preprod.newsfulonline.com Open in urlscan Pro
2606:4700::6812:1423 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://preprod.newsfulonline.com/
Submission: On December 05 via api (December 5th 2023, 10:02:05 am UTC) from US — Scanned from DE

Summary HTTP 127 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 46 IPs in 5 countries across 37 domains to perform 127 HTTP transactions. The main IP is 2606:4700::6812:1423, located in United States and belongs to CLOUDFLARENET, US. The main domain is preprod.newsfulonline.com.
TLS certificate: Issued by GTS CA 1P5 on November 22nd 2023. Valid for: 3 months.

This is the only time preprod.newsfulonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700::68... 2606:4700::6812:1423	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225e:3a00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:243... 2600:9000:243d:9800:d:2820:3bc0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:264... 2600:9000:2644:a800:19:bcbe:a700:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:243... 2600:9000:243d:7600:11:e0c9:84c0:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b120:5272:c368:d5e5:d480	14618 (AMAZON-AES) (AMAZON-AES)
1	3.215.46.21 3.215.46.21	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6813:d483	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.149.180 172.64.149.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	99.86.4.30 99.86.4.30	16509 (AMAZON-02) (AMAZON-02)
1	108.157.7.228 108.157.7.228	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	54.175.2.45 54.175.2.45	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.214.70.73 18.214.70.73	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2	18.245.60.53 18.245.60.53	16509 (AMAZON-02) (AMAZON-02)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
21	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	65.9.7.65 65.9.7.65	16509 (AMAZON-02) (AMAZON-02)
3 4	34.193.112.155 34.193.112.155	14618 (AMAZON-AES) (AMAZON-AES)
1	20.40.202.0 20.40.202.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	18.173.233.76 18.173.233.76	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	52.19.222.237 52.19.222.237	16509 (AMAZON-02) (AMAZON-02)
1 1	46.228.164.13 46.228.164.13	56396 (AMOBEE) (AMOBEE)
1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	18.159.232.130 18.159.232.130	16509 (AMAZON-02) (AMAZON-02)
1 1	50.31.142.63 50.31.142.63	23352 (SERVERCEN...) (SERVERCENTRAL)
15	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
127	46

18 2606:4700::6812:1423 (United States)

ASN13335 (CLOUDFLARENET, US)

preprod.newsfulonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:3a00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:243d:9800:d:2820:3bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

karma.mdpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2644:a800:19:bcbe:a700:21 (United States)

ASN16509 (AMAZON-02, US)

d30qdagvt44524.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:243d:7600:11:e0c9:84c0:21 (United States)

ASN16509 (AMAZON-02, US)

d9jj3mjthpub.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b120:5272:c368:d5e5:d480 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.215.46.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-46-21.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:d483 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-30.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.7.228 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-7-228.dus51.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.2.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-2-45.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.214.70.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-70-73.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a716b4ec658622215c5d0f33196626df.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.60.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-53.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.7.65 (Hollywood, United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-65.fra56.r.cloudfront.net

dc8xl0ndzn2cb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.193.112.155 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-112-155.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lightboxapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.233.76 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-76.dus51.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.222.237 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-222-237.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.232.130 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-232-130.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.142.63 (Hickory Hills, United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 a716b4ec658622215c5d0f33196626df.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148	435 KB
18	newsfulonline.com preprod.newsfulonline.com	204 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	311 KB
8	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com — Cisco Umbrella Rank: 410	74 KB
8	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	186 KB
7	liadm.com 4 redirects b-code.liadm.com — Cisco Umbrella Rank: 2977 rp.liadm.com — Cisco Umbrella Rank: 1632 rp4.liadm.com — Cisco Umbrella Rank: 6685 i.liadm.com — Cisco Umbrella Rank: 517	20 KB
5	lightboxcdn.com www.lightboxcdn.com — Cisco Umbrella Rank: 5638	148 KB
4	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811 dis.criteo.com — Cisco Umbrella Rank: 550	8 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 893 id5-sync.com — Cisco Umbrella Rank: 425	67 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643	672 B
3	cloudfront.net d30qdagvt44524.cloudfront.net d9jj3mjthpub.cloudfront.net dc8xl0ndzn2cb.cloudfront.net d31qbv1cthcecs.cloudfront.net Failed	838 B
3	mdpcdn.com karma.mdpcdn.com — Cisco Umbrella Rank: 93649	111 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	291 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	1 KB
2	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 1554	1 KB
2	rezync.com 2 redirects live.rezync.com — Cisco Umbrella Rank: 1785	1 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 172	4 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 3667	128 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	577 B
2	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 983 idsync.rlcdn.com — Cisco Umbrella Rank: 408	456 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	133 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940	285 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 586	291 B
1	mathtag.com sync.mathtag.com — Cisco Umbrella Rank: 1031	600 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1349	416 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 825	1 KB
1	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2199
1	azurewebsites.net lightboxapi.azurewebsites.net — Cisco Umbrella Rank: 29736	1 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1042	17 KB
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 5557	238 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 644	11 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	261 B
127	37

	Domain	Requested by
21	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com preprod.newsfulonline.com cdn.ampproject.org
18	preprod.newsfulonline.com	preprod.newsfulonline.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	securepubads.g.doubleclick.net	karma.mdpcdn.com securepubads.g.doubleclick.net
5	c.amazon-adsystem.com	karma.mdpcdn.com c.amazon-adsystem.com
5	www.lightboxcdn.com	preprod.newsfulonline.com www.lightboxcdn.com
4	i.liadm.com	3 redirects b-code.liadm.com
3	www.google.com	2 redirects tpc.googlesyndication.com
3	karma.mdpcdn.com	preprod.newsfulonline.com karma.mdpcdn.com
2	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	x.bidswitch.net	i.liadm.com
2	dpm.demdex.net	1 redirects i.liadm.com
2	x.dlx.addthis.com	1 redirects i.liadm.com
2	live.rezync.com	2 redirects
2	sb.scorecardresearch.com	preprod.newsfulonline.com
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	cdn.id5-sync.com	preprod.newsfulonline.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects
2	match.adsrvr.org	js-sec.indexww.com i.liadm.com
2	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
2	www.googletagmanager.com	preprod.newsfulonline.com
1	id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	b1sync.zemanta.com	1 redirects
1	sync.mathtag.com	i.liadm.com
1	d.turn.com	1 redirects
1	dis.criteo.com	1 redirects
1	idsync.rlcdn.com	i.liadm.com
1	p.rfihub.com	1 redirects
1	script.crazyegg.com	preprod.newsfulonline.com
1	lightboxapi.azurewebsites.net	www.lightboxcdn.com
1	dc8xl0ndzn2cb.cloudfront.net	preprod.newsfulonline.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	a716b4ec658622215c5d0f33196626df.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	secure.cdn.fastclick.net	preprod.newsfulonline.com
1	mug.criteo.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	js-sec.indexww.com	karma.mdpcdn.com
1	region1.google-analytics.com	www.googletagmanager.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	d9jj3mjthpub.cloudfront.net
1	d30qdagvt44524.cloudfront.net	karma.mdpcdn.com
1	b-code.liadm.com	preprod.newsfulonline.com
0	d31qbv1cthcecs.cloudfront.net Failed	preprod.newsfulonline.com
127	53

This site contains links to these domains. Also see Links.

Domain
preprod.galvanized.com

Subject Issuer	Validity	Valid
newsfulonline.com GTS CA 1P5	`2023-11-22` - `2024-02-20`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
karma.mdpcdn.com Amazon RSA 2048 M02	`2023-04-02` - `2024-04-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
lightboxcdn.com Cloudflare Inc ECC CA-3	`2023-10-09` - `2024-10-08`	a year	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
rkdms.com Amazon RSA 2048 M03	`2023-10-04` - `2024-11-01`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2023-11-27` - `2024-12-25`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.azurewebsites.net Microsoft Azure TLS Issuing CA 05	`2023-11-29` - `2024-06-27`	7 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://preprod.newsfulonline.com/
Frame ID: AD536939243E4249E0CE60E4263DE115
Requests: 67 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=preprod.newsfulonline.com
Frame ID: D8041222948C8424192077C287AA1972
Requests: 2 HTTP requests in this frame

Frame: https://a716b4ec658622215c5d0f33196626df.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 62C195FDEE178954E899E1DFA402BD4A
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: AE824B1B31027F4FBD59868A04A9B350
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DF48C597D5AA0A0D072B0C907D7D12FC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 140F15CADD93891ABF7A7D7D801A8E62
Requests: 2 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/7ff8b1cd-1d19-446f-83fc-08706559ea09/lightbox.js?mb=1701770520193&lv=1
Frame ID: C5FC8644F915A035B750400B4EE038F0
Requests: 2 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01ao?duid=b89f71c72b9a--01hgwptrs0hbn9qch35sbp6ahv&euns=0&s=&version=v2.11.1&
Frame ID: BD1FEDE61BC8E4C23115293B4FE45C02
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 09A0B5873D0E7EB57E000EEEE6EB39E6
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 21A29B51B4FE4D9E29425E42741D1A41
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: BB24966F767372B880C6CDAD72CA3535
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Newsful

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

127
Requests

91 %
HTTPS

43 %
IPv6

37
Domains

53
Subdomains

46
IPs

5
Countries

1786 kB
Transfer

4841 kB
Size

44
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://preprod.galvanized.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://rp.liadm.com/j?dtstmp=1701770519450&aid=a-01ao&se=e30&duid=b89f71c72b9a--01hgwptrs0hbn9qch35sbp6ahv&tna=v2.11.1&pu=https%3A%2F%2Fpreprod.newsfulonline.com%2F&wpn=lc-bundle&c=PHRpdGxlPk5ld3NmdWw8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJEaWdpdGFsIGRlc3RpbmF0aW9uIGZvciBzb3BoaXN0aWNhdGVkIG1lbiAmYW1wOyB3b21lbi4gTGl2ZSB5b3VyIGJlc3QgbGlmZSB3aXRoIGV4cGVydCB0aXBzIGFuZCBuZXdzIG9uIGhlYWx0aCwgZm9vZCwgc2V4LCByZWxhdGlvbnNoaXBzLCBmYXNoaW9uIGFuZCBsaWZlc3R5bGUuIj48aDE-CgkJCQkJCQkJPGEgY2xhc3M9InNpdGUtbG9nbyIgaHJlZj0iLyIgdGl0bGU9Ik5ld3NmdWwiPgoJCQkJCTxzdmcgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj4KCQkJCQkJPHVzZSB4bGluazpocmVmPSIjc3ZnLW5ld3NmdWwtbG9nbyI-PC91c2U-CgkJCQkJPC9zdmc-CgkJCQk8L2E-CgkJCQk8YSBocmVmPSIjbWFpbi1jb250ZW50IiBjbGFzcz0ic2tpcC10by1jb250ZW50X19idG4iPlNraXAgdG8KCQkJCQljb250ZW50PC9hPgoJCQkJCQkJPC9oMT4 HTTP 302
https://rp4.liadm.com/j?se=e30&duid=b89f71c72b9a--01hgwptrs0hbn9qch35sbp6ahv&aid=a-01ao&tna=v2.11.1&dtstmp=1701770519450&n3pc=true&wpn=lc-bundle&i6=MmEwMTo0YTA6NWE6OjY%3D&pu=https%3A%2F%2Fpreprod.newsfulonline.com%2F&c=PHRpdGxlPk5ld3NmdWw8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJEaWdpdGFsIGRlc3RpbmF0aW9uIGZvciBzb3BoaXN0aWNhdGVkIG1lbiAmYW1wOyB3b21lbi4gTGl2ZSB5b3VyIGJlc3QgbGlmZSB3aXRoIGV4cGVydCB0aXBzIGFuZCBuZXdzIG9uIGhlYWx0aCwgZm9vZCwgc2V4LCByZWxhdGlvbnNoaXBzLCBmYXNoaW9uIGFuZCBsaWZlc3R5bGUuIj48aDE-CgkJCQkJCQkJPGEgY2xhc3M9InNpdGUtbG9nbyIgaHJlZj0iLyIgdGl0bGU9Ik5ld3NmdWwiPgoJCQkJCTxzdmcgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj4KCQkJCQkJPHVzZSB4bGluazpocmVmPSIjc3ZnLW5ld3NmdWwtbG9nbyI-PC91c2U-CgkJCQkJPC9zdmc-CgkJCQk8L2E-CgkJCQk8YSBocmVmPSIjbWFpbi1jb250ZW50IiBjbGFzcz0ic2tpcC10by1jb250ZW50X19idG4iPlNraXAgdG8KCQkJCQljb250ZW50PC9hPgoJCQkJCQkJPC9oMT4

Request Chain 43

https://oajs.openx.net/esp?url=https%3A%2F%2Fpreprod.newsfulonline.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fpreprod.newsfulonline.com%2F&rid=esp&cc=1

Request Chain 45

https://gum.criteo.com/sid/json?origin=publishertagids&domain=newsfulonline.com&sn=ChromeSyncframe&so=0&topUrl=preprod.newsfulonline.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=E_gRVHxCYk9WZmpkUXd3Um0xTnhIdTkyMm1jS0gxZUR3QXM2UkpZcFlVeDFOaENrTjR3YXpzbEdoTittdDFMUFZWWkxGSnBCSGtvTXVnSDdMRzU3WkV0d2VJUkJvRThIM0svTXVpYjk1dzFtNW51UFM0Ulc5V0ZBUVRlcm9HQkcyRithSm9lWGJCRTk1K2M5dmE5RWJTVk15cU8zTW5HMEljLzNKM1g1YmNGMTVWZ2FwU3BkcVpwY3dqeVJuNVZzSlY0bTk2bkV2eTFIalBwZEVLVGNGSVNaRTNsdUwzUW05N3ZucWZuZSs4YVNtQ3pkeDhYY1pMZkQ3b3RGaW5MUXlSUXpZL1VoV2EzT1NEbThSTEJmNVB5U2ZiZz09fA&cppv=2

Request Chain 75

https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=5ad094f0-c9ee-42f8-8244-4219f4a83790 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=4cfa9a0d-1d04-4f82-bd5c-6d27e34ae838%3A1701770520.8170073&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D4cfa9a0d-1d04-4f82-bd5c-6d27e34ae838%253A1701770520.8170073%26_%3D1701770520.8191793&cb=1701770520.8192112 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831390951278&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D4cfa9a0d-1d04-4f82-bd5c-6d27e34ae838%253A1701770520.8170073%26_%3D1701770520.8191793 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=4cfa9a0d-1d04-4f82-bd5c-6d27e34ae838%3A1701770520.8170073&_=1701770520.8191793

Request Chain 77

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=5ad094f0-c9ee-42f8-8244-4219f4a83790 HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=5ad094f0-c9ee-42f8-8244-4219f4a83790&rd=Y

Request Chain 78

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ddC30Hf_h0UvsMqo20cp0DVrmjT0HxTh_drFww HTTP 303
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=5ad094f0-c9ee-42f8-8244-4219f4a83790 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=5ad094f0-c9ee-42f8-8244-4219f4a83790

Request Chain 79

https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7894285545824005308 HTTP 303
https://sync.mathtag.com/sync/img?mt_exid=36&5ad094f0-c9ee-42f8-8244-4219f4a83790

Request Chain 81

https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid= HTTP 303
https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=5ad094f0-c9ee-42f8-8244-4219f4a83790&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 118

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

127 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
preprod.newsfulonline.com/ 75 KB
14 KB 152ms
62ms Document
text/html 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://preprod.newsfulonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WordPress VIP <https://wpvip.com>
Resource Hash: 169c656676e4a3b2e6bce8d722c2ae460c8903c3e19e3c6f451aa89fafba7bf6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-apo-via: origin,host
cf-cache-status: EXPIRED
cf-edge-cache: cache,platform=wordpress
cf-ray: 830b736cf9d49176-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 10:01:58 GMT
expires: Tue, 05 Dec 2023 14:01:58 GMT
host-header: a9130478a60e5f9135f765b23f26593b
last-modified: Tue, 05 Dec 2023 09:12:28 GMT
link: <https://preprod.newsfulonline.com/wp-json/>; rel="https://api.w.org/"
server: cloudflare
vary: Accept-Encoding
x-cache: hit
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-robots-tag: noindex, nofollow
x-rq: hhn1 85 187 443

GET
H2 200 main-concat.css
preprod.newsfulonline.com/wp-content/themes/newsful/css/ 82 KB
17 KB 180ms
179ms Stylesheet
text/css 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://preprod.newsfulonline.com/wp-content/themes/newsful/css/main-concat.css?ver=1701257866
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd4efe37aea2b067d9415a93fa36c6b0aa7677be0af31bea88662bd44367cc34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:58 GMT
x-rq: ams5 85 187 443
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Nov 2023 11:37:46 GMT
server: cloudflare
etag: W/"6567228a-1498f"
vary: Accept-Encoding
x-cache: MISS
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 830b736d6a379176-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 04 Dec 2024 10:01:58 GMT

GET
H2 200 roboto-v20-latin-700.woff2
preprod.newsfulonline.com/wp-content/themes/newsful/fonts/ 15 KB
16 KB 178ms
178ms Font
application/font-woff2 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://preprod.newsfulonline.com/wp-content/themes/newsful/fonts/roboto-v20-latin-700.woff2
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Request headers

Referer: https://preprod.newsfulonline.com/
Origin: https://preprod.newsfulonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:58 GMT
cf-cache-status: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 15816
x-rq: ams5 85 188 443
last-modified: Wed, 26 Jul 2023 14:55:50 GMT
server: cloudflare
etag: "64c133f6-3dc8"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 830b736d6a399176-FRA
expires: Wed, 04 Dec 2024 10:01:58 GMT

GET
H2 200 gnp.css
preprod.newsfulonline.com/wp-content/client-mu-plugins/galvanized-network-plugin/build/css/ 7 KB
2 KB 172ms
172ms Stylesheet
text/css 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://preprod.newsfulonline.com/wp-content/client-mu-plugins/galvanized-network-plugin/build/css/gnp.css?ver=be0288a77fa36dc8243c
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bbec2a33bfd3daa020a4e053d2538893a8204ea402eff0c7ec8c0c249813784

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:58 GMT
x-rq: ams5 85 187 443
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Nov 2023 11:22:22 GMT
server: cloudflare
etag: W/"65671eee-1bca"
vary: Accept-Encoding
x-cache: MISS
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 830b736d6a389176-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 04 Dec 2024 10:01:58 GMT

GET
H2 200 friends_coffee_hanging_out_social_cafe_happy.jpg
preprod.newsfulonline.com/wp-content/uploads/sites/8/2023/06/ 46 KB
46 KB 144ms
144ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://preprod.newsfulonline.com/wp-content/uploads/sites/8/2023/06/friends_coffee_hanging_out_social_cafe_happy.jpg?resize=684,500&quality=82&strip=all
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be2cdc98168fb7f49fe4f138d609cec30c80f0156f8832b91a930eead3caf88a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:58 GMT
x-rq: hhn1 109 139 443
cf-cache-status: MISS
last-modified: Tue, 05 Dec 2023 10:01:58 GMT
server: cloudflare
etag: "f2ea83e5c00e011c"
vary: Accept, Accept-Encoding
x-cache: MISS
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 830b736d6a3b9176-FRA
alt-svc: h3=":443"; ma=86400
content-length: 47366
expires: Wed, 04 Dec 2024 10:01:58 GMT

GET
H3 200 bundle.min.js Show response
preprod.newsfulonline.com/wp-content/themes/newsful/js/ 17 KB
7 KB 174ms
173ms Script
application/javascript 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://preprod.newsfulonline.com/wp-content/themes/newsful/js/bundle.min.js?ver=1701257866
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24b0f0dc3b7a47003f1ddbbeb91ffe05fb6be25dc8a965a5e99a115e9705643e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:58 GMT
x-rq: ams5 85 188 443
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Nov 2023 11:37:46 GMT
server: cloudflare
etag: W/"6567228a-43a3"
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 830b736e8bc53a43-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 04 Dec 2024 10:01:58 GMT

GET
H3 200 roboto-v20-latin-regular.woff2
preprod.newsfulonline.com/wp-content/themes/newsful/fonts/ 15 KB
16 KB 193ms
193ms Font
application/font-woff2 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://preprod.newsfulonline.com/wp-content/themes/newsful/fonts/roboto-v20-latin-regular.woff2
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Request headers

Referer: https://preprod.newsfulonline.com/
Origin: https://preprod.newsfulonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:58 GMT
cf-cache-status: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 15736
x-rq: ams5 85 187 443
last-modified: Wed, 26 Jul 2023 14:55:50 GMT
server: cloudflare
etag: "64c133f6-3d78"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 830b736e9bdc3a43-FRA
expires: Wed, 04 Dec 2024 10:01:58 GMT

GET
H3 200 roboto-v20-latin-900.woff2
preprod.newsfulonline.com/wp-content/themes/newsful/fonts/ 15 KB
16 KB 45ms
44ms Font
application/font-woff2 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://preprod.newsfulonline.com/wp-content/themes/newsful/fonts/roboto-v20-latin-900.woff2
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edcdf3f60252a5987bedc9c86b5422d972ba509bbbe60d58925310c744a33e28

Request headers

Referer: https://preprod.newsfulonline.com/
Origin: https://preprod.newsfulonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:58 GMT
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 15712
x-rq: ams5 85 188 443
last-modified: Wed, 26 Jul 2023 14:55:50 GMT
server: cloudflare
etag: "64c133f6-3d60"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 830b736e9bdd3a43-FRA
expires: Wed, 04 Dec 2024 10:01:58 GMT

GET
H3 200 roboto-v20-latin-300.woff2
preprod.newsfulonline.com/wp-content/themes/newsful/fonts/ 15 KB
16 KB 51ms
51ms Font
application/font-woff2 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://preprod.newsfulonline.com/wp-content/themes/newsful/fonts/roboto-v20-latin-300.woff2
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1

Request headers

Referer: https://preprod.newsfulonline.com/
Origin: https://preprod.newsfulonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:58 GMT
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 15784
x-rq: ams5 85 188 443
last-modified: Wed, 26 Jul 2023 14:55:50 GMT
server: cloudflare
etag: "64c133f6-3da8"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 830b736e9bde3a43-FRA
expires: Wed, 04 Dec 2024 10:01:58 GMT

GET
H3 200 roboto-v20-latin-500.woff2
preprod.newsfulonline.com/wp-content/themes/newsful/fonts/ 16 KB
16 KB 52ms
52ms Font
application/font-woff2 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://preprod.newsfulonline.com/wp-content/themes/newsful/fonts/roboto-v20-latin-500.woff2
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Request headers

Referer: https://preprod.newsfulonline.com/
Origin: https://preprod.newsfulonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:58 GMT
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 15872
x-rq: ams5 85 187 443
last-modified: Wed, 26 Jul 2023 14:55:50 GMT
server: cloudflare
etag: "64c133f6-3e00"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 830b736e9bdf3a43-FRA
expires: Wed, 04 Dec 2024 10:01:58 GMT

GET
DATA 200
OK truncated
/ 71 B
71 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a239a5a2f7ee0b85166d76b4f29110491bd210f34b3f686c4999edb715a8fa23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
71 B Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7a5dd920caef2e233583f75b428e137c4dfcdc55fa0a083e0ebe9200eb8b98a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 mature-woman-sad-lonely-depressed-sofa-home-depression-pain-coffee.jpg
preprod.newsfulonline.com/wp-content/uploads/sites/8/2023/11/ 2 KB
3 KB 94ms
94ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://preprod.newsfulonline.com/wp-content/uploads/sites/8/2023/11/mature-woman-sad-lonely-depressed-sofa-home-depression-pain-coffee.jpg?resize=167,122&quality=82&strip=all
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fed40a9c4ae330e37bc0f60a2a6e12ed5ca3bd9f844ab6979214691a10394724

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
x-rq: ams5 109 144 443
cf-cache-status: MISS
last-modified: Tue, 05 Dec 2023 10:01:59 GMT
server: cloudflare
etag: "f0ad4eb588711418"
vary: Accept, Accept-Encoding
x-cache: MISS
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 830b736fad0a3a43-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2550
expires: Wed, 04 Dec 2024 10:01:59 GMT

GET
H3 200 shutterstock_529047166-2.jpg
preprod.newsfulonline.com/wp-content/uploads/sites/8/2023/11/ 5 KB
5 KB 89ms
88ms Image
image/jpeg 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://preprod.newsfulonline.com/wp-content/uploads/sites/8/2023/11/shutterstock_529047166-2.jpg?resize=167,122&quality=82&strip=all
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88a712e93b9c39b3a6b8adbd1842843e14c1893a562855fd9844c476aa835cbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
x-rq: ams5 109 140 443
cf-cache-status: MISS
last-modified: Tue, 05 Dec 2023 10:01:59 GMT
server: cloudflare
etag: "fae53efa47148595"
vary: Accept, Accept-Encoding
x-cache: MISS
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 830b736fad0c3a43-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4788
expires: Wed, 04 Dec 2024 10:01:59 GMT

GET
H3 200 elderly-man-phone.jpg
preprod.newsfulonline.com/wp-content/uploads/sites/8/2023/11/ 3 KB
3 KB 77ms
77ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://preprod.newsfulonline.com/wp-content/uploads/sites/8/2023/11/elderly-man-phone.jpg?resize=167,122&quality=82&strip=all
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef20960a7a050b822770e3ea68729a93868d6b74f85b8512917f7fbea25b6aa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
x-rq: ams5 109 139 443
cf-cache-status: MISS
last-modified: Tue, 05 Dec 2023 10:01:59 GMT
server: cloudflare
etag: "2da919072333becb"
vary: Accept, Accept-Encoding
x-cache: MISS
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 830b736fad0e3a43-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2784
expires: Wed, 04 Dec 2024 10:01:59 GMT

GET
H3 200 life-after-50.jpg
preprod.newsfulonline.com/wp-content/uploads/sites/8/2023/11/ 4 KB
4 KB 102ms
101ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://preprod.newsfulonline.com/wp-content/uploads/sites/8/2023/11/life-after-50.jpg?resize=167,122&quality=82&strip=all
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6b12fc7ef429821c6a28c3d68741bdbaa15dd6bf3a959873e9fea990df336be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
x-rq: hhn1 109 30 443
cf-cache-status: MISS
last-modified: Tue, 05 Dec 2023 10:01:59 GMT
server: cloudflare
etag: "f8588124195c2edf"
vary: Accept, Accept-Encoding
x-cache: MISS
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 830b736fad103a43-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4066
expires: Wed, 04 Dec 2024 10:01:59 GMT

GET
H3 200 elon-musk-2019.jpg
preprod.newsfulonline.com/wp-content/uploads/sites/8/2020/12/ 2 KB
3 KB 107ms
107ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://preprod.newsfulonline.com/wp-content/uploads/sites/8/2020/12/elon-musk-2019.jpg?resize=167,122&quality=82&strip=all
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 712fb5ace252a5514c7469a818fd145f5d1d011878f22eeecd59e9cb63811346

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
x-rq: hhn1 109 196 443
cf-cache-status: MISS
last-modified: Tue, 05 Dec 2023 10:01:59 GMT
server: cloudflare
etag: "23d2db2614c6ea53"
vary: Accept, Accept-Encoding
x-cache: MISS
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 830b736fad113a43-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2518
expires: Wed, 04 Dec 2024 10:01:59 GMT

GET
H3 200 heart-pain.jpg
preprod.newsfulonline.com/wp-content/uploads/sites/8/2023/10/ 4 KB
4 KB 89ms
89ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://preprod.newsfulonline.com/wp-content/uploads/sites/8/2023/10/heart-pain.jpg?resize=167,122&quality=82&strip=all
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b318c19002197ad05d31c35f6f3b03d810de198e6e033437e43d9904be3a335

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
x-rq: ams5 109 88 443
cf-cache-status: MISS
last-modified: Tue, 05 Dec 2023 10:01:59 GMT
server: cloudflare
etag: "6795c777dce3dc8f"
vary: Accept, Accept-Encoding
x-cache: MISS
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 830b736fad123a43-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3682
expires: Wed, 04 Dec 2024 10:01:59 GMT

GET
H3 200 kate_middleton_princess_prince_harry_royal_family.jpg
preprod.newsfulonline.com/wp-content/uploads/sites/8/2023/06/ 9 KB
10 KB 109ms
109ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://preprod.newsfulonline.com/wp-content/uploads/sites/8/2023/06/kate_middleton_princess_prince_harry_royal_family.jpg?resize=343,250&quality=82&strip=all
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff40305eb020033111bd9acfc5fa9e995dca90fff3b2f000d77f6be39c968461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
x-rq: ams5 109 139 443
cf-cache-status: MISS
last-modified: Tue, 05 Dec 2023 10:01:59 GMT
server: cloudflare
etag: "3fd81b62b2baf546"
vary: Accept, Accept-Encoding
x-cache: MISS
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 830b73709e233a43-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9540
expires: Wed, 04 Dec 2024 10:01:59 GMT

GET
H2 200 a-01ao.min.js Show response
b-code.liadm.com/ 47 KB
15 KB 112ms
7ms Script
application/javascript 2600:9000:225e:3a00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-01ao.min.js
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3a00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 549f825014ea41878b80f31861c1942b8d366a49d4b407818a3635fd0f182d73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:16:51 GMT
content-encoding: gzip
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 53108
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: XzdCLmXr0dIwu-1vLoMv9FzZ6Rd-fpfYQbWtMgfcXwmG8DNLs_5Sqg==

GET
H2 200 karma_revshare.bestlifeonline.com.js Show response
karma.mdpcdn.com/service/js-min/ 348 KB
109 KB 115ms
10ms Script
text/javascript 2600:9000:243d:9800:d:2820:3bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.bestlifeonline.com.js
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:243d:9800:d:2820:3bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a10c417a94b3776b47317c44067491bac17edabda9f0cf753ea8454f5645f591

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: A6lvV2vIgTe7fFI4W6cIcHEFzOWw0T83
content-encoding: gzip
via: 1.1 618574fc216bf970c81f33dca491e4b2.cloudfront.net (CloudFront)
date: Tue, 05 Dec 2023 09:57:50 GMT
last-modified: Tue, 15 Aug 2023 21:34:44 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
age: 250
etag: W/"a0beae4bdbced7d5e105ffd293350f34"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
x-amz-cf-id: ABd-8XAtu-lf42ZvwUlzbG253urUozQ0sjO5BPXjPHO6KLzBIAKSqw==

GET
H3 200 woman-painkiller-headache-pill-medicine-medication.jpg
preprod.newsfulonline.com/wp-content/uploads/sites/8/2023/11/ 9 KB
9 KB 93ms
93ms Image
image/webp 2606:4700::6812:1423
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://preprod.newsfulonline.com/wp-content/uploads/sites/8/2023/11/woman-painkiller-headache-pill-medicine-medication.jpg?resize=343,250&quality=82&strip=all
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1423 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1ccb620d245aabceb23fe6b709af9855dc9f213594d02d9ea45ee30728c7ee8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
x-rq: ams5 109 196 443
cf-cache-status: MISS
last-modified: Tue, 05 Dec 2023 10:01:59 GMT
server: cloudflare
etag: "473ab963d381a16a"
vary: Accept, Accept-Encoding
x-cache: MISS
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 830b73716f113a43-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9266
expires: Wed, 04 Dec 2024 10:01:59 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
30 KB 128ms
105ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.bestlifeonline.com.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

573a83eb22dc121ff1c5dabc9bc63653f4309917521d5a275e0ccf95b8c2d076

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29998
x-xss-protection: 0
server: cafe
etag: 743 / 19696 / m202311280101 / config-hash: 9069639121904637480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 10:01:59 GMT

GET
H2 200 segments Show response
d30qdagvt44524.cloudfront.net/production/ 15 B
373 B 438ms
382ms Script
text/javascript 2600:9000:2644:a800:19:bcbe:a700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30qdagvt44524.cloudfront.net/production/segments?muid=079cf1b0-a701-4f1f-b332-fcf2b8e6a6ae
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.bestlifeonline.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:a800:19:bcbe:a700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 727b3ff0c716fa8e38788e3dab83691b06edf37ca523b826f9ef67700021516b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
via: 1.1 e3f7f612cf7d05edb500a43ad2f70e96.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
x-amzn-trace-id: Root=1-656ef517-49b3b812532609635ed79aeb;Sampled=0;lineage=abd734a0:0
x-amzn-requestid: c7eeaea9-1c33-4ccd-b9b0-853a067a9b35
x-cache: Miss from cloudfront
content-type: text/javascript
x-amz-apigw-id: Pds7vHvDoAMEbpA=
content-length: 15
x-amz-cf-id: s9aixIC4dVtCp8dxB-7ZIxB3eTnIv9McT7ETU-E7EeQoRjjY1XOxoA==

GET
H2 404 revshare.newsfulonline.com.json Show response
karma.mdpcdn.com/configs/3.31/ 379 B
714 B 189ms
169ms XHR
text/html 2600:9000:243d:9800:d:2820:3bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://karma.mdpcdn.com/configs/3.31/revshare.newsfulonline.com.json
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.bestlifeonline.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:243d:9800:d:2820:3bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14a05259750434a978a8311f2a72e3c445e7ac36ca6b2f9599a61cff46d62605

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
via: 1.1 a74cf6cfc1ea8a64e3a2b04b4552c2d2.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: DUS51-P4
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-cache: Error from cloudfront
content-type: text/html; charset=utf-8
content-length: 379
x-amz-cf-id: zbqppgB_25uoNO7Lg5dzLe2BEk1R9_V_XOSLY7A8MQ7M_LLy6rq45w==

GET
H2 200 x.gif
d9jj3mjthpub.cloudfront.net/ 35 B
465 B 47ms
9ms Image
image/gif 2600:9000:243d:7600:11:e0c9:84c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9jj3mjthpub.cloudfront.net/x.gif?pulse=-1&v=l1.0.21&type=karma&globalTI_SID=079cf1b0-a701-4f1f-b332-fcf2b8e6a6ae&request_id=6cb6b3df-cf00-45e1-9b08-f0c3534bd49b&url=https%3A%2F%2Fpreprod.newsfulonline.com%2F&host=preprod.newsfulonline.com&ua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F119.0.6045.199%20safari%2F537.36&muuid_origin=newsfulonline.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:243d:7600:11:e0c9:84c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:12:05 GMT
via: 1.1 7965c3a45d2bf992e197c959a86e759c.cloudfront.net (CloudFront)
last-modified: Sun, 24 Feb 2019 04:40:26 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
age: 67795
etag: "28d6814f309ea289f847c69cf91194c6"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 35
x-amz-cf-id: GRbXZMw4NEhNZM3T2DXFjvzPavVFnNjLYbZZycCEbH8TuZ4ttlOpnw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
90 KB 46ms
24ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2LXF7R9QXQ

Requested by

Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

65cfda8c303a585f4efdd038f57364c716988674b08d081e086059aa2b4be1ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91635
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 10:01:59 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1701770519450&aid=a-01ao&se=e30&duid=b89f71c72b9a--01hgwptrs0hbn9qch35sbp6ahv&tna=v2.11.1&pu=https%3A%2F%2Fpreprod.newsfulonline.com%2F&wpn=lc-bundle&c=PHRpdGxlPk5ld3N...
https://rp4.liadm.com/j?se=e30&duid=b89f71c72b9a--01hgwptrs0hbn9qch35sbp6ahv&aid=a-01ao&tna=v2.11.1&dtstmp=1701770519450&n3pc=true&wpn=lc-bundle&i6=MmEwMTo0YTA6NWE6OjY%3D&pu=https%3A%2F%2Fpreprod.n...

13 B
318 B

450ms
92ms

XHR
application/json

3.215.46.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?se=e30&duid=b89f71c72b9a--01hgwptrs0hbn9qch35sbp6ahv&aid=a-01ao&tna=v2.11.1&dtstmp=1701770519450&n3pc=true&wpn=lc-bundle&i6=MmEwMTo0YTA6NWE6OjY%3D&pu=https%3A%2F%2Fpreprod.newsfulonline.com%2F&c=PHRpdGxlPk5ld3NmdWw8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJEaWdpdGFsIGRlc3RpbmF0aW9uIGZvciBzb3BoaXN0aWNhdGVkIG1lbiAmYW1wOyB3b21lbi4gTGl2ZSB5b3VyIGJlc3QgbGlmZSB3aXRoIGV4cGVydCB0aXBzIGFuZCBuZXdzIG9uIGhlYWx0aCwgZm9vZCwgc2V4LCByZWxhdGlvbnNoaXBzLCBmYXNoaW9uIGFuZCBsaWZlc3R5bGUuIj48aDE-CgkJCQkJCQkJPGEgY2xhc3M9InNpdGUtbG9nbyIgaHJlZj0iLyIgdGl0bGU9Ik5ld3NmdWwiPgoJCQkJCTxzdmcgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj4KCQkJCQkJPHVzZSB4bGluazpocmVmPSIjc3ZnLW5ld3NmdWwtbG9nbyI-PC91c2U-CgkJCQkJPC9zdmc-CgkJCQk8L2E-CgkJCQk8YSBocmVmPSIjbWFpbi1jb250ZW50IiBjbGFzcz0ic2tpcC10by1jb250ZW50X19idG4iPlNraXAgdG8KCQkJCQljb250ZW50PC9hPgoJCQkJCQkJPC9oMT4
Protocol: H2
Server: 3.215.46.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-46-21.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:02:00 GMT
x-pixel-event-id: b70cfdb7-b1ce-4077-88a7-50be56677722
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: null
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: https://rp4.liadm.com/j?se=e30&duid=b89f71c72b9a--01hgwptrs0hbn9qch35sbp6ahv&aid=a-01ao&tna=v2.11.1&dtstmp=1701770519450&n3pc=true&wpn=lc-bundle&i6=MmEwMTo0YTA6NWE6OjY%3D&pu=https%3A%2F%2Fpreprod.newsfulonline.com%2F&c=PHRpdGxlPk5ld3NmdWw8L3RpdGxlPjxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJEaWdpdGFsIGRlc3RpbmF0aW9uIGZvciBzb3BoaXN0aWNhdGVkIG1lbiAmYW1wOyB3b21lbi4gTGl2ZSB5b3VyIGJlc3QgbGlmZSB3aXRoIGV4cGVydCB0aXBzIGFuZCBuZXdzIG9uIGhlYWx0aCwgZm9vZCwgc2V4LCByZWxhdGlvbnNoaXBzLCBmYXNoaW9uIGFuZCBsaWZlc3R5bGUuIj48aDE-CgkJCQkJCQkJPGEgY2xhc3M9InNpdGUtbG9nbyIgaHJlZj0iLyIgdGl0bGU9Ik5ld3NmdWwiPgoJCQkJCTxzdmcgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj4KCQkJCQkJPHVzZSB4bGluazpocmVmPSIjc3ZnLW5ld3NmdWwtbG9nbyI-PC91c2U-CgkJCQkJPC9zdmc-CgkJCQk8L2E-CgkJCQk8YSBocmVmPSIjbWFpbi1jb250ZW50IiBjbGFzcz0ic2tpcC10by1jb250ZW50X19idG4iPlNraXAgdG8KCQkJCQljb250ZW50PC9hPgoJCQkJCQkJPC9oMT4
access-control-allow-origin: https://preprod.newsfulonline.com
date: Tue, 05 Dec 2023 10:01:59 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

POST
H2 204 collect
region1.google-analytics.com/g/ 0
261 B 35ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2LXF7R9QXQ&gtm=45je3bt0v9108102760&_p=1701770518803&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1058526476.1701770519&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701770519&sct=1&seg=0&dl=https%3A%2F%2Fpreprod.newsfulonline.com%2F&dt=Newsful&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1042
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2LXF7R9QXQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 10:01:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://preprod.newsfulonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lightbox_inline.js Show response
www.lightboxcdn.com/vendor/7ff8b1cd-1d19-446f-83fc-08706559ea09/ 2 KB
2 KB 684ms
655ms Script
application/javascript 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/7ff8b1cd-1d19-446f-83fc-08706559ea09/lightbox_inline.js?mb=1701770519507
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c70f41e287e47831e949a5d5ddcd7511fd8ac2b7328f230ed1c60b7b233e15ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 05 Dec 2023 10:02:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 15 Jun 2022 07:45:19 GMT
server: cloudflare
content-md5: FBJEt5YGu86WgMIGAZuibA==
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 5a71efb7-101e-0034-1462-27b798000000
x-ms-version: 2009-09-19
cf-ray: 830b73731cd2bb50-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/ 432 KB
135 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e071e5b39d13cef80f7a46d854de133fd73c15d1351ebcf7e1f1b48821e7aeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:01:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50416
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138259
x-xss-protection: 0
server: cafe
etag: 16445146976575771301
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 03 Dec 2024 20:01:43 GMT

GET
H2 200 ddm.default.com.json Show response
karma.mdpcdn.com/configs/3.31/ 3 KB
2 KB 183ms
183ms XHR
application/json 2600:9000:243d:9800:d:2820:3bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://karma.mdpcdn.com/configs/3.31/ddm.default.com.json
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.bestlifeonline.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:243d:9800:d:2820:3bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0065487ea428aeaf405da8124177d30862545ea4ee7c9748184b7d061eb569c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:02:00 GMT
x-amz-version-id: rSHPgmifisxKopw75BPNH9ZJmENCkyU6
content-encoding: gzip
via: 1.1 a74cf6cfc1ea8a64e3a2b04b4552c2d2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
x-cache: Miss from cloudfront
last-modified: Mon, 01 Aug 2022 19:43:59 GMT
server: AmazonS3
etag: W/"cdcab59f85090e002718bea92e0d81d1"
access-control-max-age: 3600
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
vary: Accept-Encoding,Origin
x-amz-cf-id: a1MRVaIXCLRoA8-3wyQCohBrmKV_m63eAgynIe2kHf_Wae1yz_7XPA==

GET
H2 200 184003-52190608802424.js Show response
js-sec.indexww.com/ht/p/ 33 KB
11 KB 61ms
39ms Script
text/javascript 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.bestlifeonline.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d9d5eece457526daaa86628d0f7cdced3695a3c0ed22a8f0db5803313d0c68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 05 Dec 2023 09:40:55 GMT
server: cloudflare
age: 1080
etag: W/"762431-8569-60bc007f6aa35"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 830b73748bf62c1a-FRA
expires: Tue, 05 Dec 2023 14:01:59 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 267 KB
65 KB 42ms
7ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_revshare.bestlifeonline.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:50:19 GMT
content-encoding: gzip
via: 1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront), 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 20:18:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 701
x-amz-server-side-encryption: AES256
etag: W/"2d08dd94de483579c1dc3f3783c06f6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: _CLj3BA6_i6SpJEA9j5ikMenHTTUfDbVIXLJy_msbkCP5MFw-voXAA==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 42ms
7ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 17:41:49 GMT
content-encoding: gzip
age: 1009210
x-guploader-uploadid: ABPtcPomD9PwI-x1w_qV94tV1ozSRGR8ZeUKPfmAcHMXugM_rapxZCGwrYNwQRfVOUUs3oMWA37p8xfLMlvY-C9eeSMu
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Fri, 22 Nov 2024 17:41:49 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 45ms
17ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 06 Dec 2023 10:01:59 GMT

GET
H2 200 3446 Show response
config.aps.amazon-adsystem.com/configs/ 505 B
773 B 40ms
10ms Script
application/javascript 99.86.4.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3446
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-30.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1b3bf5c40c29bcfe5897a85f57f59803d6075f8ef3cece0e489ed50ee5e47bc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:07:37 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 3262
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 505
x-amz-cf-id: okS5EDdyIBH_zrI8ZwVg2klUd6DAr6_UqubZkUAYONfxWCOYLB5-FQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 792 B
1 KB 100ms
100ms XHR
application/json 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3446&u=https%3A%2F%2Fpreprod.newsfulonline.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: adfe6a81b9a03cb3714fd043c599e8fefe4a361ec3bda7420df87c5f2db92443

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
via: 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://preprod.newsfulonline.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 792
x-amz-cf-id: JTjGRSG_gkJEr5xQ2hR0RPAY8Ki0QhVoK2KdOdiD5AKMlbkgcemRaQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 792 B
1 KB 100ms
100ms XHR
application/json 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3446&u=https%3A%2F%2Fpreprod.newsfulonline.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: adfe6a81b9a03cb3714fd043c599e8fefe4a361ec3bda7420df87c5f2db92443

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
via: 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://preprod.newsfulonline.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 792
x-amz-cf-id: oDhbVjEAnd12Xlo1h5Cr1fDjvsOUHYI4WOdgeJ-aA_WT7ztM583ZtA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
512 B 167ms
112ms XHR
text/javascript 108.157.7.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3446&u=https%3A%2F%2Fpreprod.newsfulonline.com%2F&pid=9vZAL8ncdvIyn&cb=0&ws=1600x1200&v=23.1108.2350&t=1250&slots=%5B%7B%22sd%22%3A%22div-gpt-leaderboard-flex-1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%223865%2Frevshare.newsfulonline.com%2Ftier1%2Ftaxonomy%2Fdiv-gpt-leaderboard-flex-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-square-fixed-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%223865%2Frevshare.newsfulonline.com%2Ftier1%2Ftaxonomy%2Fdiv-gpt-square-fixed-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-leaderboard-fixed-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%223865%2Frevshare.newsfulonline.com%2Ftier2%2Ftaxonomy%2Fdiv-gpt-leaderboard-fixed-2%22%7D%5D&pj=%7B%22aps_privacy%22%3A%221--%22%2C%22si_pagegroup%22%3A%22homepage%22%2C%22adRefresh%22%3A0%7D&schain=1.0%2C1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.7.228 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-7-228.dus51.r.cloudfront.net

Software

Server /

Resource Hash

159bd804f3a207ce59088ef63f186ba5b3d906d5245b7bfa882a6a6c3f6a9314

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 3ac8e795602d9d156b63546d3d0aaad0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-P2
x-amz-rid: 45Y13XWEH5CQT3PMTSPA
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://preprod.newsfulonline.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: mqbZTRZdNJFBjKMiumjrD0bQr_Ma5nBn86OGn95CkJP2NsfSuKZjXg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 406ms
393ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:02:01 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: selpnm91qxN64lTU7OMWPMTg8v_s2kR-fz1mV0yzMZDNq134I-ybwg==

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
358 B 48ms
16ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://preprod.newsfulonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://preprod.newsfulonline.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
429 B 96ms
30ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184003
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e96ae15728bb1a572684d632b7db42ba1c1b669d76a7b826f671b2d5b218e0c6

Request headers

Referer: https://preprod.newsfulonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://preprod.newsfulonline.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Thu, 04 Jan 2024 10:01:59 GMT

GET
H2 403 / Show response
id.sv.rkdms.com/identity/ 72 B
238 B 304ms
103ms XHR
application/json 54.175.2.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=MEREDITH&sv_domain=preprod.newsfulonline.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.2.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-2-45.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 6851edc0fca6eb99fa5fa083c37055fb96b62567bcd4730305e755e4cc0ab82a

Request headers

Referer: https://preprod.newsfulonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://preprod.newsfulonline.com
date: Tue, 05 Dec 2023 10:02:00 GMT
access-control-allow-credentials: true
server: awselb/2.0
content-length: 72
vary: Accept-Encoding
content-type: application/json

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fpreprod.newsfulonline.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fpreprod.newsfulonline.com%2F&rid=esp&cc=1

85 B
194 B

120ms
119ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fpreprod.newsfulonline.com%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 533c58846f4e01dded8ff368531d4933c7fa2c15bb81c02c967b5dd3edf21609

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:02:00 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-ZmS6TMxN806Z1UD7wmb52HQkNG0"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://preprod.newsfulonline.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Tue, 05 Dec 2023 10:01:59 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://preprod.newsfulonline.com
location: /esp?url=https%3A%2F%2Fpreprod.newsfulonline.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D804 15 KB
6 KB 40ms
14ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=preprod.newsfulonline.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://preprod.newsfulonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 10:01:59 GMT
server: Kestrel
server-processing-duration-in-ticks: 425135
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2

200

sid Show response
mug.criteo.com/ Frame D804
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=newsfulonline.com&sn=ChromeSyncframe&so=0&topUrl=preprod.newsfulonline.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=E_gRVHxCYk9WZmpkUXd3Um0xTnhIdTkyMm1jS0gxZUR3QXM2UkpZcFlVeDFOaENrTjR3YXpzbEdoTittdDFMUFZWWkxGSnBCSGtvTXVnSDdMRzU3WkV0d2VJUkJvRThIM0svTXVpYjk1dzFtNW51UFM0Ulc5V0ZBUVRlcm...

452 B
672 B

15ms
14ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=E_gRVHxCYk9WZmpkUXd3Um0xTnhIdTkyMm1jS0gxZUR3QXM2UkpZcFlVeDFOaENrTjR3YXpzbEdoTittdDFMUFZWWkxGSnBCSGtvTXVnSDdMRzU3WkV0d2VJUkJvRThIM0svTXVpYjk1dzFtNW51UFM0Ulc5V0ZBUVRlcm9HQkcyRithSm9lWGJCRTk1K2M5dmE5RWJTVk15cU8zTW5HMEljLzNKM1g1YmNGMTVWZ2FwU3BkcVpwY3dqeVJuNVZzSlY0bTk2bkV2eTFIalBwZEVLVGNGSVNaRTNsdUwzUW05N3ZucWZuZSs4YVNtQ3pkeDhYY1pMZkQ3b3RGaW5MUXlSUXpZL1VoV2EzT1NEbThSTEJmNVB5U2ZiZz09fA&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6a640deb7b3fa2e154983c543c39cfa802c742fcd2c64c8cc0f2c85e392a6ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 10:01:59 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1100817
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 10:01:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=E_gRVHxCYk9WZmpkUXd3Um0xTnhIdTkyMm1jS0gxZUR3QXM2UkpZcFlVeDFOaENrTjR3YXpzbEdoTittdDFMUFZWWkxGSnBCSGtvTXVnSDdMRzU3WkV0d2VJUkJvRThIM0svTXVpYjk1dzFtNW51UFM0Ulc5V0ZBUVRlcm9HQkcyRithSm9lWGJCRTk1K2M5dmE5RWJTVk15cU8zTW5HMEljLzNKM1g1YmNGMTVWZ2FwU3BkcVpwY3dqeVJuNVZzSlY0bTk2bkV2eTFIalBwZEVLVGNGSVNaRTNsdUwzUW05N3ZucWZuZSs4YVNtQ3pkeDhYY1pMZkQ3b3RGaW5MUXlSUXpZL1VoV2EzT1NEbThSTEJmNVB5U2ZiZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 291599
content-length: 0
expires: 0

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 53ms
7ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Tue, 05 Dec 2023 10:16:59 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 151 KB
33 KB 43ms
19ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 11:19:25 GMT
server: cloudflare
x-amz-request-id: RS37KPK8ZDSVZ6J3
age: 2947
etag: W/"53159e4ae3ffbda2ff6c0204350035be"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 830b73759bbd368c-FRA
x-amz-id-2: PoleiHBWyTevZwP2w/5sAJ1JamikLunfbnjH0XU9xksPH8cV6IZUnFRGXarBkJwcOXKiTTjAFuFsq4mU4aTm5g==

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 335ms
90ms Preflight 18.214.70.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.70.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-70-73.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://preprod.newsfulonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Tue, 05 Dec 2023 10:02:00 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
128 B 91ms
91ms XHR
text/plain 18.214.70.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.70.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-70-73.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://preprod.newsfulonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 05 Dec 2023 10:02:00 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 3446 Show response
config.aps.amazon-adsystem.com/configs/ 505 B
770 B 7ms
6ms Script
application/javascript 99.86.4.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3446
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-30.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1b3bf5c40c29bcfe5897a85f57f59803d6075f8ef3cece0e489ed50ee5e47bc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:07:37 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 3262
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 505
x-amz-cf-id: VYxUT1Y0Dv5f2uaj4ib6w6cXnBYlx4ePxM_LBt6zN_3zk-Ot7QJmGw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 792 B
1 KB 8ms
8ms XHR
application/json 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3446&u=https%3A%2F%2Fpreprod.newsfulonline.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: adfe6a81b9a03cb3714fd043c599e8fefe4a361ec3bda7420df87c5f2db92443

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:01:59 GMT
via: 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://preprod.newsfulonline.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 792
x-amz-cf-id: phAx5gItB0ulj4E3mkUp_sQA1rlGEKvqcMItHPV3h9KLn1I0_H-ixg==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 154 KB
21 KB 738ms
738ms Fetch
text/plain 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=901760063694106&correlator=2057896008775486&eid=31077978%2C31078986%2C31079792%2C31079527%2C21065724&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fifs&iu_parts=3865%2Crevshare.newsfulonline.com%2Ctier1%2Ctaxonomy%2Chomepage%2Ctier2&enc_prev_ius=0%2F1%2F2%2F3%2F4%2C0%2F1%2F2%2F3%2F4%2C0%2F1%2F5%2F3%2F4%2C0%2F1%2F2%2F3%2F4%2C0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x90%7C970x250%2C300x250%7C299x251%2C728x90%2C1x1%2C1x1&ifi=1&sfv=1-0-40&ists=3&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701770520008&lmt=1701767548&adxs=436%2C990%2C436%2C0%2C0&adys=219%2C1243%2C1606%2C2062%2C2062&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&bz=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fpreprod.newsfulonline.com%2F&vis=1&psz=728x0%7C300x250%7C1600x144%7C1600x2061%7C1600x2061&msz=728x0%7C300x250%7C1600x0%7C1600x0%7C1600x0&fws=0%2C512%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1058526476.1701770519&ga_sid=1701770520&ga_hid=1785220207&ga_fc=true&a3p=Eh0KDmVzcC5jcml0ZW8uY29tGNrJtcvDMUgAUgIIZBIUCgVvcGVueBjZybXLwzFIAFICCGQ.&dlt=1701770518618&idt=924&ppid=079cf1b0-a701-4f1f-b332-fcf2b8e6a6ae&prev_scp=slot%3Dleaderboard-flex-1%26refreshType%3Dhard%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26bz%3D000%26bzr%3D0%7Cslot%3Dsquare-fixed-1%26refreshType%3Dhard%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26bz%3D000%26bzr%3D0%7Cslot%3Dleaderboard-fixed-2%26refreshType%3Dhard%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26bz%3D000%26bzr%3D0%7Cslot%3Dinterstitial%26refreshType%3Dhard%7Cslot%3Dwallpaper%26refreshType%3Dhard&cust_params=path%3D%26id%3Dhome-preprod.newsfulonline.com%26type%3Dtaxonomy%26channel%3Dhomepage%26pv%3D1%26otabc%3D0%26amznbid%3D0%26amznp%3D0%26muid%3D079cf1b0-a701-4f1f-b332-fcf2b8e6a6ae%26mrid%3D6cb6b3df-cf00-45e1-9b08-f0c3534bd49b%26dockedleaderboard%3Dfalse%26dockedrail%3Dtrue&adks=1017418404%2C2361225078%2C1968578962%2C1931940631%2C368918893&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e62a4de3b32fea316f4a4f5cf461e662e11c8e15e0afbfd4f86b2ffbf8f24b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:02:00 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21947
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://preprod.newsfulonline.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 78ms
58ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311280101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b23699abce9f39fbb3149dba2421b8548cb4c788080893863a3437aaeb838276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:02:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12213
x-xss-protection: 0

GET
H2 200 container.html Show response
a716b4ec658622215c5d0f33196626df.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 62C1 6 KB
3 KB 78ms
43ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a716b4ec658622215c5d0f33196626df.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://preprod.newsfulonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 10:02:00 GMT
expires: Wed, 04 Dec 2024 10:02:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 10 KB
4 KB 22ms
8ms Script
application/javascript 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-53.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63a03df903030d78749fa647494b5c18c248cd464a95eb768e972278d885f9df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:41:00 GMT
content-encoding: gzip
via: 1.1 14b30c40b56ef4c9699e1ca92d5cdc08.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 11:54:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 76861
etag: W/"96bc3a581f40e4dbb6739b063c8dcb9b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: xy9f29GBqey7QqrrIx-g41WjuVjuaHLCWfFdZ96WBX5oxZbaBpgYzw==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 151 KB
33 KB 24ms
24ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:02:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 11:19:25 GMT
server: cloudflare
x-amz-request-id: RS37KPK8ZDSVZ6J3
age: 2948
etag: W/"53159e4ae3ffbda2ff6c0204350035be"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 830b73762c85368c-FRA
x-amz-id-2: PoleiHBWyTevZwP2w/5sAJ1JamikLunfbnjH0XU9xksPH8cV6IZUnFRGXarBkJwcOXKiTTjAFuFsq4mU4aTm5g==

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 8ms
7ms Image
text/plain 18.245.60.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=22434406&cs_it=b9&cv=4.4.0%2B2311211132&ns__t=1701770520044&ns_c=UTF-8&cs_cfg=100&c7=https%3A%2F%2Fpreprod.newsfulonline.com%2F&c8=Newsful&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-53.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:02:00 GMT
via: 1.1 14b30c40b56ef4c9699e1ca92d5cdc08.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-amz-cf-id: VYRTFZumu7c1uywUBEQB6o7nUmZybFthfWNol-vX8iU-ilS7kG5odA==
x-cache: Miss from cloudfront

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame AE82 0
167 B 42ms
16ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://preprod.newsfulonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Tue, 05 Dec 2023 10:02:00 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 74ms
54ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:02:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 10:02:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DF48 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://preprod.newsfulonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 43291
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 22:00:29 GMT
expires: Tue, 03 Dec 2024 22:00:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 140F 829 B
1 KB 37ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5824a039c1a433bcd040fec539d3196cf9e93169e1be4ae6f31a1e2a844d16f7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5Sblqg4ZA-KtXkEvm6uiiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://preprod.newsfulonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-5Sblqg4ZA-KtXkEvm6uiiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 10:02:00 GMT
expires: Tue, 05 Dec 2023 10:02:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame DF48 39 KB
15 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 21:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 21:09:52 GMT

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/7ff8b1cd-1d19-446f-83fc-08706559ea09/ Frame C5FC 501 B
425 B 18ms
18ms Script
application/javascript 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/7ff8b1cd-1d19-446f-83fc-08706559ea09/lightbox.js?mb=1701770520193&lv=1
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 32dec6184ec343965f996516c958afa111aa3056e5d7385102eb1d61df25fb16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:02:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 05 Dec 2023 09:55:38 GMT
server: cloudflare
age: 382
cf-polished: origSize=510
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 830b73774839bb50-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 113 KB
44 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KXF2SKZ

Requested by

Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91472283596a63b5944f2141856fe10d555ba5a2f41a23ba7ad4a8b246b54716

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:02:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44454
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Dec 2023 10:02:00 GMT

GET
H/1.1 403
Forbidden keywee.min.js
dc8xl0ndzn2cb.cloudfront.net/js/bestlifeonline/v0/ 0
0 52ms
7ms Script
text/html 65.9.7.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dc8xl0ndzn2cb.cloudfront.net/js/bestlifeonline/v0/keywee.min.js
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.65 Hollywood, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-65.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/7ff8b1cd-1d19-446f-83fc-08706559ea09/ Frame C5FC 706 KB
144 KB 28ms
28ms Script
application/javascript 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/7ff8b1cd-1d19-446f-83fc-08706559ea09/user.js?cb=638370122416624100
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/7ff8b1cd-1d19-446f-83fc-08706559ea09/lightbox.js?mb=1701770520193&lv=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 956a243efde51c11758094189afe270cdc8bb79440e57f27874eecd06aa6663f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 05 Dec 2023 10:02:00 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: cNo+EYpNVxQnPn9S9Hs7Nw==
age: 354521
cf-polished: origSize=1196319
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 15 Jun 2022 07:45:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 544bdf19-801e-005c-7c28-24e9c9000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 830b73776855bb50-FRA
expires: Wed, 04 Dec 2024 10:02:00 GMT

GET
H/1.1 200
OK a-01ao Show response
i.liadm.com/s/c/ Frame BD1F 1 KB
1 KB 409ms
121ms Document
text/html 34.193.112.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-01ao?duid=b89f71c72b9a--01hgwptrs0hbn9qch35sbp6ahv&euns=0&s=&version=v2.11.1&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01ao.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.112.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-112-155.compute-1.amazonaws.com

Software

Resource Hash

6bad0c86f55d527effec0de21b34807579d5d9aa466da242281e9593f65b394a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://preprod.newsfulonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 685
Content-Type: text/html; charset=UTF-8
Date: Tue, 05 Dec 2023 10:02:00 GMT
Request-Time: 29
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 140F 0
0 41ms
41ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311280101&jk=901760063694106&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 19ms
18ms Stylesheet
text/css 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637908759194514824
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/7ff8b1cd-1d19-446f-83fc-08706559ea09/user.js?cb=638370122416624100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 05 Dec 2023 10:02:00 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 105271
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: 55127599-e01e-004c-74eb-15df2f000000
cache-control: public, max-age=2678400
x-ms-version: 2009-09-19
cf-ray: 830b7377f8d6bb50-FRA
expires: Fri, 05 Jan 2024 10:02:00 GMT

GET
H2 200 z Show response
lightboxapi.azurewebsites.net/z9gd/42151/preprod.newsfulonline.com/jsonp/ 590 B
1 KB 867ms
544ms Script
application/javascript 20.40.202.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi.azurewebsites.net/z9gd/42151/preprod.newsfulonline.com/jsonp/z?cb=1701770520311&callback=jQuery17106876174886992341_1701770520303&_=1701770520311
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/7ff8b1cd-1d19-446f-83fc-08706559ea09/user.js?cb=638370122416624100
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e139cf97e26532c11b6dd08ab17ac35d709bdb777d93e06a2178ba4b925d74d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:02:00 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
258 B 17ms
17ms Image
image/gif 2606:4700::6813:d483
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1701770520307&h=preprod.newsfulonline.com&e=p&u=42151
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 05 Dec 2023 10:02:00 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 442184
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: c03d3046-601e-0030-745c-23421a000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 830b7377f8dcbb50-FRA

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DF48 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BPIBAg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:02:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET atrk.js
d31qbv1cthcecs.cloudfront.net/ 0
0

GET
H2 410 6691.js
script.crazyegg.com/pages/scripts/0031/ 0
0 41ms
21ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0031/6691.js?472714
Requested by: Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:02:00 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Dec 2023 03:39:57 GMT
server: cloudflare
age: 22923
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 830b73795991bbcd-FRA
content-length: 0

GET
H2

451

501709.gif
idsync.rlcdn.com/ Frame BD1F
Redirect Chain

https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=5ad094f0-c9ee-42f8-8244-4219f4a83790
https://p.rfihub.com/cm?pub=39342&in=1&userid=4cfa9a0d-1d04-4f82-bd5c-6d27e34ae838%3A1701770520.8170073&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D4cfa9a0d-1d04-4f82-bd5c-6d27e34...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433831390951278&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D4cfa9a0d-1d04-4f82-bd...
https://idsync.rlcdn.com/501709.gif?partner_uid=4cfa9a0d-1d04-4f82-bd5c-6d27e34ae838%3A1701770520.8170073&_=1701770520.8191793

0
98 B

38ms
17ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=4cfa9a0d-1d04-4f82-bd5c-6d27e34ae838%3A1701770520.8170073&_=1701770520.8191793
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01ao?duid=b89f71c72b9a--01hgwptrs0hbn9qch35sbp6ahv&euns=0&s=&version=v2.11.1&
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:02:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Tue, 05 Dec 2023 10:02:01 GMT
via: 1.1 818fd5af033e15165f0e7cde0c631ba6.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: DUS51-P3
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=4cfa9a0d-1d04-4f82-bd5c-6d27e34ae838%3A1701770520.8170073&_=1701770520.8191793
content-length: 447
x-amz-cf-id: hUxJWXvDnJF_8WZqSkUG5ZSWaUYJYmOyTD4Vm7WylztTom0jK8sIfQ==

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame BD1F 70 B
148 B 30ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01ao?duid=b89f71c72b9a--01hgwptrs0hbn9qch35sbp6ahv&euns=0&s=&version=v2.11.1&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:02:00 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame BD1F
Redirect Chain

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=5ad094f0-c9ee-42f8-8244-4219f4a83790
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=5ad094f0-c9ee-42f8-8244-4219f4a83790&rd=Y

43 B
593 B

151ms
151ms

Image
image/gif

69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=5ad094f0-c9ee-42f8-8244-4219f4a83790&rd=Y

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01ao?duid=b89f71c72b9a--01hgwptrs0hbn9qch35sbp6ahv&euns=0&s=&version=v2.11.1&

Protocol

Server

69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-160-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 10:02:01 GMT
pragma: no-cache
date: Tue, 05 Dec 2023 10:02:01 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=5ad094f0-c9ee-42f8-8244-4219f4a83790&rd=Y
pragma: no-cache
date: Tue, 05 Dec 2023 10:02:00 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Tue, 05 Dec 2023 10:02:00 GMT

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame BD1F
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ddC30Hf_h0UvsMqo20cp0DVrmjT0HxTh_drFww
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=5ad094f0-c9ee-42f8-8244-4219f4a83790
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=5ad094f0-c9ee-42f8-8244-4219f4a83790

42 B
717 B

33ms
32ms

Image
image/gif

52.19.222.237
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=5ad094f0-c9ee-42f8-8244-4219f4a83790

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01ao?duid=b89f71c72b9a--01hgwptrs0hbn9qch35sbp6ahv&euns=0&s=&version=v2.11.1&

Protocol

Server

52.19.222.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-222-237.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-037a2ac12.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Tue, 05 Dec 2023 10:02:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: G3iyuSLQRxA=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-072f93fba.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Tue, 05 Dec 2023 10:02:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: epbgB3y5TIE=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=5ad094f0-c9ee-42f8-8244-4219f4a83790
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

img
sync.mathtag.com/sync/ Frame BD1F
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7894285545824005308
https://sync.mathtag.com/sync/img?mt_exid=36&5ad094f0-c9ee-42f8-8244-4219f4a83790

43 B
600 B

58ms
15ms

Image
image/gif

185.29.134.244
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=36&5ad094f0-c9ee-42f8-8244-4219f4a83790
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01ao?duid=b89f71c72b9a--01hgwptrs0hbn9qch35sbp6ahv&euns=0&s=&version=v2.11.1&
Protocol: HTTP/1.1
Server: 185.29.134.244 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 851 9bd98ae master cdg-pixel-x9 config_version:"unknown" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 10:02:01 GMT
Server: MT3 851 9bd98ae master cdg-pixel-x9 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
x-status: O1
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Tue, 05 Dec 2023 10:02:00 GMT

Redirect headers

Location: https://sync.mathtag.com/sync/img?mt_exid=36&5ad094f0-c9ee-42f8-8244-4219f4a83790
Date: Tue, 05 Dec 2023 10:02:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H2 200 sync
x.bidswitch.net/ Frame BD1F 43 B
146 B 28ms
7ms Image
image/gif 18.159.232.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=liveintent&user_id=5ad094f0-c9ee-42f8-8244-4219f4a83790
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01ao?duid=b89f71c72b9a--01hgwptrs0hbn9qch35sbp6ahv&euns=0&s=&version=v2.11.1&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.232.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-232-130.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:02:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

syncd
x.bidswitch.net/ Frame BD1F
Redirect Chain

https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=
https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=5ad094f0-c9ee-42f8-8244-4219f4a83790&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D

43 B
145 B

9ms
9ms

Image
image/gif

18.159.232.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=5ad094f0-c9ee-42f8-8244-4219f4a83790&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01ao?duid=b89f71c72b9a--01hgwptrs0hbn9qch35sbp6ahv&euns=0&s=&version=v2.11.1&
Protocol: H2
Server: 18.159.232.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-232-130.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 10:02:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

Location: https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=5ad094f0-c9ee-42f8-8244-4219f4a83790&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D
Date: Tue, 05 Dec 2023 10:02:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 09A0 196 KB
55 KB 73ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 29 Nov 2023 17:10:37 GMT
age: 492683
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Nov 2024 17:10:37 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 09A0 15 KB
6 KB 61ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Dec 2023 10:01:50 GMT
age: 10
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Dec 2024 10:01:50 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 09A0 95 KB
29 KB 64ms
11ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 02 Dec 2023 01:47:30 GMT
age: 288870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 01 Dec 2024 01:47:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 09A0 5 KB
2 KB 63ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Dec 2023 00:35:33 GMT
age: 33987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Dec 2024 00:35:33 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 09A0 40 KB
13 KB 69ms
16ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Dec 2023 08:47:06 GMT
age: 4494
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Dec 2024 08:47:06 GMT

GET
DATA 200
OK truncated
/ Frame 09A0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8975accf51b6920f2dd231b572e7e3d1e6edbf8b5849a5abc20eeb2488be1d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 17301731608001318283
tpc.googlesyndication.com/daca_images/simgad/ Frame 09A0 139 KB
139 KB 12ms
11ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/17301731608001318283

Requested by

Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0547bee553b583689610f7e8f83d91d6969757685140867342d3db101a651e4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 08:00:40 GMT
x-content-type-options: nosniff
age: 93680
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142673
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 20:13:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Dec 2024 08:00:40 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 09A0 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 11:53:15 GMT
x-content-type-options: nosniff
server: cafe
age: 79725
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 05 Dec 2023 11:53:15 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 09A0 295 B
319 B 9ms
9ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:24:32 GMT
x-content-type-options: nosniff
server: cafe
age: 59848
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 05 Dec 2023 17:24:32 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 21A2 196 KB
55 KB 75ms
35ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 29 Nov 2023 17:10:37 GMT
age: 492683
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Nov 2024 17:10:37 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 21A2 15 KB
5 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Dec 2023 10:01:50 GMT
age: 10
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Dec 2024 10:01:50 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 21A2 95 KB
28 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 02 Dec 2023 01:47:30 GMT
age: 288870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 01 Dec 2024 01:47:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 21A2 5 KB
2 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Dec 2023 00:35:33 GMT
age: 33987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Dec 2024 00:35:33 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 21A2 40 KB
13 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Dec 2023 08:47:06 GMT
age: 4494
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Dec 2024 08:47:06 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 21A2 2 KB
2 KB 18ms
17ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 11:53:15 GMT
x-content-type-options: nosniff
server: cafe
age: 79725
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 05 Dec 2023 11:53:15 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 21A2 295 B
319 B 19ms
18ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:24:32 GMT
x-content-type-options: nosniff
server: cafe
age: 59848
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 05 Dec 2023 17:24:32 GMT

GET
DATA 200
OK truncated
/ Frame 21A2 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b911c88f3ba4c18a8f7dc3b3dd9e4aa8c3e4a34403d46d4510286eae9a2fdf34

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame BB24 196 KB
55 KB 65ms
35ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 29 Nov 2023 17:10:37 GMT
age: 492683
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 28 Nov 2024 17:10:37 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame BB24 15 KB
5 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Dec 2023 10:01:50 GMT
age: 10
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Dec 2024 10:01:50 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame BB24 95 KB
28 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 02 Dec 2023 01:47:30 GMT
age: 288870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 01 Dec 2024 01:47:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame BB24 5 KB
2 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Dec 2023 00:35:33 GMT
age: 33987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Dec 2024 00:35:33 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame BB24 40 KB
13 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 05 Dec 2023 08:47:06 GMT
age: 4494
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 04 Dec 2024 08:47:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BB24 4 KB
1 KB 50ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 10:02:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 09:53:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 10:02:00 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BB24 2 KB
2 KB 9ms
6ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 11:53:15 GMT
x-content-type-options: nosniff
server: cafe
age: 79725
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 05 Dec 2023 11:53:15 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BB24 295 B
319 B 11ms
8ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:24:32 GMT
x-content-type-options: nosniff
server: cafe
age: 59848
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 05 Dec 2023 17:24:32 GMT

GET
H3 200 18394837103685652611
tpc.googlesyndication.com/simgad/ Frame 21A2 28 KB
28 KB 12ms
9ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18394837103685652611?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkmrV8VKhX_AS9NVu5WQBzI7J1WFA

Requested by

Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b275453cbcff18ecaf79c3586ae85bd9c1879fbb0f496a8aec3eafbf0c6b68e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:33:35 GMT
x-content-type-options: nosniff
age: 253705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28316
x-xss-protection: 0
last-modified: Sun, 30 Jul 2023 12:32:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Dec 2024 11:33:35 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/185435562479224912/ Frame BB24 40 KB
40 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/185435562479224912/6592766407814317453

Requested by

Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

613c4cbe6993176bc3ace2e817922b3e0fc11aa5b3a8ad5137cfbe93153179cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:27:26 GMT
x-content-type-options: nosniff
age: 12874
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40539
x-xss-protection: 0
last-modified: Fri, 04 Aug 2023 20:44:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Dec 2024 06:27:26 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/1688606332721326501/ Frame BB24 2 KB
2 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1688606332721326501/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: preprod.newsfulonline.com
URL: https://preprod.newsfulonline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203c5272828b96e1b3fbd028685239ee1e0d45afcbc821a0b8bffe34f761aff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:00:04 GMT
x-content-type-options: nosniff
age: 43316
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2242
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 16:57:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Dec 2024 22:00:04 GMT

GET
DATA 200
OK truncated
/ Frame BB24 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 949133912f4379ddcbffc87045a74e64394a6af22f26589a00f20c269430e755

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BB24 15 KB
16 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://preprod.newsfulonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 321759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:39:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BB24 15 KB
15 KB 32ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://preprod.newsfulonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 23:12:30 GMT
x-content-type-options: nosniff
age: 38970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 23:12:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311280101&jk=901760063694106&bg=!kpGlkd7NAAY3kmNgF5I7ADQBe5WfOMmC7uR7TinFi_FkyGx_B5z02IwCncs7DxVSS_hBSvrxbkMfIIkNJwFC-uQCsdn0AgAAAEZSAAAAA2gBB5kC1-pJ_pO-tN4JogerVgSG5jxFApeSBrnp6LL47P7TBIGB3F_yqFiB4PIGeSmAjiXY5TxvV1DcJSTuVUio0ufZ-wUGqmShW9N8nxgTKjxBnd6RTSR-L5QSVO_p5ePGnRXOSwA3fUZwb2-3ECt-_lq90E7l0e_DmdaPssEbHYX5FGU8jkU8mm7NXJcTtSr80h3bsh3vmn4OiZWWJgElpZOYFqt_NY13qkJUP-X02x1wn0C2pL4v25Y-J5L9Ih9e3hvsK-lH-iCS7TCsImvwqmLPqrCEKXwKK0uYO_QV3bKp7VVquJ9xhgObVDXqIpNt9yq7mKPijkWT900hHOlgLJ08bC0laY9cWGR8R2vxgYs59Qa2DJXQSBkB4CBzoOXqaE32C0MIqw67VqxeHCeDOQwVCFx0w16mzvYNqCqLxLTdfZhPnnhyIwTsqtxEmn2kcv4wbKxiRj-CN-Wx5aDSV22fNsxzzfmYUy0lA68_5TNucsU6Z6piY2c9HcvDIs5fzXUfaf1TtaBrbDXhA_hMTbiJfe6FCpnoVIuUZZikMezkuCt44-cNgC_BFmEih_9mfwhSplgWwQIEoS-7JfsFTV8RbuVq6IvXLhxGblYalZeWOJELvE1BDyKYPj5qoafYc7MwZneT_xsPzUEKeT-CpiQ_suKWZwTvHTr6P_C9slmok-8_VtW7udOeuIZuXL4j9uicLU__eXKMvUYeBrWtr7jwnRvgwZPOC3YgrDEaEkqw_BwvxYRRJ4A1sPO2n00h8FSo62_zhYfsyljtFYHi-0apAuoecIEfu6G4dODMZcXK-YY8tbHv51at7dARgi9xbIkBIcQZJoooItH_rM70BlMEvmQ6qqDOB3HBP2fEgXQMAfZuRSS2M44fHTGLaan0hm9LuQRcSlRWLjjXln383LM8-GILHOnkLGge528hlwQnooRtlU0k4KErYKSRgRmAfQmLnqbyU0ITo0M
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 09A0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

36ms
14ms

Image
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H2
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Redirect headers

date: Tue, 05 Dec 2023 10:02:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 17301731608001318283
tpc.googlesyndication.com/daca_images/simgad/ Frame 09A0 139 KB
139 KB 7ms
6ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/17301731608001318283

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0547bee553b583689610f7e8f83d91d6969757685140867342d3db101a651e4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 08:00:40 GMT
x-content-type-options: nosniff
age: 93680
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142673
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 20:13:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Dec 2024 08:00:40 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 09A0 2 KB
2 KB 9ms
9ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 11:53:15 GMT
x-content-type-options: nosniff
server: cafe
age: 79725
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 05 Dec 2023 11:53:15 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 09A0 295 B
319 B 10ms
9ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:24:32 GMT
x-content-type-options: nosniff
server: cafe
age: 59848
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 05 Dec 2023 17:24:32 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 21A2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

17ms
17ms

Image
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H2
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Redirect headers

date: Tue, 05 Dec 2023 10:02:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 18394837103685652611
tpc.googlesyndication.com/simgad/ Frame 21A2 28 KB
28 KB 6ms
6ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18394837103685652611?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkmrV8VKhX_AS9NVu5WQBzI7J1WFA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b275453cbcff18ecaf79c3586ae85bd9c1879fbb0f496a8aec3eafbf0c6b68e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:33:35 GMT
x-content-type-options: nosniff
age: 253705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28316
x-xss-protection: 0
last-modified: Sun, 30 Jul 2023 12:32:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Dec 2024 11:33:35 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 21A2 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 11:53:15 GMT
x-content-type-options: nosniff
server: cafe
age: 79725
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 05 Dec 2023 11:53:15 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 21A2 295 B
319 B 9ms
9ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:24:32 GMT
x-content-type-options: nosniff
server: cafe
age: 59848
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 05 Dec 2023 17:24:32 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BB24 2 KB
2 KB 10ms
9ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 11:53:15 GMT
x-content-type-options: nosniff
server: cafe
age: 79725
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 05 Dec 2023 11:53:15 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BB24 295 B
319 B 10ms
10ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:24:32 GMT
x-content-type-options: nosniff
server: cafe
age: 59848
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 05 Dec 2023 17:24:32 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 09A0 0
0 52ms
51ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBzsBGPVuZdnCBO6N7_UPwqm-wAq-3frRdJuJiOiQEr_hHhABIKj9wBJglaqUgqAHoAGHg7_3A8gBAuACAKgDAcgDCKoEywJP0NISOx2SaKWK3_0ZU5QU-4sxy7n97kr9nvlgtBDYV3lkyOQRXxLEPpRlJUCW0QnQG94K97QgAl2iXZ5nwzYW5IUAt6SzfqHmBIy8EqjNp5kBiep6wAc35ESVLaLk57klsNZ2OZpCxHzn_TaHLjiOkosM2lEg1NR2hpr3KUkliirsjnfsv4bY0y-jDQDgZUiwAHblSbejnKQaYGV3Smw3vqmB-oBM_97IfkrlFQssmlYtDWZ-f4YqrZoefFucYtdLew1ONV-sRYX9ZLAxJ7kyAgZ3EZR0uUM9ZODbbQl5tZ-vfmVf_C8AnS2Z3vvSo4-h2d9EzDq3GrAcyAwrFOWF6R5WTMJbkeenCvcg4xq95Xi5cINkUnipPdH0eGGZT39NrXcORRuxJGnuMND_WRh_d0Jt9ZTKc-jikmnMmHclyzsK6W_BW-Lotms5wASnvIbQzATgBAGIBZCRpJ1NkgUECAQYAZIFBAgFGASgBgKAB6uioSOoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCQsDnSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WLfn15qF-IIDmgmKAWh0dHBzOi8vd3d3LmxpZ2h0aW50aGVib3guY29tL2MvbWVuLXMtc2hpcnRzXzM1MjA4P3RvcF9waWQ9OTcxNzgzOSw5NzE3ODM4LDk3MjQzMzQsOTcwMjI0Miw5NzE3ODQxLDk3MTc4NDAsOTcwMjI0Myw5NzAyMjQ0LDk3MTc4NDIsOTcwMjI0MYAKA8gLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAuINEwjnqtiahfiCAxXuxrsIHcKUD6jYEwzQFQGAFwGyFx4KHAgAEhRwdWItNjk4MzMwNzI4OTY4OTIwNhjajhE&sigh=e9l65DDDd2U&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSYQDICaaNI-7-aEkdCZiZLi4yKcVD6sgNjjSIFyG8Eq50t86_cfT-Bv5_z6rd7w2-oVw55wxofX18LX4-AJEiyYFzlylJe-SGTneayzlGE0CV1QXjFsV8RkYGlE6GE62apRIYAQ&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 21A2 0
0 52ms
52ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CIFu6GPVuZdrCBO6N7_UPwqm-wAr-jbWTdMfi9Or7EZS99LXRQRABIKj9wBJglaqUgqAHoAHZ3YnGA8gBAqkCISjiTAIssj7gAgCoAwHIAwiqBMwCT9BbOq4MfPcuNp2bQx2wkrhS3Aoxqv5lv9rGph1fT98Yy2vXAGpOiw9rTW9wQD7cLi1_DmcT7K0kdhPVHc1WNsPwGfuO1Sr9udw-Eq026MQjt-t60YrcjTrDjRWdUa4hVpyxJKlLn2AY50MPvpkrwY7En6gf9b6A49K5-pOTxAAXu_fITIl9KuiCAix099ya9tC71GfC6oYrLA8SzGHHkn4IjWEJGq4Wc-yDTkDqn23eUqBR8SU-sFB80UZ3-yyAiTxPmAjLn7xzza5XpXJINR1njF_YF5IXwZLuKy8-qg_yCb1swCOjABxyooq8gBodxUTOLsqZmWd3rJAq_YJeDzRA9KyqZnbEkJ24vmtuLNdCEjowOZmeuc2LiUervEcSRy17fPxzEz7tjpck7RFhdfL48KiSsSPKHjEOrp_UonR1zzMeER5vMhcKYeDABJLYspPGBOAEAYgF0paH1i-SBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHj6L2OagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEPK_GdIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYt-fXmoX4ggOaCTpodHRwczovL3d3dy5oYXVzZnJhZ2UuZGUvYXJ0aWtlbC9rbGFyaGVpdC1iZWltLXRoZW1hLXNvbGFygAoDyAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC4g0TCOiq2JqF-IIDFe7GuwgdwpQPqNgTDNAVAYAXAbIXHgocCAASFHB1Yi02OTgzMzA3Mjg5Njg5MjA2GNqOEQ&sigh=P4Uqv2xs7jY&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSYQDICaaNI-7-aEkdCZiZLi4yKcVD6sgNjjSIFyG8Eq50t86_cfT-Bv5_z6rd7w2-oVw55wxofX18LX4-AJEiyYFzlylJe-SGTneayzlGE0CV1QXjFsV8RkYGlE6GE62apRIYAQ&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BB24 0
0 53ms
53ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYNgwGPVuZdvCBO6N7_UPwqm-wAq65rzIdOyPu_GeEv39rfafQRABIKj9wBJglaqUgqAHoAGlvY3KA8gBCakCISjiTAIssj7gAgCoAwHIAwqqBMgCT9AyLX8kl46aPsw5frA01JijqhzBaiLW6_Y0JHQTeZ6wlJn2e2vdsYdkFwtTefXWE1BLvSPVv9IygAN5x5bsBYVl22ojPNY9-2nmGP28IwJ1yM5nbkztKn-EhpuvYciQ3saWkAt9mutv07J1EdWthc6RA3HmLQVXs0WQP61AbxR7YUtsmjT4M-3Bj_kN_DdZGgrm5XdoPqVT_fZxafPCM3mMqGZ3D-8cnsoTkc3XeaI1d6Wuh2tI2hxSGXhBX25BR5w04Od5tXHoVWAhAlnTVhBJBwiLkJUwL17e5VwJH3zSwtiU6ATjDwD31thJQIbst2cXMf5vcuXWVo0e4e26iWPka40iRd_aUxl5rOrjUHwmeJj3uChq3g7kI6j1PtfH6qL1IIcgoxO0Tlauw0duQDh97r7jTlAjIF3F5KY1YrShGBFr10GMxMAE19maksEE4AQBiAWrh-qNTJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfDwvI1qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQx9gG0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOli359eahfiCA5oJGWh0dHBzOi8vd3d3Lm15c2t5d2luZC5jb22ACgPICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLiDRMI6arYmoX4ggMV7sa7CB3ClA-ouBPkA9gTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi02OTgzMzA3Mjg5Njg5MjA2GNqOEQ&sigh=NZ8N0FwcM84&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSYQDICaaNI-7-aEkdCZiZLi4yKcVD6sgNjjSIFyG8Eq50t86_cfT-Bv5_z6rd7w2-oVw55wxofX18LX4-AJEiyYFzlylJe-SGTneayzlGE0CV1QXjFsV8RkYGlE6GE62apRIYAQ&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
285 B 32ms
8ms Fetch
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

9f3eb5e3b9160c829fa6499e03f3fc3f3a49c881ca3179b8e58d8ad29345937d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: https://preprod.newsfulonline.com
date: Tue, 05 Dec 2023 10:02:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 v3 Show response
id5-sync.com/gm/ 403 B
694 B 28ms
8ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

7747a975027fa20b80863e1dcc4801770e6956f70869f1e469b76bdd2d6bfa31

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://preprod.newsfulonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://preprod.newsfulonline.com
date: Tue, 05 Dec 2023 10:02:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=901760063694106&vrg=202311280101&nw_id=3865&nslots=5&eid=31077978%2C31078986%2C31079792%2C31079527%2C676982961%2C21065724&pub_url=https%3A%2F%2Fpreprod.newsfulonline.com%2F&qid=CNmu2pqF-IIDFe7GuwgdwpQPqA&iu=3865%2Frevshare.newsfulonline.com%2Ftier1%2Ftaxonomy%2Fhomepage&e=0&ret=970x250&req=728x90%7C970x90%7C970x250&bm=0&efh=1&stk=0&ifi=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 10:02:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 09A0 42 B
64 B 45ms
45ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMEZ0QB9BidGqaCFbK3uqlGJB7uxJxm1yMp0qXXZlz9Pd6Lm91w5wJeQYr7ndkUTINsNoVqOYbFzyCQeh6twWuNSBOJn6fFKvLaIFeos3Q5UHtcHjtfN-u5Faf47lgO5MKjYUE121bX2B-&sai=AMfl-YStM525UiKsE-sJcdlJbgmfUDYqZ5YJ0i8mRvbYc9qLQarsc_JZ9RoaGUtXJjpuowoAkCV0keS6a-tXpwEvscVSYm1Zl8sjoY4MO5ydLqosrGdNVkWzLd-Q-Bv-HjOhCNaHFEN4cMceAUwvyc44WizO-aq3N12LWPIptOqZsA-MTaZtyw4TvvQvtEXy&sig=Cg0ArKJSzG5XJlfdA3kjEAE&cid=CAQSYQDICaaNI-7-aEkdCZiZLi4yKcVD6sgNjjSIFyG8Eq50t86_cfT-Bv5_z6rd7w2-oVw55wxofX18LX4-AJEiyYFzlylJe-SGTneayzlGE0CV1QXjFsV8RkYGlE6GE62apRIYAQ&id=ampim&o=315,94&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=157&tls=1157&g=100&h=100&tt=1157&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preprod.newsfulonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 10:02:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d31qbv1cthcecs.cloudfront.net
URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/j	1970-01-21 02:18:50	Name: lidid Value: 5ad094f0-c9ee-42f8-8244-4219f4a83790
i.liadm.com/s	1970-01-20 17:26:02	Name: _li_ss Value: CkQKBQgKENQWCgYI3QEQ1BYKBgiBARDUFgoFCAwQ3hYKBgiiARDUFgoFCAsQ1BYKBgiLARDUFgoGCNIBENQWCgUIfhDUFg
preprod.newsfulonline.com/	1970-01-20 16:52:55	Name: isSlowHardware Value: 0
.newsfulonline.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .newsfulonline.com
.newsfulonline.com/	1970-01-21 02:18:50	Name: _lc2_fpi Value: b89f71c72b9a--01hgwptrs0hbn9qch35sbp6ahv
.newsfulonline.com/	1970-01-21 02:18:50	Name: _lc2_fpi_meta Value: {%22w%22:1701770519328}
preprod.newsfulonline.com/	1970-01-21 02:18:50	Name: muuid_origin Value: newsfulonline.com
preprod.newsfulonline.com/	1970-01-21 02:18:50	Name: muuid_source Value: CLIENT
preprod.newsfulonline.com/	1970-01-21 02:18:50	Name: muuid_date Value: 1701770519348
preprod.newsfulonline.com/	1970-01-21 02:18:50	Name: first_request_id Value: 6cb6b3df-cf00-45e1-9b08-f0c3534bd49b
preprod.newsfulonline.com/	1970-01-21 02:18:50	Name: globalTI_SID Value: 079cf1b0-a701-4f1f-b332-fcf2b8e6a6ae
d9jj3mjthpub.cloudfront.net/	1970-01-21 02:18:50	Name: cross_site_muuid Value: d80ced58-dc65-5923-a8da-fa002ce806ad
.newsfulonline.com/	1970-01-21 02:18:50	Name: _ga_2LXF7R9QXQ Value: GS1.1.1701770519.1.0.1701770519.0.0.0
.newsfulonline.com/	1970-01-21 02:18:50	Name: _ga Value: GA1.1.1058526476.1701770519
preprod.newsfulonline.com/	1970-01-20 17:26:02	Name: _pbjs_userid_consent_data Value: 3524755945110770
.liadm.com/	1970-01-21 02:18:50	Name: lidid Value: 5ad094f0-c9ee-42f8-8244-4219f4a83790
.criteo.com/	1970-01-21 02:04:26	Name: uid Value: 526174a0-247c-4259-9075-fc5e1db91635
.criteo.com/	1970-01-21 02:04:26	Name: receive-cookie-deprecation Value: 1
.newsfulonline.com/	1970-01-21 02:04:26	Name: cto_bundle Value: 0SIIWV83d0I4eWpWT2ZOVmthbEF4akd0JTJGT2VpQWpESTRJcEJ3WnhKTmM1RlBvOUtKZmQlMkJHejRrWURFcUgwSTNCN2xRS0tSZ1ZCYjlKYmVpTnYwZjFXcGdwMDI4RzMwbWNhS1pITTF6QzRuZk5sdThHWVElMkJnZmRlRFVrcThTZnB1OEYwb0w3N3RWbllhUTI3UHE3UmZSZmFTZFZxcTNHbjZTS09oMkZ1czB4S3BpZU0lM0Q
.openx.net/	1970-01-21 01:28:26	Name: i Value: 9e69b8af-d156-43af-bc76-bc8dc309513b\|1701770519
.lightboxcdn.com/	1969-12-31 23:59:59	Name: _cfuvid Value: qXtjsv7zSei8cQQe0jJC4HLGgwOrKCSi5AjUJ9cjhGU-1701770520187-0-604800000
.newsfulonline.com/	1970-01-20 17:26:02	Name: _li_ss Value: CjYKBQgKENQWCgYI3QEQ1BYKBgiBARDUFgoFCAwQ3hYKBgiiARDUFgoGCIsBENQWCgYI0gEQ1BY
.newsfulonline.com/	1970-01-20 17:26:02	Name: _li_ss_meta Value: {%22w%22:1701770520696%2C%22e%22:1704362520696}
.newsfulonline.com/	1970-01-21 02:04:26	Name: __gads Value: ID=a5bd78c26fa7fc61:T=1701770520:RT=1701770520:S=ALNI_MYZyHcPMFEVJel0EapAEQOfDZlxhQ
.newsfulonline.com/	1970-01-21 02:04:26	Name: __gpi Value: UID=00000d0b0c6472d1:T=1701770520:RT=1701770520:S=ALNI_MbAsX_LUT1VRag58ZHqj2KTUC_dwg
.rezync.com/	1970-01-20 21:02:02	Name: zync-uuid Value: 4cfa9a0d-1d04-4f82-bd5c-6d27e34ae838:1701770520.8170073
.demdex.net/	1970-01-20 21:02:02	Name: demdex Value: 24235792917809897484448872490325377822
.doubleclick.net/	1970-01-20 16:42:54	Name: DSID Value: NO_DATA
.addthis.com/	1970-01-21 02:13:04	Name: na_id Value: 2023120510020000039262727581
.addthis.com/	1970-01-21 02:13:04	Name: na_tc Value: Y
.addthis.com/	1970-01-21 02:13:04	Name: uid Value: 656ef518ae1d0ae9
.addthis.com/	1970-01-21 02:13:04	Name: ouid Value: 656ef5180001e9368ccab17289282c8c25bfd6dc8b4b11c58a93
.rfihub.com/	1970-01-21 02:04:26	Name: eud Value: H4sIAAAAAAAA_1XIsRGAMAhA0QmsMgceCRCI25CQDGRp6aTaeXb__TMpj-XNMSAHMvCyAj1kQI2ik9inkR1ZMauiFNztbVS60vbNVuX-uz6SIl4mWgAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjS2NLA0NTQytxDiM9QtLnANLQ0Izq0qKQ8BAKY6n4AlAAAA
.rfihub.com/	1970-01-21 02:04:26	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjS2NLA0NTQytxDiM9QtLnANLQ0Izq0qKQ8BAKY6n4AlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_w3GyxWAIAwEwIvtxLf54Ea7AQKFWLnOad6DMXe_O0q0EBI7TUa1KVcZl0df6fkooSSa4cz_oH8ZSU5POgAAAA
.dpm.demdex.net/	1970-01-20 21:02:02	Name: dpm Value: 24235792917809897484448872490325377822
.doubleclick.net/	1970-01-21 02:04:26	Name: IDE Value: AHWqTUky7nSLhRZFmFNi40LBlOdECm_Pg6XKvh37sBQO-76h_MVU0W7nzXKtyxGD6C0
.turn.com/	1970-01-20 21:02:02	Name: uid Value: 7894285545824005308
.dlx.addthis.com/	1970-01-20 17:26:02	Name: na_sc_x Value: 1
live.rezync.com/	1970-01-20 21:02:02	Name: sd-session-id Value: .eJwNykEOwiAQQNG7zLqYGQYcymUahGlCtGhK3dj07rL7L_knLB_dt9S0HRCP_asT5Fcd6hBP6PW36RMieEJxzIGJZ5w9WQlwTdC19_puSy3jcXlNc8JiqKAzbg3WPIrP5l6sKLukgUMkQRJBb_EWRqMwXH_DCiXp.ZW71GQ._cyQHF9AVrHFwbYUldt7mSdV2mc
.lightboxapi.azurewebsites.net/	1970-01-20 16:42:54	Name: TiPMix Value: 46.5097987184407
.lightboxapi.azurewebsites.net/	1970-01-20 16:42:54	Name: x-ms-routing-name Value: self
.mathtag.com/	1970-01-21 02:08:45	Name: uuid Value: 4e5b656e-f519-4c00-a011-048abae08dda

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://karma.mdpcdn.com/configs/3.31/revshare.newsfulonline.com.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=MEREDITH&sv_domain=preprod.newsfulonline.com Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://dc8xl0ndzn2cb.cloudfront.net/js/bestlifeonline/v0/keywee.min.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://script.crazyegg.com/pages/scripts/0031/6691.js?472714 Message: Failed to load resource: the server responded with a status of 410 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=4cfa9a0d-1d04-4f82-bd5c-6d27e34ae838%3A1701770520.8170073&_=1701770520.8191793 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a716b4ec658622215c5d0f33196626df.safeframe.googlesyndication.com
aax.amazon-adsystem.com
api.rlcdn.com
b-code.liadm.com
b1sync.zemanta.com
c.amazon-adsystem.com
cdn.ampproject.org
cdn.id5-sync.com
config.aps.amazon-adsystem.com
d.turn.com
d30qdagvt44524.cloudfront.net
d31qbv1cthcecs.cloudfront.net
d9jj3mjthpub.cloudfront.net
dc8xl0ndzn2cb.cloudfront.net
dis.criteo.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
i.liadm.com
id.sv.rkdms.com
id5-sync.com
idsync.rlcdn.com
js-sec.indexww.com
karma.mdpcdn.com
lb.eu-1-id5-sync.com
lightboxapi.azurewebsites.net
live.rezync.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
p.rfihub.com
pagead2.googlesyndication.com
preprod.newsfulonline.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
sb.scorecardresearch.com
script.crazyegg.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
static.criteo.net
sync.mathtag.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.lightboxcdn.com
x.bidswitch.net
x.dlx.addthis.com
d31qbv1cthcecs.cloudfront.net
108.138.1.25
108.157.7.228
162.19.138.117
162.19.138.119
172.64.149.180
178.250.1.9
18.159.232.130
18.173.233.76
18.214.70.73
18.245.60.53
184.30.211.26
185.29.134.244
193.0.160.130
20.40.202.0
2001:4860:4802:32::36
2600:1f18:730:b120:5272:c368:d5e5:d480
2600:9000:225e:3a00:8:8845:1500:93a1
2600:9000:243d:7600:11:e0c9:84c0:21
2600:9000:243d:9800:d:2820:3bc0:93a1
2600:9000:2644:a800:19:bcbe:a700:21
2606:4700:10::ac43:266a
2606:4700::6812:1423
2606:4700::6813:9308
2606:4700::6813:d483
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:831::200a
2a02:2638:3::3
2a02:2638:3::c
3.215.46.21
34.102.146.192
34.120.133.55
34.120.135.53
34.193.112.155
34.98.64.218
35.244.174.68
35.71.131.137
46.228.164.13
50.31.142.63
52.19.222.237
54.175.2.45
65.9.7.65
69.192.160.219
99.86.4.30
0065487ea428aeaf405da8124177d30862545ea4ee7c9748184b7d061eb569c5
0547bee553b583689610f7e8f83d91d6969757685140867342d3db101a651e4c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b318c19002197ad05d31c35f6f3b03d810de198e6e033437e43d9904be3a335
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
14a05259750434a978a8311f2a72e3c445e7ac36ca6b2f9599a61cff46d62605
159bd804f3a207ce59088ef63f186ba5b3d906d5245b7bfa882a6a6c3f6a9314
169c656676e4a3b2e6bce8d722c2ae460c8903c3e19e3c6f451aa89fafba7bf6
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1b3bf5c40c29bcfe5897a85f57f59803d6075f8ef3cece0e489ed50ee5e47bc3
203c5272828b96e1b3fbd028685239ee1e0d45afcbc821a0b8bffe34f761aff3
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
24b0f0dc3b7a47003f1ddbbeb91ffe05fb6be25dc8a965a5e99a115e9705643e
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
2d9d5eece457526daaa86628d0f7cdced3695a3c0ed22a8f0db5803313d0c68d
2e139cf97e26532c11b6dd08ab17ac35d709bdb777d93e06a2178ba4b925d74d
32dec6184ec343965f996516c958afa111aa3056e5d7385102eb1d61df25fb16
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
533c58846f4e01dded8ff368531d4933c7fa2c15bb81c02c967b5dd3edf21609
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549f825014ea41878b80f31861c1942b8d366a49d4b407818a3635fd0f182d73
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
573a83eb22dc121ff1c5dabc9bc63653f4309917521d5a275e0ccf95b8c2d076
5824a039c1a433bcd040fec539d3196cf9e93169e1be4ae6f31a1e2a844d16f7
613c4cbe6993176bc3ace2e817922b3e0fc11aa5b3a8ad5137cfbe93153179cb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a03df903030d78749fa647494b5c18c248cd464a95eb768e972278d885f9df
65cfda8c303a585f4efdd038f57364c716988674b08d081e086059aa2b4be1ca
6851edc0fca6eb99fa5fa083c37055fb96b62567bcd4730305e755e4cc0ab82a
6a640deb7b3fa2e154983c543c39cfa802c742fcd2c64c8cc0f2c85e392a6ca6
6bad0c86f55d527effec0de21b34807579d5d9aa466da242281e9593f65b394a
712fb5ace252a5514c7469a818fd145f5d1d011878f22eeecd59e9cb63811346
727b3ff0c716fa8e38788e3dab83691b06edf37ca523b826f9ef67700021516b
7571db16348512fc55b35102ce3699733cf0882f4b4fb3e652fa8db700c07fb5
7747a975027fa20b80863e1dcc4801770e6956f70869f1e469b76bdd2d6bfa31
7b275453cbcff18ecaf79c3586ae85bd9c1879fbb0f496a8aec3eafbf0c6b68e
7e071e5b39d13cef80f7a46d854de133fd73c15d1351ebcf7e1f1b48821e7aeb
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88a712e93b9c39b3a6b8adbd1842843e14c1893a562855fd9844c476aa835cbe
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91472283596a63b5944f2141856fe10d555ba5a2f41a23ba7ad4a8b246b54716
949133912f4379ddcbffc87045a74e64394a6af22f26589a00f20c269430e755
956a243efde51c11758094189afe270cdc8bb79440e57f27874eecd06aa6663f
9bbec2a33bfd3daa020a4e053d2538893a8204ea402eff0c7ec8c0c249813784
9f3eb5e3b9160c829fa6499e03f3fc3f3a49c881ca3179b8e58d8ad29345937d
a10c417a94b3776b47317c44067491bac17edabda9f0cf753ea8454f5645f591
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a239a5a2f7ee0b85166d76b4f29110491bd210f34b3f686c4999edb715a8fa23
adfe6a81b9a03cb3714fd043c599e8fefe4a361ec3bda7420df87c5f2db92443
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23699abce9f39fbb3149dba2421b8548cb4c788080893863a3437aaeb838276
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b7a5dd920caef2e233583f75b428e137c4dfcdc55fa0a083e0ebe9200eb8b98a
b911c88f3ba4c18a8f7dc3b3dd9e4aa8c3e4a34403d46d4510286eae9a2fdf34
be2cdc98168fb7f49fe4f138d609cec30c80f0156f8832b91a930eead3caf88a
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c6b12fc7ef429821c6a28c3d68741bdbaa15dd6bf3a959873e9fea990df336be
c70f41e287e47831e949a5d5ddcd7511fd8ac2b7328f230ed1c60b7b233e15ab
cd4efe37aea2b067d9415a93fa36c6b0aa7677be0af31bea88662bd44367cc34
d8975accf51b6920f2dd231b572e7e3d1e6edbf8b5849a5abc20eeb2488be1d4
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62a4de3b32fea316f4a4f5cf461e662e11c8e15e0afbfd4f86b2ffbf8f24b53
e96ae15728bb1a572684d632b7db42ba1c1b669d76a7b826f671b2d5b218e0c6
edcdf3f60252a5987bedc9c86b5422d972ba509bbbe60d58925310c744a33e28
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef20960a7a050b822770e3ea68729a93868d6b74f85b8512917f7fbea25b6aa9
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f1ccb620d245aabceb23fe6b709af9855dc9f213594d02d9ea45ee30728c7ee8
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fed40a9c4ae330e37bc0f60a2a6e12ed5ca3bd9f844ab6979214691a10394724
ff40305eb020033111bd9acfc5fa9e995dca90fff3b2f000d77f6be39c968461

preprod.newsfulonline.com Open in urlscan Pro 2606:4700::6812:1423 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

127 Requests

91 %HTTPS

43 %IPv6

37 Domains

53 Subdomains

46 IPs

5 Countries

1786 kBTransfer

4841 kBSize

44 Cookies

1 Outgoing links

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

preprod.newsfulonline.com Open in urlscan Pro
2606:4700::6812:1423 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

91 %
HTTPS

43 %
IPv6

37
Domains

53
Subdomains

46
IPs

5
Countries

1786 kB
Transfer

4841 kB
Size

44
Cookies

127 HTTP transactions
5 data transactions