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250&nras=3&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=266&ady=1558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Qw8IjUValV&p=https%3A//all-news.co&dtd=50
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8357351099245830602/ Frame 41D2 16 KB
16 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8357351099245830602/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eabca5d25de6ec2cca6a07b1633383e6f0d4088b0fc753c815e7391a108704ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 11:01:21 GMT
x-content-type-options: nosniff
age: 480050
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16646
x-xss-protection: 0
last-modified: Tue, 01 Jun 2021 09:37:05 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 11:01:21 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4565393401225187397/ Frame 41D2 6 KB
6 KB 7ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4565393401225187397/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbffbd3df712147f9fdb77cc9c0e454448e301fec9c804d3f0b6b213492d6ab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 10:05:33 GMT
x-content-type-options: nosniff
age: 483398
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6482
x-xss-protection: 0
last-modified: Tue, 01 Jun 2021 09:36:47 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 10:05:33 GMT

GET
DATA 200
OK truncated
/ Frame 41D2 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 41D2 0
0 81ms
80ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8dSvsmfaYIP7DJKLlQfv1Li4BMz7h71jv8Gs_YAOmYnerM8lEAEgzNPsggFglQKgAdvcr8ACyAEJqQIEPk5l0AK0PqgDAcgDywSqBKcBT9B9yFwYF3KepfU24MRS6jDp0p0XUYAp6hH-OQK8Sw4agHlgV7svRKRiingKkKaM2_F5QdP0jwLSv2Ci5Vp7rbvyEWrqzAfbBFbvvyr4S_YVz4R1JmuRRV0PV-ygGk1yVpOY0YYDgwIi1WyIeC4-IUtwpYanfB5V4ZKTuFxlRRs16EOW0A0XtLWMXRanIGeDfNOXbAnURbKYb2YMAO6uKEEEVcOw4FPABKqEx4C6A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAesrp-lAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCP5QzSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItODQzOTAyNDg3NzMzMTA0OQ&sigh=8hVFZRqParo&template_id=484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=7&bdt=1008&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C324x250&nras=5&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=v7tt32mDQu&p=https%3A//all-news.co&dtd=59
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 29 Jun 2021 00:22:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/ Frame A09D 77 KB
19 KB 8ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/index.html

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7029bfe6913d713adc5334b57132f49395d08895fe6bc9666ba002c63a377966

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Wed, 23 Jun 2021 06:41:01 GMT
expires: Thu, 23 Jun 2022 06:41:01 GMT
last-modified: Tue, 20 Apr 2021 01:03:24 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 19028
age: 495670
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 89AF 0
0 151ms
150ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDuoXsmfaYLnWDLyU7_UPpcChqAmenfKLYfmp2tPBDdvZHhABIMzT7IIBYJUCoAGioO_zA8gBCakCBD5OZdACtD6oAwHIA0iqBKcBT9BhmW7yQSwfmw-6ml9RFMG9Nigr5vHVSfPp0zk_eb7DSRZi4f9JdcUtubZB3MYhhpe2ELBfiggzPHO1BzuXbA4UDS7aUeZyPX7eGco4KYtcHU-1muqVg-DB75_Zx9BKjacUfz3lNLml-LFz23mpSd35PqY-NXav_SFof1KRMXCzJvPu3tnUexPMADWq2RszZbrjRT0TWZIB_ett93G_40_7BZeH6dPABLLas8mRApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfG35AMqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEP-RBtIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi04NDM5MDI0ODc3MzMxMDQ5&sigh=Ptp6QimgQj4&template_id=419

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=2&bdt=1008&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=RVeMePlNKo&p=https%3A//all-news.co&dtd=55
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 29 Jun 2021 00:22:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame 89AF 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=2&bdt=1008&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=RVeMePlNKo&p=https%3A//all-news.co&dtd=55

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 23:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:23:21 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 89AF 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=2&bdt=1008&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=RVeMePlNKo&p=https%3A//all-news.co&dtd=55

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 00:20:09 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 89AF 125 KB
38 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=2&bdt=1008&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=RVeMePlNKo&p=https%3A//all-news.co&dtd=55

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:11 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Tue, 29 Jun 2021 00:22:11 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 89AF 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=2&bdt=1008&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=RVeMePlNKo&p=https%3A//all-news.co&dtd=55

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 23:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:49:26 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 89AF 0
0 15ms
14ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSOi_ajvma5y0UWcGOSfkoo3X2yku4SVGNuhzKBNYDWA2z5Kon4xFQp6y_jD7faJjBvacxt5awuGhKWeTitab1phqDpSA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=2&bdt=1008&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=RVeMePlNKo&p=https%3A//all-news.co&dtd=55
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 63A8 1 KB
749 B 6ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 28 Jun 2021 08:59:18 GMT
expires: Tue, 29 Jun 2021 08:59:18 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 55373
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 41D2 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b921066fab0d56c85d692d95d647fb371b93fd161a6bc54c0ffa516ed653f768

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CFFB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18825f3f63990887aef6458e5e7fa07ea025c117c53a269b1ef4514079d36317

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame CFFB 0
20 B 39ms
39ms Other
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO_cm8bJu_ECFWpc5QodmP0IyQ&gqi=smfaYLniC-Sjx_AP66u20AY&layout=/sadbundle/%24csp%253Der3%24/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 0671 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 29 Jun 2021 16:31:23 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0671 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 20:19:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 29 Jun 2021 20:19:58 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 0671 4 KB
643 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 23:49:56 GMT
server: ESF
date: Tue, 29 Jun 2021 00:22:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Jun 2021 00:22:11 GMT

GET
H3-29 200 bild.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/ Frame 0671 71 KB
71 KB 12ms
8ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/bild.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01db69cca8062a2c1def13f84d5a681ad07b5d046f5871d65856ef55ccf6973f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 517395
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72732
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 20:54:04 GMT
server: sffe
date: Wed, 23 Jun 2021 00:38:56 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 00:38:56 GMT

GET
H3-29 200 textbox.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/ Frame 0671 3 KB
2 KB 13ms
10ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/textbox.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7c16a2634176ae1011cf12236608a573a5bfa50685e2e2884cf2da48e22769

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 489003
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1592
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 20:54:04 GMT
server: sffe
date: Wed, 23 Jun 2021 08:32:08 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 08:32:08 GMT

GET
H3-29 200 einzelpreis.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/ Frame 0671 3 KB
1 KB 14ms
10ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/einzelpreis.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d4436dc6b96cb1da16005f77fd69a3fd05cad38ab283411cb2437a7dbcc9b8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 509876
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1243
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 20:54:04 GMT
server: sffe
date: Wed, 23 Jun 2021 02:44:15 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 02:44:15 GMT

GET
H3-29 200 logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/ Frame 0671 2 KB
1 KB 15ms
11ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/logo.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7033fd5df92bff5392cd7166aa9e02fbeb56cfdace1aef20f8ba4a04d5665bf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 548661
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1082
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 20:54:04 GMT
server: sffe
date: Tue, 22 Jun 2021 15:57:50 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 15:57:50 GMT

GET
H3-29 200 cta-icon.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/ Frame 0671 198 B
198 B 14ms
10ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/cta-icon.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6458a29ee3ece5dfe1f568c9fbc935bd85c076510162ef82f79a1c76cf456eb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 475405
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 20:54:04 GMT
server: sffe
date: Wed, 23 Jun 2021 12:18:46 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 12:18:46 GMT

GET
H3-29 200 cta-text.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/ Frame 0671 1 KB
775 B 15ms
11ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/images/cta-text.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15973527918607187500/Walbusch_Kent_Aktiv-AT-DE_mobile_300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07c0e56d3dab9ba01869922dc45a09928804d0ce6c4de08f6f2ff1c558ac8670

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 566911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
cross-origin-resource-policy: cross-origin
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 20:54:04 GMT
server: sffe
date: Tue, 22 Jun 2021 10:53:40 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 10:53:40 GMT

GET
DATA 200
OK truncated
/ Frame 89AF 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02a3c7dde92a1356f30d5ef6dbc2b804bb2c5f00853eaeabf37abc92c6b101f2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 89AF 0
20 B 40ms
40ms Other
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLn3m8bJu_ECFTzKuwgdJWAIlQ&gqi=smfaYOyTDIzvgQfCz7X4BQ&layout=/sadbundle/%24csp%253Der3%24/534895642919901748/Walbusch_TV-Banner_300x250/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=3517270334&adf=1310121897&pi=t.aa~a.2368139338~rp.4&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=2&bdt=1008&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250&nras=4&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2306&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=RVeMePlNKo&p=https%3A//all-news.co&dtd=55

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame ADBE 3 KB
578 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=2&bdt=1007&idt=2&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C324x250%2C1200x280&nras=6&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=Rt29vRcIUi&p=https%3A//all-news.co&dtd=63

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 23:53:19 GMT
server: ESF
date: Tue, 29 Jun 2021 00:22:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Jun 2021 00:22:11 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame A09D 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 16:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 29 Jun 2021 16:31:23 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A09D 26 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 20:19:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 29 Jun 2021 20:19:58 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame A09D 4 KB
643 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 23:55:02 GMT
server: ESF
date: Tue, 29 Jun 2021 00:22:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Jun 2021 00:22:11 GMT

GET
H3-29 200 bild_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/images/ Frame A09D 30 KB
30 KB 18ms
16ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/images/bild_1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e72826a8e96483432e7b075dd5f3280559ef6ba34b824b78c7446f590be3192

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 537839
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30887
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 01:03:24 GMT
server: sffe
date: Tue, 22 Jun 2021 18:58:12 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 18:58:12 GMT

GET
H3-29 200 bild_2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/images/ Frame A09D 19 KB
19 KB 18ms
16ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/images/bild_2.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e0af1f2b8e2a591b08c11fc9268a9cb0e38c94434dda039f6c160ce3057aec3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 495669
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19485
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 01:03:24 GMT
server: sffe
date: Wed, 23 Jun 2021 06:41:02 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 06:41:02 GMT

GET
H3-29 200 logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/images/ Frame A09D 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/images/logo.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7033fd5df92bff5392cd7166aa9e02fbeb56cfdace1aef20f8ba4a04d5665bf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 481103
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1082
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 01:03:24 GMT
server: sffe
date: Wed, 23 Jun 2021 10:43:48 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 10:43:48 GMT

GET
H3-29 200 cta-icon.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/images/ Frame A09D 198 B
198 B 19ms
18ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/images/cta-icon.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6458a29ee3ece5dfe1f568c9fbc935bd85c076510162ef82f79a1c76cf456eb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 429950
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 01:03:24 GMT
server: sffe
date: Thu, 24 Jun 2021 00:56:21 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jun 2022 00:56:21 GMT

GET
H3-29 200 cta-text.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/images/ Frame A09D 1 KB
774 B 18ms
17ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/images/cta-text.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/534895642919901748/Walbusch_TV-Banner_300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07c0e56d3dab9ba01869922dc45a09928804d0ce6c4de08f6f2ff1c558ac8670

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 474985
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 20 Apr 2021 01:03:24 GMT
server: sffe
date: Wed, 23 Jun 2021 12:25:46 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 12:25:46 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame ADBE 1 KB
923 B 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 23:51:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:51:29 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame ADBE 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 23:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:23:21 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame ADBE 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Jul 2021 00:20:09 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ADBE 125 KB
38 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:11 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624879993577808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38803
x-xss-protection: 0
expires: Tue, 29 Jun 2021 00:22:11 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame ADBE 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 23:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 23:49:26 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame ADBE 0
0 17ms
15ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQj0uCbK6A2MqErVIddeC9atiXvNYdKzpDCDW6oqx2TQ1sCgjfQEKsacEmJlDA3Fgx0mHxHX0PF5n4eAUqG7zRSqd8kLg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=2&bdt=1007&idt=2&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C324x250%2C1200x280&nras=6&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=Rt29vRcIUi&p=https%3A//all-news.co&dtd=63
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 5be26e13f65761684aaaff0594247b1f.js Show response
www.gstatic.com/mysidia/ Frame ADBE 25 KB
10 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5be26e13f65761684aaaff0594247b1f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e36f48120b748ca10f6efeb242a7cdbd118a72f0e40b3812a5f3dbe286de818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 28 Jun 2021 10:15:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10687
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 02:45:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 26 Sep 2021 10:15:31 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 0671 15 KB
15 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 16:31:16 GMT
x-content-type-options: nosniff
age: 546655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 16:31:16 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 0671 14 KB
14 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 13:09:35 GMT
x-content-type-options: nosniff
age: 472356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 13:09:35 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame ADBE 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUuCnsmfaYMSSDYfH7_UPq7io4A7ti6OVYbrGu_-YDdrv0uCyARABIMzT7IIBYJUCoAG3k4vqA8gBAakCFccxdUkBtD6oAwGqBKYBT9C3IRsoE0eQuSVR7a8Tr2jaPFJqf5yo4ZM2_A1fCujD1FhjofAevGUpiBmgxF_NvFxNo9d5pY3Mx6p51O36CLM0dMw3hw88OTKq6ctW583qi873VIqE2k9pVkYiW5N0KhObCpUbedneLAl-hH5RumSIEij4oVj8W9foCK7kRTCF4cnaz4xhvZ0qSASEWYh7mBvLqC_RIBQAKG4lOfmU1v6WHB9qMMAEwZqT4qsDkgUECAQYAZIFBAgFGASAB7Hs9BWoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ0OkD0ggJCIDhgBAQARgfgAoByAsB2BMNiBQC0BUBmBYBgBcBshcaChgIABIUcHViLTg0MzkwMjQ4NzczMzEwNDk&sigh=cVLYXNY4TRE&template_id=5001

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=2&bdt=1007&idt=2&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C324x250%2C1200x280&nras=6&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=Rt29vRcIUi&p=https%3A//all-news.co&dtd=63
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 29 Jun 2021 00:22:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 41D2 15 KB
15 KB 12ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 07:58:29 GMT
x-content-type-options: nosniff
age: 491022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 07:58:29 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 41D2 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 22:51:50 GMT
x-content-type-options: nosniff
age: 523821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 22:51:50 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11648550120073654654/ Frame ADBE 1 KB
1 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11648550120073654654/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf272b4a6e5f915c824d77657861df09558f76668210b940e245940b63dd9adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 10:51:52 GMT
x-content-type-options: nosniff
age: 480619
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1261
x-xss-protection: 0
last-modified: Mon, 25 Jan 2021 08:10:41 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 10:51:52 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 63A8
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLkCoS42FNE--SP8Wgs7tByEI0TDwX3jyqHDkh...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5wbnN3QUFBUEZJQkRzeA&google_push=AYg5qPLkCoS42FNE--SP8Wgs7tByEI0TDwX3jyqHDkh0TfcSqgA9XSSTld3IqBf6I8XMml8au96721FW9GLaoOPqS3tI1mSOgeg
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5wbnN3QUFBUEZJQkRzeA&google_push=AYg5qPLkCoS42FNE--SP8Wgs7tByEI0TDwX3jyqHDkh0TfcSqgA9XSSTld3IqBf6I8XMml8au96721FW9GLaoOPqS3tI1mSOge...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5wbnN3QUFBUEZJQkRzeA&google_push=AYg5qPLkCoS42FNE--SP8Wgs7tByEI0TDwX3jyqHDkh0TfcSqgA9XSSTld3IqBf6I8XMml8au96721FW9GLaoOPqS3tI1mSOgeg&google_tc=

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5wbnN3QUFBUEZJQkRzeA&google_push=AYg5qPLkCoS42FNE--SP8Wgs7tByEI0TDwX3jyqHDkh0TfcSqgA9XSSTld3IqBf6I8XMml8au96721FW9GLaoOPqS3tI1mSOgeg&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 418
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 466606.gif
id.rlcdn.com/ Frame 63A8 42 B
306 B 27ms
24ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLr-zgMKuTakwLHn-L_05DWOCQQFCVec4clhx0VwFfIrCdVI13_PVs-jr_mKoUDckkiLl73S71zYcijs0dRRoWBSp23DXo&google_gid=CAESEPQOl8TAImSaGZiBsjjHzYs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=7&bdt=1008&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C324x250&nras=5&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=v7tt32mDQu&p=https%3A//all-news.co&dtd=59
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 00:22:11 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 63A8 43 B
106 B 26ms
23ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEK7OEPUSWr4BAb6muHCiHHc&google_push=AYg5qPKta1y6N8C0laYrn9OgHLjaK9rhDJ_-Ev55cIhzG7LuhgkMca9fZriNnVVH7kAwAUjg26FJmtJrsPrpB4ykbdc4S7CPG-s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=280&adk=996822508&adf=622385935&pi=t.aa~a.2217755125~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=1200x280&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=7&bdt=1008&idt=-M&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C324x250&nras=5&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3542&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=v7tt32mDQu&p=https%3A//all-news.co&dtd=59
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 63A8
Redirect Chain

https://us-u.openx.net/w/1.0/pd?ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc&google_gid=CAESELVxOes9LfNSCfEtKJy-2hs&google_cver=1&google_push=AYg5qPIn72m3tx-y7NVtDabIU0YWrRIIppqSUvF2ft3WQkJUafqv6ei5cZOD...
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDdyejDvRyFsSBrpy53KYPo&google_cver=1

43 B
172 B

28ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDdyejDvRyFsSBrpy53KYPo&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.209.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
via: 1.1 google
server: OXGW/16.209.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDdyejDvRyFsSBrpy53KYPo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 63A8
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=24Y-JjFCQJuWb15wOSpjxw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=24Y-JjFCQJuWb15wOSpjxw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=24Y-JjFCQJuWb15wOSpjxw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKjQQR474mJkjhs4E0vFwEpM7a_RoQUAevOde6HTB0TYVB_LjjrD5wyRUd4sg4pDXy3Th4cw-DlOHZSWGw0BClaJmVTkyc&google_tc=

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=24Y-JjFCQJuWb15wOSpjxw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKjQQR474mJkjhs4E0vFwEpM7a_RoQUAevOde6HTB0TYVB_LjjrD5wyRUd4sg4pDXy3Th4cw-DlOHZSWGw0BClaJmVTkyc&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 650
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 63A8
Redirect Chain

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGcAnCbCuIXtydpDwIeUT0o&google_cver=1&google_push=AYg5qPJNnjUXrSYRoZFxJkPHR-w3yQ0H8HjeKeQ_vHTLPw0HBeQFzzH8CJu6vcSFoPCQCKgpGeeDvkeyTUVRD1OllnDGBdw...
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPJNnjUXrSYRoZFxJkPHR-w3yQ0H8HjeKeQ_vHTLPw0HBeQFzzH8CJu6vcSFoPCQCKgpGeeDvkeyTUVRD1OllnDGBdwWoC5_&google_hm=yOaUSwg2TeGF0kWq...
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPJNnjUXrSYRoZFxJkPHR-w3yQ0H8HjeKeQ_vHTLPw0HBeQFzzH8CJu6vcSFoPCQCKgpGeeDvkeyTUVRD1OllnDGBdwWoC5_&google_hm=yOaUSwg2TeGF0kWq...

170 B
188 B

32ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPJNnjUXrSYRoZFxJkPHR-w3yQ0H8HjeKeQ_vHTLPw0HBeQFzzH8CJu6vcSFoPCQCKgpGeeDvkeyTUVRD1OllnDGBdwWoC5_&google_hm=yOaUSwg2TeGF0kWqUH3gxw&google_tc=

Requested by

Host: all-news.co
URL: https://all-news.co/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPJNnjUXrSYRoZFxJkPHR-w3yQ0H8HjeKeQ_vHTLPw0HBeQFzzH8CJu6vcSFoPCQCKgpGeeDvkeyTUVRD1OllnDGBdwWoC5_&google_hm=yOaUSwg2TeGF0kWqUH3gxw&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 423
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 63A8 0
12 B 32ms
30ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JKmZXHFIN8LNLZNlpw47NXco1O5k3992t78usShPS7mKiFWT42hkvAaIjpVnPglQ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame A09D 15 KB
15 KB 26ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 18:46:29 GMT
x-content-type-options: nosniff
age: 538542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Jun 2022 18:46:29 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame ACA6 1 KB
788 B 6ms
5ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 28 Jun 2021 08:59:18 GMT
expires: Tue, 29 Jun 2021 08:59:18 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 55373
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame ADBE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afc7b3d4d912dbb3b1d369d53a1615113f16861c34b891be21cf476a3ac04d6a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js Show response
pagead2.googlesyndication.com/bg/ Frame D8EF 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 19:36:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5744
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Jun 2022 19:36:31 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C619 42 B
64 B 48ms
48ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhNb7C5SyB-A-9_RpOxQqH7RT1aY_KMwjuHcrrDuTPmppvbWN3N1FHWhooP4L7xWqemU3fNPwESJbRVSdGvMFYFezmUMWNwmn2mYKxduJY2FEFyG8VLOjDBL_VoA&sai=AMfl-YT9HYT7BIbbxQJApIFirsWGvxERjR7mPfxWsz1c2spWvv2OySvcxv5DzB4NgeMxTx1xUfXZ0-9tW1Gxw02e7H7xWr392_TY8Z8&sig=Cg0ArKJSzESgpMzO3UiAEAE&cid=CAASF-Ro0nixSBpwo-2eacJRMkZjQPn8qnTW&id=lidar2&mcvt=1044&p=56,586,234,1298&mtos=1044,1044,1044,1044,1044&tos=1044,0,0,0,0&v=20210628&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1170913138&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624926129851&dlt=471&rpt=102&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame ADBE 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 12:14:46 GMT
x-content-type-options: nosniff
age: 475645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 12:14:46 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame ADBE 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Jun 2021 08:25:33 GMT
x-content-type-options: nosniff
age: 489398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Jun 2022 08:25:33 GMT

GET
H3-29 200 mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js Show response
pagead2.googlesyndication.com/bg/ Frame 0671 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 19:36:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5744
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Jun 2022 19:36:31 GMT

GET
H3-29 200 mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js Show response
pagead2.googlesyndication.com/bg/ Frame A09D 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 19:36:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5744
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Jun 2022 19:36:31 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame ACA6
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPL-UxvkIb1GU8AGiDFBnOoGxEFGy68lHvjMpJH...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5wbnN3QUFBRUZoS0gyYw&google_push=AYg5qPL-UxvkIb1GU8AGiDFBnOoGxEFGy68lHvjMpJHhJ9FVtrn23GBswRp8O0IgOMdjQTdU8J3JNWVJzmzHaHEIj1F7PaJgv8...

170 B
188 B

59ms
58ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5wbnN3QUFBRUZoS0gyYw&google_push=AYg5qPL-UxvkIb1GU8AGiDFBnOoGxEFGy68lHvjMpJHhJ9FVtrn23GBswRp8O0IgOMdjQTdU8J3JNWVJzmzHaHEIj1F7PaJgv8cXdA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WU5wbnN3QUFBRUZoS0gyYw&google_push=AYg5qPL-UxvkIb1GU8AGiDFBnOoGxEFGy68lHvjMpJHhJ9FVtrn23GBswRp8O0IgOMdjQTdU8J3JNWVJzmzHaHEIj1F7PaJgv8cXdA
Date: Tue, 29 Jun 2021 00:22:11 GMT
Server: Apache
Connection: keep-alive
Content-Length: 393
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame ACA6 43 B
106 B 24ms
23ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEK7OEPUSWr4BAb6muHCiHHc&google_push=AYg5qPI-9aWX4rVyJUFuVniaPW95FPX1PBQKHbZLL3hdXsZN4TFI7yXqTyXJFXSyY3FMw3-xzp-CttVhK7verwPR2_qIj8zSmAOk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=2&bdt=1007&idt=2&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C324x250%2C1200x280&nras=6&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=Rt29vRcIUi&p=https%3A//all-news.co&dtd=63
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame ACA6
Redirect Chain

https://us-u.openx.net/w/1.0/pd?ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc&google_gid=CAESELVxOes9LfNSCfEtKJy-2hs&google_cver=1&google_push=AYg5qPJ15q7iyYqEYIbn2Gto1IaD-tlCPE50Ckz7rgkBqP8NZIKz2qFTGReW...
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDVmNTdhOWQtMGVmZS0yOWExLWM3OTctNmM5NjBlNTI0ZWI1

170 B
188 B

59ms
59ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDVmNTdhOWQtMGVmZS0yOWExLWM3OTctNmM5NjBlNTI0ZWI1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 29 Jun 2021 00:22:11 GMT
content-encoding: gzip
server: OXGW/16.209.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDVmNTdhOWQtMGVmZS0yOWExLWM3OTctNmM5NjBlNTI0ZWI1
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame ACA6
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TPBIeYb_Sxe9S69phErSFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

40ms
32ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TPBIeYb_Sxe9S69phErSFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLzMnYlP472KxDVD373obhawX4j_WhDEKUhJEiMXjq3PLxAxZppIlSJpmury9jhKMhajiceXceATp0tEvLrT1cOeB0kYIY_OA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TPBIeYb_Sxe9S69phErSFQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLzMnYlP472KxDVD373obhawX4j_WhDEKUhJEiMXjq3PLxAxZppIlSJpmury9jhKMhajiceXceATp0tEvLrT1cOeB0kYIY_OA
date: Tue, 29 Jun 2021 00:22:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame ACA6
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&google_gid=CAESEA_g1QvOurZARDdvNEprZck&google_cver=1&google_push=AYg5qPJDeV8U7RMm7vj6FqwG6MfoX4KXI4XXnn5Gp11GjR4eg-LXtjKiGLL85rkxoInXbtCnjgQ_pCu...
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

170 B
188 B

43ms
43ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK cma
dsum-sec.casalemedia.com/ Frame ACA6 43 B
315 B 31ms
29ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/cma?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_10}&google_gid=CAESEBdBZTf4eO80rBBw9-NpxK4&google_cver=1&google_push=AYg5qPL6VpzuQLwsvvxqiC8Eum-jq5IZmeKYLGR21akWOHTkC5VXKzht-SBSJ4fVPRO00rDJxF6qeeh9TQIupEFJKZQqtFxU9WmydQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8439024877331049&output=html&h=250&adk=2875784320&adf=41863951&pi=t.aa~a.3562882610~rp.1&w=324&fwrn=4&fwrnh=100&lmt=1624926130&rafmt=1&to=qs&pwprc=3183826420&psa=0&format=324x250&url=https%3A%2F%2Fall-news.co%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1624926130131&bpp=2&bdt=1007&idt=2&shv=r20210624&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ef8270dee3a904e-22084ab442c900ef%3AT%3D1624926129%3ART%3D1624926129%3AS%3DALNI_Mar0j330UL4YJSZMTsM-wywzegxzQ&prev_fmts=0x0%2C712x178%2C324x250%2C324x250%2C324x250%2C1200x280&nras=6&correlator=3077665818520&frm=20&pv=1&ga_vid=63778348.1624926130&ga_sid=1624926130&ga_hid=735618377&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=3842&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=238469450479566&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=Rt29vRcIUi&p=https%3A//all-news.co&dtd=63
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Jun 2021 00:22:11 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 29 Jun 2021 00:22:11 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame ACA6
Redirect Chain

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGcAnCbCuIXtydpDwIeUT0o&google_cver=1&google_push=AYg5qPLR1gn0Nuc9NEeQMFKWUklYgAmbOWEwaPgXO4_WmBhD97empnT_hs01S6vk8aSoOGpdIeE5JbXbpnnU_s5laMGoOiW...
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLR1gn0Nuc9NEeQMFKWUklYgAmbOWEwaPgXO4_WmBhD97empnT_hs01S6vk8aSoOGpdIeE5JbXbpnnU_s5laMGoOiWfCRKvDg&google_hm=yOaUSwg2TeGF0k...

170 B
188 B

60ms
59ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLR1gn0Nuc9NEeQMFKWUklYgAmbOWEwaPgXO4_WmBhD97empnT_hs01S6vk8aSoOGpdIeE5JbXbpnnU_s5laMGoOiWfCRKvDg&google_hm=yOaUSwg2TeGF0kWqUH3gxw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLR1gn0Nuc9NEeQMFKWUklYgAmbOWEwaPgXO4_WmBhD97empnT_hs01S6vk8aSoOGpdIeE5JbXbpnnU_s5laMGoOiWfCRKvDg&google_hm=yOaUSwg2TeGF0kWqUH3gxw
pragma: no-cache
date: Tue, 29 Jun 2021 00:22:11 GMT
cache-control: no-cache
content-length: 0
request-time: 1
expires: -1

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame ACA6 0
12 B 32ms
30ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I4pbnylzX29-cFLm8wYVOGLQTTSRijSWhCr49o9l1uD_VrsXrO-Mf5MWU_VQeDEg8fOzPk

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210624&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02c822b49c689f2b9e1ffd4aa0393ad90bed0a8f0d2c0d1d8725b097cc9c6061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Jun 2021 00:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8022
x-xss-protection: 0

GET
H2 200 3855-miami-dolphins-week-in-review-324x400.jpg
all-news.co/wp-content/uploads/2021/06/ 33 KB
34 KB 20ms
19ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3855-miami-dolphins-week-in-review-324x400.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e3ff7fefe99d85f8d194365592546d984547221dce2ece361e7ba51f75f2fa5

Request headers

:path: /wp-content/uploads/2021/06/3855-miami-dolphins-week-in-review-324x400.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 34154
cf-request-id: 0af6be2e9500004e9de13d9000000001
last-modified: Mon, 28 Jun 2021 19:26:25 GMT
server: cloudflare
etag: "856a-5c5d8771fbf72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bwDFN85ZfhM4lm5COVHF3Irym044HfVVi8KdEAaVsk79vCmEHep%2BW5apWGCU%2FFTa5arwO6a%2FRpKJbw0kXAsKR4t69ADXZNsHlvW9DM5rfgjzmGkii7xhEaWFa5zQGc2Z1Yr6iXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc42dcb4e9d-FRA

GET
H2 200 3853-everton-make-big-offer-for-keeper-after-furious-man-utd-bust-up-324x400.jpg
all-news.co/wp-content/uploads/2021/06/ 21 KB
21 KB 18ms
17ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3853-everton-make-big-offer-for-keeper-after-furious-man-utd-bust-up-324x400.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fad5cef56a6706345fe200a869cc3116f309380b342fadd5a74b9ded8b9b45f

Request headers

:path: /wp-content/uploads/2021/06/3853-everton-make-big-offer-for-keeper-after-furious-man-utd-bust-up-324x400.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 21173
cf-request-id: 0af6be2e9500004e9db5a65000000001
last-modified: Mon, 28 Jun 2021 16:24:36 GMT
server: cloudflare
etag: "52b5-5c5d5ece195b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=X6y5769qklngjWAcSdNCUetjJfEM4ZBfZKmU0Q9xG5wH9Iky9Uj9KsaQbWyXypZ6JeMzKrdM%2F0hkNvfMva%2BV7YYVGCgxUO1vrP%2BRBRZeFBZUCeKEOUSwBLqYS%2FhF5mVLsJ135SM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc42dce4e9d-FRA

GET
H2 200 3847-new-york-jets-qb-zach-wilson-fitting-in-during-offseason-workouts-324x400.jpg
all-news.co/wp-content/uploads/2021/06/ 22 KB
22 KB 18ms
17ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3847-new-york-jets-qb-zach-wilson-fitting-in-during-offseason-workouts-324x400.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 501fc14617f2939c8103346e3ad90c489002d4af1c02be88d2d6f7bd9d118b78

Request headers

:path: /wp-content/uploads/2021/06/3847-new-york-jets-qb-zach-wilson-fitting-in-during-offseason-workouts-324x400.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 22116
cf-request-id: 0af6be2e9500004e9dc6acf000000001
last-modified: Sun, 27 Jun 2021 18:25:51 GMT
server: cloudflare
etag: "5664-5c5c380a418f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VSEI6qNkfy3D%2BAGG%2FKrprrTsZBWt8kN6s%2F0F1TA5gcvlAHEDYvUbClfckInBj0UW2lGGjLeUuTOM19tHf7r0srtVGrPsqDINifZhoAoqEXeVlqxBEQs4lKEyrfR5JT%2FJalKcf4c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc42dcf4e9d-FRA

GET
H2 200 3845-ronaldo-the-ego-freakish-goat-on-a-quest-for-perfection-324x400.jpg
all-news.co/wp-content/uploads/2021/06/ 25 KB
25 KB 16ms
16ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3845-ronaldo-the-ego-freakish-goat-on-a-quest-for-perfection-324x400.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5023dd75939effafcb6cf33edb6a207f6ab3cf0cbea817dfc31728a2c385843c

Request headers

:path: /wp-content/uploads/2021/06/3845-ronaldo-the-ego-freakish-goat-on-a-quest-for-perfection-324x400.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1125
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 25659
cf-request-id: 0af6be2e9600004e9dde822000000001
last-modified: Sun, 27 Jun 2021 11:24:40 GMT
server: cloudflare
etag: "643b-5c5bd9e6b0076"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Np3qZ%2Bddv4VpV3Sd6yIaKPwxgQRr0q9vLkjxMclfmHWxCzS8ZGUSX9hnUvMoQG8%2FJ9rv04nNcypVNNXQXQTgou6JYeBTihrCUGkgXwWjHPFa84pgGZ3Ex1vwedaNXaW7CSb5vu8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc42dd04e9d-FRA

GET
H2 200 3857-the-lush-cinematic-soundscapes-of-pom-pom-squads-death-of-a-cheerleader-696x392.com-698378
all-news.co/wp-content/uploads/2021/06/ 38 KB
38 KB 37ms
36ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3857-the-lush-cinematic-soundscapes-of-pom-pom-squads-death-of-a-cheerleader-696x392.com-698378
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d57234aadc61c3d3e48f62e2b50c0e5cd4b61e853f98de094786a2a51a98890e

Request headers

:path: /wp-content/uploads/2021/06/3857-the-lush-cinematic-soundscapes-of-pom-pom-squads-death-of-a-cheerleader-696x392.com-698378
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:11 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Jun 2021 22:24:41 GMT
server: cloudflare
etag: "9637-5c5daf4a866fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=f3ij2Dpv1HrZqrRoENsj%2BPFJ0jKbjoBe%2BN1COSJoPYEl3hyAcT71wzZYkuCkU83iPZjbU0wiUw1i7L%2F6KZ4%2F3j0pjy3YDYNcii%2FdvhPigPMv%2FgY78gqOPdt6sRLLxwD0pi5Te2A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 666affc42dd14e9d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38455
cf-request-id: 0af6be2e9600004e9dd799e000000001

POST
H2 200 v2lfhTkPY_JKqj8zojctRDtoZJnlUE2PEcx09i44DlCuoxzEq-kRHrYSepb_r_QX7SrIhC8DvoXsTZsgWf5jFsTHVf8J1aCTmzjry3bLRPMxUqTT01McNZvWBHZbwTEJsYvhscaMfESbX Show response
steadfastsystem.com/ 216 B
295 B 29ms
28ms Fetch
application/json 35.190.90.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://steadfastsystem.com/v2lfhTkPY_JKqj8zojctRDtoZJnlUE2PEcx09i44DlCuoxzEq-kRHrYSepb_r_QX7SrIhC8DvoXsTZsgWf5jFsTHVf8J1aCTmzjry3bLRPMxUqTT01McNZvWBHZbwTEJsYvhscaMfESbX

Requested by

Host: steadfastsystem.com
URL: https://steadfastsystem.com/v2cncWsqZKWNNXvjs5EPxS-5LVw5tJf8bN0T8GWN8WGlUFDNEym8oRg3f3vG8NsRNJ538yy7xcY6kKZysn85qFJ5Kzl_ro8aTfBX74iLrDF6__joFOK_O992Ee-jR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.90.202 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

202.90.190.35.bc.googleusercontent.com

Software

Resource Hash

708a254d78d7aece1ab991115c37a89a4e85a499f87444a02b9e5ab8c97984a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 29 Jun 2021 00:22:11 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://all-news.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: ea392c14
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Tue, 29 Jun 2021 00:22:10 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 29 Jun 2021 00:22:11 GMT

GET
H3-29 200 3855-miami-dolphins-week-in-review-324x400.jpg
all-news.co/wp-content/uploads/2021/06/ 33 KB
34 KB 56ms
16ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3855-miami-dolphins-week-in-review-324x400.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e3ff7fefe99d85f8d194365592546d984547221dce2ece361e7ba51f75f2fa5

Request headers

:path: /wp-content/uploads/2021/06/3855-miami-dolphins-week-in-review-324x400.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 34154
cf-request-id: 0af6be2f150000d6ddf5a55000000001
last-modified: Mon, 28 Jun 2021 19:26:25 GMT
server: cloudflare
etag: "856a-5c5d8771fbf72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=G95QCTVTe553LPdxcNg%2Bbgq2dAHajBeQcmJCQ3fb4Zh%2F7oEs0dsBdVVkjREjUYEzjsCEwTid1BdYrYpb8VAjI4yMZdaaP5kfRQmOIRRFMWHxtDdY6efTEJXY78STS4fYN7EV63g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc4ec11d6dd-FRA

GET
H3-29 200 3857-the-lush-cinematic-soundscapes-of-pom-pom-squads-death-of-a-cheerleader-696x392.com-698378
all-news.co/wp-content/uploads/2021/06/ 38 KB
38 KB 60ms
50ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3857-the-lush-cinematic-soundscapes-of-pom-pom-squads-death-of-a-cheerleader-696x392.com-698378
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d57234aadc61c3d3e48f62e2b50c0e5cd4b61e853f98de094786a2a51a98890e

Request headers

:path: /wp-content/uploads/2021/06/3857-the-lush-cinematic-soundscapes-of-pom-pom-squads-death-of-a-cheerleader-696x392.com-698378
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Jun 2021 22:24:41 GMT
server: cloudflare
etag: "9637-5c5daf4a866fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8UHYZ8BeylvdCFa5HGgZ9L5rFD1hCaI0Z7zwzRrApIPLwTAjuttsgyLnpaVRxvEsnT9ct%2F6B1mHlUD1R%2BmhmYUT%2FcQPeX99RiA0ovrT%2FWp9vDikizLjfKG97s4zaexnf1QbLjTc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 666affc4fc14d6dd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38455
cf-request-id: 0af6be2f180000d6dd9a293000000001

GET
H3-29 200 3853-everton-make-big-offer-for-keeper-after-furious-man-utd-bust-up-324x400.jpg
all-news.co/wp-content/uploads/2021/06/ 21 KB
21 KB 21ms
15ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3853-everton-make-big-offer-for-keeper-after-furious-man-utd-bust-up-324x400.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fad5cef56a6706345fe200a869cc3116f309380b342fadd5a74b9ded8b9b45f

Request headers

:path: /wp-content/uploads/2021/06/3853-everton-make-big-offer-for-keeper-after-furious-man-utd-bust-up-324x400.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1127
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 21173
cf-request-id: 0af6be2fc20000d6dda8bc5000000001
last-modified: Mon, 28 Jun 2021 16:24:36 GMT
server: cloudflare
etag: "52b5-5c5d5ece195b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JmFCX3iHmNCsWpG28a8IYTHbMA1Xw9g9OG5RrxQ%2Bs6IRB5YCQeamTRkqkzuDqLoDQMOUciY9wCwg6r6rGkRaZqQ4SAijNdxFlKLCfBg6SO%2B3gjamX%2FJVpKXdTWJf1eS7YWieHDg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc60ce6d6dd-FRA

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6501 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 28 Jun 2021 21:01:07 GMT
expires: Tue, 28 Jun 2022 21:01:07 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12065
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3FF5 783 B
764 B 15ms
14ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

830001bd62bfe2defbd24faa394d3a03a7d26d094edf2f6ec96cc6cfd52a287e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NlcEZwr26Nih/4aOoiNWLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://all-news.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://all-news.co/

Response headers

expires: Tue, 29 Jun 2021 00:22:12 GMT
date: Tue, 29 Jun 2021 00:22:12 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-NlcEZwr26Nih/4aOoiNWLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 3847-new-york-jets-qb-zach-wilson-fitting-in-during-offseason-workouts-324x400.jpg
all-news.co/wp-content/uploads/2021/06/ 22 KB
22 KB 13ms
12ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3847-new-york-jets-qb-zach-wilson-fitting-in-during-offseason-workouts-324x400.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 501fc14617f2939c8103346e3ad90c489002d4af1c02be88d2d6f7bd9d118b78

Request headers

:path: /wp-content/uploads/2021/06/3847-new-york-jets-qb-zach-wilson-fitting-in-during-offseason-workouts-324x400.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1127
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 22116
cf-request-id: 0af6be2fda0000d6ddab130000000001
last-modified: Sun, 27 Jun 2021 18:25:51 GMT
server: cloudflare
etag: "5664-5c5c380a418f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=itkoA0dLtAzlDdc%2B%2B4EHyKDJfs3UJJ1aDcH1VwHSJFQs2783fsOPmhzc9L92UCGNgUkMmlOpgRyqfwfaQAtaL753Iw95%2FnrOti6w6%2FW3Z0d731r6GAcjNpJkcg1%2F1xfWvuqX04U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc62d04d6dd-FRA

GET
H3-29 200 3845-ronaldo-the-ego-freakish-goat-on-a-quest-for-perfection-324x400.jpg
all-news.co/wp-content/uploads/2021/06/ 25 KB
26 KB 13ms
12ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3845-ronaldo-the-ego-freakish-goat-on-a-quest-for-perfection-324x400.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5023dd75939effafcb6cf33edb6a207f6ab3cf0cbea817dfc31728a2c385843c

Request headers

:path: /wp-content/uploads/2021/06/3845-ronaldo-the-ego-freakish-goat-on-a-quest-for-perfection-324x400.jpg
pragma: no-cache
cookie: _awl=2.1624926131.0.4-70dce404-a59f56885975a3d203a2a60c0b28309d-6763652d6575726f70652d7765737431-60da67b3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 25659
cf-request-id: 0af6be2fec0000d6dddc095000000001
last-modified: Sun, 27 Jun 2021 11:24:40 GMT
server: cloudflare
etag: "643b-5c5bd9e6b0076"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dyQOe%2BrFgzQVpGDXJCtBiKewpdoG9ASGBr23WDx6BmLdkoUdcpnIb8%2FfgergxlKfrAHxnpHm95aYaAmIByQFgvm43PU9L7M3kpMlJJfPU15tKNoAzhJ0H61T2b%2BPhGSWZobjGpY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc64d21d6dd-FRA

GET
H3-29 200 3857-the-lush-cinematic-soundscapes-of-pom-pom-squads-death-of-a-cheerleader-696x392.com-698378
all-news.co/wp-content/uploads/2021/06/ 38 KB
38 KB 29ms
29ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3857-the-lush-cinematic-soundscapes-of-pom-pom-squads-death-of-a-cheerleader-696x392.com-698378
Requested by: Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d57234aadc61c3d3e48f62e2b50c0e5cd4b61e853f98de094786a2a51a98890e

Request headers

:path: /wp-content/uploads/2021/06/3857-the-lush-cinematic-soundscapes-of-pom-pom-squads-death-of-a-cheerleader-696x392.com-698378
pragma: no-cache
cookie: _awl=2.1624926131.0.4-70dce404-a59f56885975a3d203a2a60c0b28309d-6763652d6575726f70652d7765737431-60da67b3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Jun 2021 22:24:41 GMT
server: cloudflare
etag: "9637-5c5daf4a866fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Pe63%2FO57fVTutqxxuwDeZs5QgNEbNW7zSMIfwAmsnYX1uIVPmh6U4%2Bg%2B5yST1VNZqXqZzW%2FLgycQObFZBDsARg44GDtWR%2FdOCS%2BG0xGxbKkAApRzK%2B9sp9tr65fRy3e9IEgVXcc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 666affc66d3ad6dd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38455
cf-request-id: 0af6be2ffe0000d6ddf298d000000001

GET
H3-29 200 3855-miami-dolphins-week-in-review-696x493.jpg
all-news.co/wp-content/uploads/2021/06/ 67 KB
67 KB 13ms
12ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3855-miami-dolphins-week-in-review-696x493.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33155ea66b1a475f177a7de9f07f25130d293df2fef5474397b9767292a7e2fa

Request headers

:path: /wp-content/uploads/2021/06/3855-miami-dolphins-week-in-review-696x493.jpg
pragma: no-cache
cookie: _awl=2.1624926131.0.4-70dce404-a59f56885975a3d203a2a60c0b28309d-6763652d6575726f70652d7765737431-60da67b3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 68274
cf-request-id: 0af6be30170000d6dded00d000000001
last-modified: Mon, 28 Jun 2021 19:26:25 GMT
server: cloudflare
etag: "10ab2-5c5d87721aba3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Cb0568Qnj4UgQLd1sOXANKCfeDLAlVCji%2FPINyH4cQm7O%2FA8F26V%2FopvfttKghQhHzUSVERU%2B1Hn7EVX2AJoo8W1E34d%2B1PnKjQ3p%2BgUijrmX7nqcXaBzUUL%2F7HVyqou9%2B5TklA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc68d59d6dd-FRA

GET
H3-29 200 3853-everton-make-big-offer-for-keeper-after-furious-man-utd-bust-up-696x365.jpg
all-news.co/wp-content/uploads/2021/06/ 34 KB
35 KB 21ms
20ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3853-everton-make-big-offer-for-keeper-after-furious-man-utd-bust-up-696x365.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 206884f90030b635e6e8a55c891a689d97a1a5a370489e255259e33dd1f31a26

Request headers

:path: /wp-content/uploads/2021/06/3853-everton-make-big-offer-for-keeper-after-furious-man-utd-bust-up-696x365.jpg
pragma: no-cache
cookie: _awl=2.1624926131.0.4-70dce404-a59f56885975a3d203a2a60c0b28309d-6763652d6575726f70652d7765737431-60da67b3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35178
cf-request-id: 0af6be30290000d6ddbb2d3000000001
last-modified: Mon, 28 Jun 2021 16:24:36 GMT
server: cloudflare
etag: "896a-5c5d5ece31c56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FaILAgqwoUYPTkuHZ5uNqsO%2BLxTz%2Bk7bHUHzMr%2F3UyISY6fiVfyDBWpF28x1wITANqxUdL1u0LfpDRCziBLX00IAZnSJOHikuWh9YrGUA5EvxgseuyIop2nD8tvhzVTuwXR%2BnUM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc6ad73d6dd-FRA

GET
H3-29 200 3851-modi-govt-decides-to-give-one-year-extension-to-venugopal-as-a-g.jpg
all-news.co/wp-content/uploads/2021/06/ 47 KB
47 KB 14ms
13ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3851-modi-govt-decides-to-give-one-year-extension-to-venugopal-as-a-g.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a84343496d30d05e57f7c3126bdd6d18c8ac08e2d41e48a4f20a304fac1ce73

Request headers

:path: /wp-content/uploads/2021/06/3851-modi-govt-decides-to-give-one-year-extension-to-venugopal-as-a-g.jpg
pragma: no-cache
cookie: _awl=2.1624926131.0.4-70dce404-a59f56885975a3d203a2a60c0b28309d-6763652d6575726f70652d7765737431-60da67b3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 47784
cf-request-id: 0af6be303e0000d6dd959ec000000001
last-modified: Mon, 28 Jun 2021 14:24:37 GMT
server: cloudflare
etag: "baa8-5c5d43fd0c4ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Y38%2ByyWkf%2BXoDQuTBoUANxkuDPQ46%2BI1Jrdre5KVNZzInDr4pWKR%2BirOI6%2FHuGiR0yLrxbsAWyQM6kQL03QspVCfOvrBnpILwgW%2FVgjnO%2Fnmf97KOMKQPWLocaqIYytmcpQLUVI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc6cd97d6dd-FRA

GET
H3-29 200 3857-the-lush-cinematic-soundscapes-of-pom-pom-squads-death-of-a-cheerleader-485x360.com-698378
all-news.co/wp-content/uploads/2021/06/ 26 KB
27 KB 44ms
44ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3857-the-lush-cinematic-soundscapes-of-pom-pom-squads-death-of-a-cheerleader-485x360.com-698378
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aede3cc959efff8f7ad1af6057db8748cd96bfe2bf0fdb8feba5e82184c7914

Request headers

:path: /wp-content/uploads/2021/06/3857-the-lush-cinematic-soundscapes-of-pom-pom-squads-death-of-a-cheerleader-485x360.com-698378
pragma: no-cache
cookie: _awl=2.1624926131.0.4-70dce404-a59f56885975a3d203a2a60c0b28309d-6763652d6575726f70652d7765737431-60da67b3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Jun 2021 22:24:41 GMT
server: cloudflare
etag: "67db-5c5daf4a74202"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=M8E1JVmpE2DHPOnvi3dO6PZYqBzAu4T7bS5kQoGQBNHrPMupT2jF%2B2kXCDzFGVk2dm72iB0OYQe%2FUfqtd%2FXq885y92Z9kWg1MwiA%2Fm4YisXBUyCovMx%2BjX0eJD1x7XStztkhtMI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 666affc6edaed6dd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 26587
cf-request-id: 0af6be304d0000d6dd8bb67000000001

GET
H3-29 200 3855-miami-dolphins-week-in-review-218x150.jpg
all-news.co/wp-content/uploads/2021/06/ 11 KB
12 KB 12ms
12ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3855-miami-dolphins-week-in-review-218x150.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f649197849061132450b90acfab52a27f60c05bc55ce2d997f90fcfadf2b9c1a

Request headers

:path: /wp-content/uploads/2021/06/3855-miami-dolphins-week-in-review-218x150.jpg
pragma: no-cache
cookie: _awl=2.1624926131.0.4-70dce404-a59f56885975a3d203a2a60c0b28309d-6763652d6575726f70652d7765737431-60da67b3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6795
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11219
cf-request-id: 0af6be30640000d6dd8bb68000000001
last-modified: Mon, 28 Jun 2021 19:26:25 GMT
server: cloudflare
etag: "2bd3-5c5d8771f2b01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=m9S%2BTvYgjl3GFbH4EaNUX%2BknjDzsx4R27MMUS5QUgsGJROML4D0B%2FjCjf26DyS7J%2BuVPDzNxO93bmc3zkzvELk4NHTJMan9ESviTvDxJHgIE7wUGemiJ4iTz1kCigSeGWKVM06A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc70dd7d6dd-FRA

GET
H3-29 200 3857-the-lush-cinematic-soundscapes-of-pom-pom-squads-death-of-a-cheerleader-696x392.com-698378
all-news.co/wp-content/uploads/2021/06/ 38 KB
38 KB 51ms
50ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3857-the-lush-cinematic-soundscapes-of-pom-pom-squads-death-of-a-cheerleader-696x392.com-698378
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d57234aadc61c3d3e48f62e2b50c0e5cd4b61e853f98de094786a2a51a98890e

Request headers

:path: /wp-content/uploads/2021/06/3857-the-lush-cinematic-soundscapes-of-pom-pom-squads-death-of-a-cheerleader-696x392.com-698378
pragma: no-cache
cookie: _awl=2.1624926131.0.4-70dce404-a59f56885975a3d203a2a60c0b28309d-6763652d6575726f70652d7765737431-60da67b3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Jun 2021 22:24:41 GMT
server: cloudflare
etag: "9637-5c5daf4a866fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FXZYI1JxyRw2W47pfPUbGG0%2B2E%2Fpbbg%2FEBovwu7HdSnEuuLI6%2BylFmJ2I2cyL2OgCYqxqOiCJaVzQ9%2B2hD65k%2Fj%2Fcg4jQupuyPkDsXpolHRaOhiBM%2BOMDh%2FmIuS0XQWohwhM%2Fys%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 666affc70ddad6dd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38455
cf-request-id: 0af6be30680000d6ddee151000000001

GET
H3-29 200 3855-miami-dolphins-week-in-review-696x493.jpg
all-news.co/wp-content/uploads/2021/06/ 67 KB
67 KB 14ms
13ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3855-miami-dolphins-week-in-review-696x493.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33155ea66b1a475f177a7de9f07f25130d293df2fef5474397b9767292a7e2fa

Request headers

:path: /wp-content/uploads/2021/06/3855-miami-dolphins-week-in-review-696x493.jpg
pragma: no-cache
cookie: _awl=2.1624926131.0.4-70dce404-a59f56885975a3d203a2a60c0b28309d-6763652d6575726f70652d7765737431-60da67b3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 68274
cf-request-id: 0af6be307c0000d6dddc09c000000001
last-modified: Mon, 28 Jun 2021 19:26:25 GMT
server: cloudflare
etag: "10ab2-5c5d87721aba3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lgmgiJ2TXdy0QhxidBK4VjgXARafIg7aqigigyK5%2F1BNKCl1rKlAhnZH9taqC5h4UKlWe1n%2FOtLZO3m7xFavf1HvImS4Fiw66PMykkHjHzBg%2BVUepbWzDEa5DCCPii8n2qATrvk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc72df6d6dd-FRA

GET
H3-29 200 3855-miami-dolphins-week-in-review-324x400.jpg
all-news.co/wp-content/uploads/2021/06/ 33 KB
34 KB 15ms
15ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3855-miami-dolphins-week-in-review-324x400.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e3ff7fefe99d85f8d194365592546d984547221dce2ece361e7ba51f75f2fa5

Request headers

:path: /wp-content/uploads/2021/06/3855-miami-dolphins-week-in-review-324x400.jpg
pragma: no-cache
cookie: _awl=2.1624926131.0.4-70dce404-a59f56885975a3d203a2a60c0b28309d-6763652d6575726f70652d7765737431-60da67b3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1127
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 34154
cf-request-id: 0af6be307f0000d6ddb01bd000000001
last-modified: Mon, 28 Jun 2021 19:26:25 GMT
server: cloudflare
etag: "856a-5c5d8771fbf72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2Fvhaf1KI4sewGzRV%2FwFy6rnFKsk9QxpiU9pmakuSrv%2BpD070AjpOZ0iTlzBAQZslnh46SdkDsyUIs9ljQbUzhNf43OXKwQu3w%2Bg%2BP9oQHg5h0wLG7GAJWkAEG4ndI714JePFImY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc73df8d6dd-FRA

GET
H3-29 200 3853-everton-make-big-offer-for-keeper-after-furious-man-utd-bust-up-324x400.jpg
all-news.co/wp-content/uploads/2021/06/ 21 KB
21 KB 14ms
14ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3853-everton-make-big-offer-for-keeper-after-furious-man-utd-bust-up-324x400.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fad5cef56a6706345fe200a869cc3116f309380b342fadd5a74b9ded8b9b45f

Request headers

:path: /wp-content/uploads/2021/06/3853-everton-make-big-offer-for-keeper-after-furious-man-utd-bust-up-324x400.jpg
pragma: no-cache
cookie: _awl=2.1624926131.0.4-70dce404-a59f56885975a3d203a2a60c0b28309d-6763652d6575726f70652d7765737431-60da67b3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1127
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 21173
cf-request-id: 0af6be30800000d6ddfd052000000001
last-modified: Mon, 28 Jun 2021 16:24:36 GMT
server: cloudflare
etag: "52b5-5c5d5ece195b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Fd6JUyugxcEplg7U2Ys4h6TNkHxo1xRYGnuqGiPhzoRiMGMPL0q%2BmB210q4aMpWkYlcZdhApCn7bn1d4VI%2F87%2BpJhMQZ9TuUB3QjnECPWKMB8bKVFOa1ZmzcwoNDHRV7Q2Wq7oI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc73dfad6dd-FRA

GET
H3-29 200 3847-new-york-jets-qb-zach-wilson-fitting-in-during-offseason-workouts-324x400.jpg
all-news.co/wp-content/uploads/2021/06/ 22 KB
22 KB 14ms
14ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3847-new-york-jets-qb-zach-wilson-fitting-in-during-offseason-workouts-324x400.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 501fc14617f2939c8103346e3ad90c489002d4af1c02be88d2d6f7bd9d118b78

Request headers

:path: /wp-content/uploads/2021/06/3847-new-york-jets-qb-zach-wilson-fitting-in-during-offseason-workouts-324x400.jpg
pragma: no-cache
cookie: _awl=2.1624926131.0.4-70dce404-a59f56885975a3d203a2a60c0b28309d-6763652d6575726f70652d7765737431-60da67b3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1127
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 22116
cf-request-id: 0af6be30820000d6dd9f92b000000001
last-modified: Sun, 27 Jun 2021 18:25:51 GMT
server: cloudflare
etag: "5664-5c5c380a418f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HcYI1keRvJM0L1kCxuxSj9nG6rL0B5aiEPxEbDj3HPW4Pf0WvrLKKNepri%2FQ6Q8WrAlvDM6bjjpQ%2BWDmJuos0O1dWvWj5hNY9GZ7tOPPnUPumxxV6BTxFmFKlF8bTsdLPPJ%2FfrI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc73dfcd6dd-FRA

GET
H3-29 200 3845-ronaldo-the-ego-freakish-goat-on-a-quest-for-perfection-324x400.jpg
all-news.co/wp-content/uploads/2021/06/ 25 KB
26 KB 25ms
25ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3845-ronaldo-the-ego-freakish-goat-on-a-quest-for-perfection-324x400.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5023dd75939effafcb6cf33edb6a207f6ab3cf0cbea817dfc31728a2c385843c

Request headers

:path: /wp-content/uploads/2021/06/3845-ronaldo-the-ego-freakish-goat-on-a-quest-for-perfection-324x400.jpg
pragma: no-cache
cookie: _awl=2.1624926131.0.4-70dce404-a59f56885975a3d203a2a60c0b28309d-6763652d6575726f70652d7765737431-60da67b3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 25659
cf-request-id: 0af6be30820000d6ddba135000000001
last-modified: Sun, 27 Jun 2021 11:24:40 GMT
server: cloudflare
etag: "643b-5c5bd9e6b0076"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vkdqQlVNd0blkWIHLFbfcU0cleITM1Rxh6qGK3a3YGH%2B8Z4t%2BnLlRZRZZYwzVE0ss1nC4tUEM6lBesWw5TdbjFe2%2F2SahQ8SqHt4begGNiGhz%2Fta0OkZJGgbjo85A8%2FrwpZgxs8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc73dfdd6dd-FRA

POST
H3-29 200 admin-ajax.php Show response
all-news.co/wp-admin/ 0
742 B 352ms
351ms XHR
text/html 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://all-news.co/wp-admin/admin-ajax.php

Requested by

Host: all-news.co
URL: https://all-news.co/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.3.25

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://all-news.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: _awl=2.1624926131.0.4-70dce404-a59f56885975a3d203a2a60c0b28309d-6763652d6575726f70652d7765737431-60da67b3-0
content-length: 51
:path: /wp-admin/admin-ajax.php
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://all-news.co/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

cf-edge-cache: cache,platform=wordpress
date: Tue, 29 Jun 2021 00:22:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.3.25
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af6be308c0000d6ddfc0aa000000001
referrer-policy: strict-origin-when-cross-origin
x-robots-tag: noindex
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yL2%2Bd9%2BEUtRN2YWIQooBvyl72%2BGIYllfLgggKKaTZOuCjeaomZfwq6EyxRZhhxHa2HhTNUWeTXLRoWe9p46OKNjO0aeMRKSshTWSbAk4BbYFN4XpNdqe5aAg5znqVSmwku4z6qQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://all-news.co
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 666affc74e08d6dd-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3-29 200 3853-everton-make-big-offer-for-keeper-after-furious-man-utd-bust-up-218x150.jpg
all-news.co/wp-content/uploads/2021/06/ 8 KB
8 KB 16ms
15ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3853-everton-make-big-offer-for-keeper-after-furious-man-utd-bust-up-218x150.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a42756212326640ef4c08213b061a91f16eddc14083454b2762ea5a2199025b

Request headers

:path: /wp-content/uploads/2021/06/3853-everton-make-big-offer-for-keeper-after-furious-man-utd-bust-up-218x150.jpg
pragma: no-cache
cookie: _awl=2.1624926131.0.4-70dce404-a59f56885975a3d203a2a60c0b28309d-6763652d6575726f70652d7765737431-60da67b3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1115
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8009
cf-request-id: 0af6be308d0000d6dd982b3000000001
last-modified: Mon, 28 Jun 2021 16:24:36 GMT
server: cloudflare
etag: "1f49-5c5d5ece13025"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QKe62fx8qUdrVwUTup4R72F%2B%2Fzr%2BkXFW9yeIf%2Bnhnm8a6yEdyH76sAIC3fu6BuOEalvP7wmCPnIsOI%2Be%2B50EdGx0rlKZXwmdRQ33FIqmEBMftHvCUUQ4LklS1TOu3IYrn18t2pE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc74e0cd6dd-FRA

GET
H3-29 200 3853-everton-make-big-offer-for-keeper-after-furious-man-utd-bust-up-696x365.jpg
all-news.co/wp-content/uploads/2021/06/ 34 KB
35 KB 13ms
13ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3853-everton-make-big-offer-for-keeper-after-furious-man-utd-bust-up-696x365.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 206884f90030b635e6e8a55c891a689d97a1a5a370489e255259e33dd1f31a26

Request headers

:path: /wp-content/uploads/2021/06/3853-everton-make-big-offer-for-keeper-after-furious-man-utd-bust-up-696x365.jpg
pragma: no-cache
cookie: _awl=2.1624926131.0.4-70dce404-a59f56885975a3d203a2a60c0b28309d-6763652d6575726f70652d7765737431-60da67b3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35178
cf-request-id: 0af6be30920000d6dd92887000000001
last-modified: Mon, 28 Jun 2021 16:24:36 GMT
server: cloudflare
etag: "896a-5c5d5ece31c56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3cumf7eUTA0U9xbxvEpR2qP1DZW98MUcCp8DyKT3aYF0tFgfMJOPNAkDZPfOdYgjauQsLlOVUHP2jT9UMxkMzQDRU1jYxDWSDBEtWMWuDtvWnXE94Wiu8RmEHmQbbQP4ftwmdH4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc74e12d6dd-FRA

GET
H3-29 200 mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js Show response
pagead2.googlesyndication.com/bg/ Frame 6501 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 19:36:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5744
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Jun 2022 19:36:31 GMT

GET
H3-29 200 3851-modi-govt-decides-to-give-one-year-extension-to-venugopal-as-a-g.jpg
all-news.co/wp-content/uploads/2021/06/ 47 KB
47 KB 25ms
24ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3851-modi-govt-decides-to-give-one-year-extension-to-venugopal-as-a-g.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a84343496d30d05e57f7c3126bdd6d18c8ac08e2d41e48a4f20a304fac1ce73

Request headers

:path: /wp-content/uploads/2021/06/3851-modi-govt-decides-to-give-one-year-extension-to-venugopal-as-a-g.jpg
pragma: no-cache
cookie: _awl=2.1624926131.0.4-70dce404-a59f56885975a3d203a2a60c0b28309d-6763652d6575726f70652d7765737431-60da67b3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1126
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 47784
cf-request-id: 0af6be30ae0000d6dde3a2b000000001
last-modified: Mon, 28 Jun 2021 14:24:37 GMT
server: cloudflare
etag: "baa8-5c5d43fd0c4ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BnTE1HIIkLDs5EzstD2mN05Db%2F4QWFr4tW26b%2FLNxWT3qJjZNmYQTSYEt0hR5f%2BxA21QPJI1hD5PxJaWc04TMPWup7h0wRXRbKXZ1%2B8CirwcbfIfmth6I1y9xt7IpZN0T%2BIKZyE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc77e2bd6dd-FRA

GET
H3-29 200 3857-the-lush-cinematic-soundscapes-of-pom-pom-squads-death-of-a-cheerleader-485x360.com-698378
all-news.co/wp-content/uploads/2021/06/ 26 KB
27 KB 46ms
44ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3857-the-lush-cinematic-soundscapes-of-pom-pom-squads-death-of-a-cheerleader-485x360.com-698378
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aede3cc959efff8f7ad1af6057db8748cd96bfe2bf0fdb8feba5e82184c7914

Request headers

:path: /wp-content/uploads/2021/06/3857-the-lush-cinematic-soundscapes-of-pom-pom-squads-death-of-a-cheerleader-485x360.com-698378
pragma: no-cache
cookie: _awl=2.1624926131.0.4-70dce404-a59f56885975a3d203a2a60c0b28309d-6763652d6575726f70652d7765737431-60da67b3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Jun 2021 22:24:41 GMT
server: cloudflare
etag: "67db-5c5daf4a74202"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=khyHVhK0XiCgXA9dxRcalGl%2F223ankLi1eqgQU27VGv6FdkqjNhheh%2F3v179kobimx5oc9%2BN9f2px8WbhjBkhk4XxxdR1hQ3dmETqZ90Dk5%2FLTatbjlwYjDoHUR18%2BLBDXdWuLc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 666affc7ae55d6dd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 26587
cf-request-id: 0af6be30c90000d6ddcd8a9000000001

GET
H3-29 200 3851-modi-govt-decides-to-give-one-year-extension-to-venugopal-as-a-g-218x150.jpg
all-news.co/wp-content/uploads/2021/06/ 9 KB
10 KB 15ms
14ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3851-modi-govt-decides-to-give-one-year-extension-to-venugopal-as-a-g-218x150.jpg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86a0133ac1e6454e0eaf2393ec4502e2ed7a6f83a795e9d4ff77f068b8cb479b

Request headers

:path: /wp-content/uploads/2021/06/3851-modi-govt-decides-to-give-one-year-extension-to-venugopal-as-a-g-218x150.jpg
pragma: no-cache
cookie: _awl=2.1624926131.0.4-70dce404-a59f56885975a3d203a2a60c0b28309d-6763652d6575726f70652d7765737431-60da67b3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1115
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9722
cf-request-id: 0af6be30c90000d6ddab13a000000001
last-modified: Mon, 28 Jun 2021 14:24:38 GMT
server: cloudflare
etag: "25fa-5c5d43fd23003"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=siajwDzpRYTYgAgwkUPoLTu3TNLSS9lzSnMAb8x9FPCIdD923anrjxFBxqjfN%2BPjBQGIjIL1dWUr4ariemvjiUFyzN%2FPlqeqLyni8r7Cu%2BRJHa0D0IL1ZDRN73QkvTjlerT4ceQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc7ae56d6dd-FRA

GET
H3-29 200 3855-miami-dolphins-week-in-review-218x150.jpg
all-news.co/wp-content/uploads/2021/06/ 11 KB
12 KB 14ms
14ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3855-miami-dolphins-week-in-review-218x150.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f649197849061132450b90acfab52a27f60c05bc55ce2d997f90fcfadf2b9c1a

Request headers

:path: /wp-content/uploads/2021/06/3855-miami-dolphins-week-in-review-218x150.jpg
pragma: no-cache
cookie: _awl=2.1624926131.0.4-70dce404-a59f56885975a3d203a2a60c0b28309d-6763652d6575726f70652d7765737431-60da67b3-0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6795
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11219
cf-request-id: 0af6be30e10000d6dd09877000000001
last-modified: Mon, 28 Jun 2021 19:26:25 GMT
server: cloudflare
etag: "2bd3-5c5d8771f2b01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gqtmCrBcZQAqqwIkNTb86OKm8Am%2BwSHzg8AXSlggaNHx2H%2FrHCqnrOa66o%2BLVVbGSDCL1pIQQvR20vwq7o%2BVmNih6cmKrKa75cafbwAPH3f83HGOCbJ3mtlL6VOLA%2FSntAIwcsE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc7ce77d6dd-FRA

GET
H2 200 3853-everton-make-big-offer-for-keeper-after-furious-man-utd-bust-up-218x150.jpg
all-news.co/wp-content/uploads/2021/06/ 8 KB
8 KB 12ms
12ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3853-everton-make-big-offer-for-keeper-after-furious-man-utd-bust-up-218x150.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a42756212326640ef4c08213b061a91f16eddc14083454b2762ea5a2199025b

Request headers

:path: /wp-content/uploads/2021/06/3853-everton-make-big-offer-for-keeper-after-furious-man-utd-bust-up-218x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1115
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8009
cf-request-id: 0af6be310200004e9df3880000000001
last-modified: Mon, 28 Jun 2021 16:24:36 GMT
server: cloudflare
etag: "1f49-5c5d5ece13025"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=toYhPO2fsGSR3TGvVdl35Q%2BKswgFAzqFob6joUE8hQ3pfrEx1IhpjF%2FgCjt1gR0Q%2Bvxbqjyp8RS9jlhANabCheOm1uub1fFVAmjR%2B7mS4DTNZ92y8BooqtW2RD8L3DG%2BDPv0crU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc80aef4e9d-FRA

GET
H3-29 200 3851-modi-govt-decides-to-give-one-year-extension-to-venugopal-as-a-g-218x150.jpg
all-news.co/wp-content/uploads/2021/06/ 9 KB
10 KB 15ms
12ms Image
image/jpeg 2606:4700:3032::ac43:8293
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all-news.co/wp-content/uploads/2021/06/3851-modi-govt-decides-to-give-one-year-extension-to-venugopal-as-a-g-218x150.jpg
Requested by: Host: all-news.co
URL: https://all-news.co/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:8293 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86a0133ac1e6454e0eaf2393ec4502e2ed7a6f83a795e9d4ff77f068b8cb479b

Request headers

:path: /wp-content/uploads/2021/06/3851-modi-govt-decides-to-give-one-year-extension-to-venugopal-as-a-g-218x150.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: all-news.co
referer: https://all-news.co/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:22:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1115
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9722
cf-request-id: 0af6be314e0000d6ddcd8b0000000001
last-modified: Mon, 28 Jun 2021 14:24:38 GMT
server: cloudflare
etag: "25fa-5c5d43fd23003"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SrLrTzvtB2wNZiQjDoyT%2BDf%2FLUf6vx91d7UTMh%2FHGKXkElipNogcsDB3icvc1vi5trQ%2B2SdkDYXxgjByah2UHnXqMda6Xb6xH5GSLMJt6TyEki7Iz%2Fio42ravQUbloBJHTn1Isk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 666affc87f2ad6dd-FRA

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 15ms
14ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210624&jk=238469450479566&bg=!zs2lzYnNAAYo4NJEKOA7ACkAdvg8WmFxNo_rpxsOzuIzacly6MjnR3KFXWd-9lu2I-GeJ8ATiF1WkgIAAACkUgAAABBoAQcKAC2mmfdMvoy-32ytan2hb9kqwCckUuvXPHvYYVB8Ko9emUTmpHWc4SpH9GIVQyiZAm6jnuc-ceXHpomcTxrc_1cyZYFOo26BjRrpToME5u3Iw_6XegQ0-MOhubLdHiKi56WTRVqbbv7pY0kYkR7eAymrWaOmELXi8PPRUzDA37PR4iozNyomw12S4q92BbkiUuXoWI1dWwkCj0RXcSqdx3bNalx1bF1J7CYnhbx1nVHX59xdl5akI_eDBIB4AIoKnk3Ysz6NYaCP5jUm1z4WYZE1AO1TqXakNB_6exxN-sZQ31gwIDWVTtKxpq2iSjHFBrKJFDntVF3BKSSmlQNOlGZbKWliUaoze6BAzBK-KD-w1bZVZka5mnze3unJgf9M7eILkgw-Be5XFNeJNImlOJbP2KngRMySAvOVHtotyzqcCLYKfufUQyUsl1hZkJs3nk-1ulNT8pFXtf4qoYz1SWwoRrse99owBXk8xTnYkGOpiCi11PJI_KnRzvvXJRQrI54oEHPsBKV5xbJuBlb_1JhCb2aYYck2PggT9AAx126UDhVflZW8QSJWHdBCZ1SMQ7au8_hb6qdNvNxXDVXwb8NMJFIPDWuzGs8cigYkJjzDJz1zTXsVnbynx4HbxVupgaP9AD8EoS8Yn2LDorkOVwo00phR_TtysnY8VgzYcaUB25FCcJAwM2G8Jb1S7r5p-wnSPxiAk5dhBfDKtATyikYpsfeyxYtadUfunm5GqsoFAIeB7IYlFdgXapQ8HJeb86Mkt7eRT-JxikWll4SWtPRjIBce5-xVHHKdfm9T1c57NP5cYrwKx4TzEI4zrCkX-zC7gBRo8C7lJT0jKqdWPNbNk8cLbMDA5QfjM0bmjcMp8quFaFzVvOJ4uyEguEW-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://all-news.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A09D 0
56 B 14ms
13ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=451.0000&a1=https&f1=layout_html&s1=0&d1=12.0000&a2=https%3A%2F%2Ftpc.googlesyndication.com%2Fsadbundle%2F%24csp%253Der3%24%2F534895642919901748%2FWalbusch_TV-Banner_300x250%2Findex.html%23t%3D16781486543590840483%26p%3Dhttps%253A%252F%252Fgoogleads.g.doubleclick.net&a3=https%3A%2F%2Ftpc.googlesyndication.com%2Fpagead%2Fgadgets%2Fhtml5%2Fapi%2Fexitapi-impl.js&s3=151.1000&d3=8.3000&a4=https%3A%2F%2Ftpc.googlesyndication.com%2Fpagead%2Fgadgets%2Fhtml5%2Faddata.js&s4=151.3000&d4=8.3000&a5=https%3A%2F%2Ffonts.googleapis.com%2Fcss%3Ffamily%3DOpen%2BSans%3A400%2C700%26display%3Dswap&s5=151.4000&d5=16.6000&a6=https%3A%2F%2Ftpc.googlesyndication.com%2Fsadbundle%2F%24csp%253Der3%24%2F534895642919901748%2FWalbusch_TV-Banner_300x250%2Fimages%2Fbild_1.jpg&s6=151.5000&d6=87.9000&a7=https%3A%2F%2Ftpc.googlesyndication.com%2Fsadbundle%2F%24csp%253Der3%24%2F534895642919901748%2FWalbusch_TV-Banner_300x250%2Fimages%2Fbild_2.jpg&s7=151.6000&d7=90.4000&a8=https%3A%2F%2Ftpc.googlesyndication.com%2Fsadbundle%2F%24csp%253Der3%24%2F534895642919901748%2FWalbusch_TV-Banner_300x250%2Fimages%2Flogo.svg&s8=151.6000&d8=90.8000&a9=https%3A%2F%2Ftpc.googlesyndication.com%2Fsadbundle%2F%24csp%253Der3%24%2F534895642919901748%2FWalbusch_TV-Banner_300x250%2Fimages%2Fcta-text.svg&s9=151.6000&d9=91.3000&a10=https%3A%2F%2Ftpc.googlesyndication.com%2Fsadbundle%2F%24csp%253Der3%24%2F534895642919901748%2FWalbusch_TV-Banner_300x250%2Fimages%2Fcta-icon.svg&s10=151.6000&d10=92.1000&a11=https%3A%2F%2Ffonts.gstatic.com%2Fs%2Fopensans%2Fv20%2Fmem5YaGs126MiZpBA-UN7rgOUuhp.woff2&s11=226.4000&d11=26.9000&a12=https%3A%2F%2Fpagead2.googlesyndication.com%2Fbg%2FmGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js&s12=456.1000&d12=7.1000&a13=https%3A%2F%2Ftpc.googlesyndication.com%2Fsadbundle%2F%24csp%253Der3%24%2F534895642919901748%2FWalbusch_TV-Banner_300x250%2Findex.html&f13=Custom_layout&s13=-1&d13=-1&i=502279475249&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F534895642919901748%2FWalbusch_TV-Banner_300x250%2Findex.html&gqi=smfaYOyTDIzvgQfCz7X4BQ&qqi=CLn3m8bJu_ECFTzKuwgdJWAIlQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Jun 2021 00:22:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

232 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 04:43:42	Name: IDE Value: AHWqTUm7R1Zi50Y7ho0nAbZvjq3_V1PYelZTgkyT3Qhs-FJxakT4BgbAB1BvsFGlcyo

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://all-news.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.7.2(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
all-news.co
cdn.onesignal.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
mandiree.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
static.adsafeprotected.com
steadfastsystem.com
token.rubiconproject.com
tpc.googlesyndication.com
track.seadform.net
u13130857.ct.sendgrid.net
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.186.162
142.250.186.66
167.89.118.28
185.64.190.78
199.217.115.48
2.18.234.21
2600:9000:2104:3600:8:48e:53c0:93a1
2606:4700:3032::ac43:8293
2606:4700::6812:e234
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:801::2004
2a00:1450:4001:809::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2002
2a05:d01c:1d8:8100:2610:105e:4515:ae1b
34.246.227.69
34.98.67.61
35.190.90.202
35.244.159.8
35.244.174.68
37.157.4.39
69.173.144.165
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
01db69cca8062a2c1def13f84d5a681ad07b5d046f5871d65856ef55ccf6973f
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02a3c7dde92a1356f30d5ef6dbc2b804bb2c5f00853eaeabf37abc92c6b101f2
02c822b49c689f2b9e1ffd4aa0393ad90bed0a8f0d2c0d1d8725b097cc9c6061
07c0e56d3dab9ba01869922dc45a09928804d0ce6c4de08f6f2ff1c558ac8670
0a42756212326640ef4c08213b061a91f16eddc14083454b2762ea5a2199025b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0dd95d9bfc689b8862a9dd8ae8166ca21df149fb24f3d0830423b66ae00d426e
0e7088c707941d170c9345ce3004dec27cf3fe8e57088ba398ead8086f2b2583
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
15c510fe49c3ec5fd57ac7ead341655699156a63fe10195347dfeae1dc53f909
18825f3f63990887aef6458e5e7fa07ea025c117c53a269b1ef4514079d36317
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1d7154e6f0f3acdb2fe2c2def3d39a515ab59e089f19b8d8c5434b71f2450576
1e0af1f2b8e2a591b08c11fc9268a9cb0e38c94434dda039f6c160ce3057aec3
206884f90030b635e6e8a55c891a689d97a1a5a370489e255259e33dd1f31a26
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
231c611d7b6ead714207b6ad2a59ebf8f84feb7142c87326d9d145b80b884b6a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
277c84697b5039a7583a843ba2e6b784354925898a15056c8d975b696d2e7c2c
29d592e34e3d2c8ca0c55ceafd75940de79cdb6381d8ceb372d226e7820e7220
2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808
2b515a59174f30fe7c694f1b81a78f567ce671b24988e2e6e737ecaed26871af
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d036346b18bf4c27bc91f0416f8b59427e32bfc6c2724a27e6fe2e5a7b58574
2e3ff7fefe99d85f8d194365592546d984547221dce2ece361e7ba51f75f2fa5
2f8064965f15b802f5e8585daa147c7cdd71467a270ef3fe5afe3037e7558dc8
33155ea66b1a475f177a7de9f07f25130d293df2fef5474397b9767292a7e2fa
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3aede3cc959efff8f7ad1af6057db8748cd96bfe2bf0fdb8feba5e82184c7914
3cbe29d1f85fb03cd20d992c1560592deabecadf2c776e8045a61f81e2da32e5
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4a84343496d30d05e57f7c3126bdd6d18c8ac08e2d41e48a4f20a304fac1ce73
4c9ef034019aa39323b351f1d81fb4ac07a736f696b8204c20986fd31c8b9bdf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
501fc14617f2939c8103346e3ad90c489002d4af1c02be88d2d6f7bd9d118b78
5023dd75939effafcb6cf33edb6a207f6ab3cf0cbea817dfc31728a2c385843c
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5b7c16a2634176ae1011cf12236608a573a5bfa50685e2e2884cf2da48e22769
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5fad5cef56a6706345fe200a869cc3116f309380b342fadd5a74b9ded8b9b45f
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6956cbfddf2ce28aee043ecd2b7dbc3ada3954646d7009c6dd1b5ca173f136f9
6a0f2b0f0bd327760c7f8583c882c9e5d76d3a920e23f8904692ec567ff2497d
6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9
7029bfe6913d713adc5334b57132f49395d08895fe6bc9666ba002c63a377966
708a254d78d7aece1ab991115c37a89a4e85a499f87444a02b9e5ab8c97984a6
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
77dc4e5bc1c42cd2a6f390b77286de6df5f0ead908357a4c0df4c2de59f60716
7da8d792ef771180eef9e592f2a3b5ebcc0f74eea6f5475d1a1e9e5665bb8448
7e72826a8e96483432e7b075dd5f3280559ef6ba34b824b78c7446f590be3192
830001bd62bfe2defbd24faa394d3a03a7d26d094edf2f6ec96cc6cfd52a287e
86a0133ac1e6454e0eaf2393ec4502e2ed7a6f83a795e9d4ff77f068b8cb479b
8d665f82bed12dd4424b7ea578d9f69a90e04925d4b146cb4c3cb64049a1899e
8f8c9f1c471da8dae19554e26c6c423f31e5e687ea3892e4a73ada4be3179f86
90931b70bd659f14792b02d664eddbea5dd7dda5c1f70f31e4be330f84cf3dd6
97d4436dc6b96cb1da16005f77fd69a3fd05cad38ab283411cb2437a7dbcc9b8
986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e36f48120b748ca10f6efeb242a7cdbd118a72f0e40b3812a5f3dbe286de818
9f89adb807450b421fba04a426e97d1ee2fdd2ec3be9b67c0d9bb8531b782bce
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a22ae82d21bf67a4611f1f436e3ab4df13b16969315e9c1d8c299a13d662f3fc
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a7a9100f85d8ca82c558146d7ed9d4e3521878c5bb1d40dcb6b74a8591610b89
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
afc7b3d4d912dbb3b1d369d53a1615113f16861c34b891be21cf476a3ac04d6a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f4247657f994f6c9520c982ab95f953ee1c052706594d74f521cae670cf8be
b3676681eb5c78cd81431f74868b5ea3e704aafa387927218fe20a90774ecbf7
b6458a29ee3ece5dfe1f568c9fbc935bd85c076510162ef82f79a1c76cf456eb
b921066fab0d56c85d692d95d647fb371b93fd161a6bc54c0ffa516ed653f768
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
be6138d0e7312f9c3f2c1ac3172e56de95bd3435fd87b0e3c3d86dd8482db54f
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c518ad5d0adbc0754bac8b71c958312a6bd77d4e318500fec44d929e00f857ec
c55a840772f4c19f2cb8e3a077caaaf723715f7a8bbd80b3f54ac9e5b151383a
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf272b4a6e5f915c824d77657861df09558f76668210b940e245940b63dd9adb
d0d2c2cc4135489b4fb78048e88cbd0a5c9bec0097da94fd798e0a61b20dcd5c
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d30c86414403cb23cc586453d82c59e889147bcfd54ea6b0aa2d3e2a29baf156
d57234aadc61c3d3e48f62e2b50c0e5cd4b61e853f98de094786a2a51a98890e
d641d794ffeb8ab4a93449307f4da1d4cb4a9c7020ad7da4c2f630b03de6d1f7
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d89e938fe1ae43fab7b2c2724a54677a3f4ff882075196ef184993bd63ffd6b3
d9c9be4270108611680d51d44a1bffdb794619dcfad2ce43a4374580512a6a5b
dbffbd3df712147f9fdb77cc9c0e454448e301fec9c804d3f0b6b213492d6ab9
df85aac876d06864d10bb0fc5f45c6fa28870ed4eda966f3082d52e42173d962
e2f5a99d439c1d7bc8cd4e02f39d77d0dab1eba4e1fae40d3fc5d06ac3aaf1ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7033fd5df92bff5392cd7166aa9e02fbeb56cfdace1aef20f8ba4a04d5665bf
e8ae14082f4d2088f2bcc4f8e3da3955343dd1e39e0a5f9333c45d6428c3cfc5
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
eabca5d25de6ec2cca6a07b1633383e6f0d4088b0fc753c815e7391a108704ff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f649197849061132450b90acfab52a27f60c05bc55ce2d997f90fcfadf2b9c1a
f8ab733c1d2cfd50c84622ebdaddb7a4624dc9a7d9e1da00ed757e1bf2d9a6ca
fa1337616335c113614b284c33f0aa5fcaab20f04e49c33989ae3cd448a6a3de
fb91a46b218b9d0f871d66c92160019ebd0a3104fd78f7826209deacbd44872c
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fe8b2264b7ef7ae4f5b3ee5fa827b2744a843804a417cc0b39a4f0e9f64f07ed

all-news.co Open in urlscan Pro 2606:4700:3032::ac43:8293 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

228 Requests

98 %HTTPS

57 %IPv6

24 Domains

28 Subdomains

25 IPs

5 Countries

2695 kBTransfer

6051 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

228 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

all-news.co Open in urlscan Pro
2606:4700:3032::ac43:8293 Public Scan

Screenshot
Live screenshot

Full Image

228
Requests

98 %
HTTPS

57 %
IPv6

24
Domains

28
Subdomains

25
IPs

5
Countries

2695 kB
Transfer

6051 kB
Size

1
Cookies

228 HTTP transactions
5 data transactions