thedailyblog.co.nz Open in urlscan Pro
210.5.53.72 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://thedailyblog.co.nz/
Submission Tags: falconsandbox
Submission: On November 30 via api (November 30th 2021, 7:41:20 pm UTC) from US — Scanned from DE

Summary HTTP 354 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 42 IPs in 10 countries across 36 domains to perform 354 HTTP transactions. The main IP is 210.5.53.72, located in New Zealand and belongs to VOYAGERNET-AS-AP Voyager Internet Ltd., NZ. The main domain is thedailyblog.co.nz.
TLS certificate: Issued by R3 on October 27th 2021. Valid for: 3 months.

This is the only time thedailyblog.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
85	210.5.53.72 210.5.53.72	56030 (VOYAGERNE...) (VOYAGERNET-AS-AP Voyager Internet Ltd.)
7	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
26	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 1	75.101.226.202 75.101.226.202	14618 (AMAZON-AES) (AMAZON-AES)
1	52.216.101.139 52.216.101.139	16509 (AMAZON-02) (AMAZON-02)
37	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1 42	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
2	104.20.228.67 104.20.228.67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2016	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3 14	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
4	138.201.84.244 138.201.84.244	24940 (HETZNER-AS) (HETZNER-AS)
1 4	46.4.10.47 46.4.10.47	24940 (HETZNER-AS) (HETZNER-AS)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
1 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	104.92.94.3 104.92.94.3	16625 (AKAMAI-AS) (AKAMAI-AS)
19	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.248.39 18.66.248.39	16509 (AMAZON-02) (AMAZON-02)
2	34.247.11.162 34.247.11.162	16509 (AMAZON-02) (AMAZON-02)
1 2	2620:116:800d... 2620:116:800d:21:ee05:6a01:4b41:8c89	16509 (AMAZON-02) (AMAZON-02)
1 1	35.156.157.11 35.156.157.11	16509 (AMAZON-02) (AMAZON-02)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	52.18.11.109 52.18.11.109	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:a212:76ab:db1a:a790	16509 (AMAZON-02) (AMAZON-02)
354	42

85 210.5.53.72 (New Zealand)

ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ)
PTR: vps1166.lnx.vps.isx.net.nz

thedailyblog.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eveningreport.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.101.226.202 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-226-202.compute-1.amazonaws.com

tools.applemediaservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.101.139 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

apple-resources.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.228.67 (None, )

ASN13335 (CLOUDFLARENET, US)

secure.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.91 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.4.10.47 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de

hal90002.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Schwaig, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.94.3 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-94-3.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.39 (United States)

ASN16509 (AMAZON-02, US)

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.11.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-11-162.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ee05:6a01:4b41:8c89 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.157.11 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-157-11.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (United States) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.11.109 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-11-109.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:a212:76ab:db1a:a790 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	thedailyblog.co.nz thedailyblog.co.nz	4 MB
63	googlesyndication.com 1 redirects 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	511 KB
59	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com	1 MB
50	doubleclick.net 4 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net 8019191.fls.doubleclick.net	344 KB
28	youtube.com img.youtube.com www.youtube.com	1 MB
12	google.com 1 redirects adservice.google.com www.google.com	27 KB
11	googletagservices.com www.googletagservices.com	390 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net hal90002.redintelligence.net	58 KB
7	ampproject.org cdn.ampproject.org	129 KB
7	googleapis.com fonts.googleapis.com	5 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
3	pubmatic.com 3 redirects image6.pubmatic.com	1 KB
3	webgains.io analytics.webgains.io api.webgains.io	51 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com	923 B
2	openx.net rtb.openx.net	415 B
2	addthis.com 2 redirects e.dlx.addthis.com	1 KB
2	quantserve.com 1 redirects cms.quantserve.com	796 B
2	webgains.com track.webgains.com	5 KB
2	medialead.de 2 redirects pv.medialead.de	2 KB
2	ytimg.com i.ytimg.com	94 KB
2	ggpht.com yt3.ggpht.com	5 KB
2	statcounter.com secure.statcounter.com c.statcounter.com	14 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	googletagmanager.com www.googletagmanager.com	67 KB
1	innovid.com ag.innovid.com	297 B
1	everesttech.net 1 redirects pixel.everesttech.net	375 B
1	agkn.com 1 redirects d.agkn.com	759 B
1	awin1.com www.awin1.com	704 B
1	ad-server.eu ad-server.eu	312 B
1	office-partner.de adv.office-partner.de	1 KB
1	media01.eu pb.media01.eu	629 B
1	google.de adservice.google.de	792 B
1	eveningreport.nz eveningreport.nz	8 KB
1	amazonaws.com apple-resources.s3.amazonaws.com	15 KB
1	applemediaservices.com 1 redirects tools.applemediaservices.com	438 B
354	36

	Domain	Requested by
84	thedailyblog.co.nz	thedailyblog.co.nz
42	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net thedailyblog.co.nz 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
26	securepubads.g.doubleclick.net	thedailyblog.co.nz www.googletagservices.com securepubads.g.doubleclick.net 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
20	www.youtube.com	thedailyblog.co.nz www.youtube.com
17	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
15	encrypted-tbn2.gstatic.com	84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
15	pagead2.googlesyndication.com	84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com www.gstatic.com securepubads.g.doubleclick.net
14	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
11	www.gstatic.com	www.youtube.com www.gstatic.com 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
11	www.googletagservices.com	thedailyblog.co.nz securepubads.g.doubleclick.net 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
10	www.google.com	1 redirects securepubads.g.doubleclick.net www.youtube.com 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com tpc.googlesyndication.com
9	encrypted-tbn0.gstatic.com	84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
8	img.youtube.com	thedailyblog.co.nz
7	cdn.ampproject.org	securepubads.g.doubleclick.net cdn.ampproject.org
7	fonts.googleapis.com	thedailyblog.co.nz securepubads.g.doubleclick.net hal90002.redintelligence.net 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
6	84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	googleads.g.doubleclick.net	www.youtube.com thedailyblog.co.nz 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
4	encrypted-tbn3.gstatic.com	84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
4	hal90002.redintelligence.net	1 redirects 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com hal90002.redintelligence.net
4	hal9000.redintelligence.net	84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com hal90002.redintelligence.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	image6.pubmatic.com	3 redirects
3	encrypted-tbn1.gstatic.com	84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
2	e.dlx.addthis.com	2 redirects
2	cms.quantserve.com	1 redirects 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
2	api.webgains.io	analytics.webgains.io
2	8019191.fls.doubleclick.net	1 redirects thedailyblog.co.nz
2	track.webgains.com	thedailyblog.co.nz 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
2	pv.medialead.de	2 redirects
2	i.ytimg.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	adservice.google.com	securepubads.g.doubleclick.net 8019191.fls.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	thedailyblog.co.nz adv.office-partner.de
1	ag.innovid.com	84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
1	pixel.everesttech.net	1 redirects
1	d.agkn.com	1 redirects
1	analytics.webgains.io	track.webgains.com
1	www.awin1.com	84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
1	ad-server.eu	84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
1	adv.office-partner.de	hal90002.redintelligence.net
1	pb.media01.eu	hal90002.redintelligence.net
1	c.statcounter.com	secure.statcounter.com
1	secure.statcounter.com	thedailyblog.co.nz
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	eveningreport.nz	thedailyblog.co.nz
1	apple-resources.s3.amazonaws.com	thedailyblog.co.nz
1	tools.applemediaservices.com	1 redirects
354	53

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
eveningreport.nz
www.youtube.com
podcasts.apple.com
open.spotify.com
milnz.co.nz
www.statcounter.com

Subject Issuer	Validity	Valid
thedailyblog.co.nz R3	`2021-10-27` - `2022-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
eveningreport.nz R3	`2021-11-04` - `2022-02-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
us-dallas.statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-06` - `2022-12-06`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
redintelligence.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
adv.office-partner.de R3	`2021-11-07` - `2022-02-05`	3 months	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh

This page contains 25 frames:

Primary Page: https://thedailyblog.co.nz/
Frame ID: 3904D789DBBBEAE4D653F9B512CE7BAF
Requests: 130 HTTP requests in this frame

Frame: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 567D3695E3C88ABFF6DA6328C7279279
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/mG3nm_a0D0U
Frame ID: CD208FF8D87624E5AD30F2A88B65C6EC
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8ed-Z847yf1FRFk0gOyiqlsTCJpwFFalP-s-KNFb33T4GfwCIJyWTvo18DxucBfhg--HHObFlUJXZY_TzfFph8F33F9uukYlPueB5SDwkuKDRtP4_koYEWm6DK7g4B8CvnJxTu-WqsNQisy7ZqzUZSsmSnqI1ICYm1fJK0zxkpyt-72Urf1a5B_qfE2GBvdZrVxnOhZy2aVcp1lElpRRWB1OwgCIJqCYpQNk8fW8vzxxnm0serH04Xn1pesQOtjcBc7abdLz4XWrn8BD_e87HZ04mGlGwuDrgOHNQV-MRRfOzWnIfVodxMGZtyETBH7oldIk&sai=AMfl-YQPrIo5y-sBKP_371a941joSCgqXRI34XxZImnlk5erx7ma1f0KqhTB-Qt9boqbQfoAvGthdZWuNQzYD22QZBiJ86u4c62RJRGUc6gPPAJdlD19KDLR8Du6x99VxR1U&sig=Cg0ArKJSzIumhKAL1ruGEAE&uach_m=[UACH]&adurl=
Frame ID: E1414801D428E5C718519A556C63DF1F
Requests: 8 HTTP requests in this frame

Frame: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
Frame ID: C51A4BD7B6CC7098F1C4A6D30DE16292
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnQHqRL-c_NJBAftHB7O53NrOWhpoQGBqC5ydRbQFvgIvu38ugIvR8N1VEAi5xbuQe6ivAt6wk6DR8xRT94IFp7MIF7mBALy51mS64mXRRGKwmsLJ6YT_P5K7YI-5QV4GQWpBT6Oo1NcYOLM5_krwHXsXhm5o-9pFiz5r1HjVbwD4M0rDaQM6E6ZKW4VYZo7ZvcbSswV48PmPgTFuxw7J9L6s_afdISPVER0Cw9ZG80z5V2457uz20zz0c54UUGN93kS4rdoKl7QgjGKVjlkNR-C2VctULNVqRbV2Poo8MR8DOMKTb4DYmzcQ_IQM20yIhtWRwQA&sai=AMfl-YSJuZxmU8R1xPdQczAIyJlhDS8rmmZw_NHHAbO83OxhCWUA3QZb1QJrPVkHlWcRscuO9SYgRGK2bn7_h9mf3Y1_9iEAkj4bNMy1v6TzGdYdqh775Sndk4Y-1LVF-3c&sig=Cg0ArKJSzEw_AcTe4ZwYEAE&uach_m=[UACH]&adurl=
Frame ID: 22737232CACFE155E74008FC4E332049
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: A0E38517C0704C7644E8ACA5C4E98256
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQLMJtXsmgxc3UbgEcTHrJJAxwvPyyuVJwFL8kgJ3L07esmMuZJiPQaPa6Vv-jCq7Qah4E_36isBecvfT0MA41POHjr8mhE0M4QLcByq6y6olI8k5JIi9Je3GB4YyuyTi3CVf-ZUT6BOCy1G3ncCBHvrTEzUOpzIACFr1aPRED9DCGFEtuzu4jHM9sSblf9jIxm0hEFY-IAouoBRLkpCHeE7_r2gqE3fSBhqh4dVSSXZZ_VjoZZHnpH4jwaQnijJ7364BnPnJUdDxcX1EF7tTYh89ClMyO6RkEwznSgG6xHJxRt3eQZDkir2cFSXL4cSRGnsKeqQ&sai=AMfl-YSqKD3JarnMlaFvuDHuT-mcxjyBxXq0kmiwDKohqQPl6ZsUDf0KBmThXByUKNajbqwCMGY1A3zGJgSkP0DpdvzJp7wNeCoKBp9tnXJaB8CwLJ-bwNQDW91aawET5TY&sig=Cg0ArKJSzPgkN1KhUeTKEAE&uach_m=[UACH]&adurl=
Frame ID: 16F05EA45F7FFD7A0517A5E05CCD74FA
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuX2GNv83mVt47UgwSKVxCSVWBmxNUc7Zx5TQhRTdV1bkMOZqhAwcE6ubRb4bWwdqDvUFX-vTzFYl9dsr7-RRPQNP3csh9yv061Bl3d454QJRaF_8w780_IIGQzigQ0SUq7gRlZWKYG5SbAJ6Q7trfKMmBXildLiDScerQQpG_qSUZdGRqLip0hfTI2TPp6P2X3oeZtGWD5KWjus8VJ9n3STTelG0N36Dn1KNWtJcQCFeaePJZ2SjllmHxP_LawqnlJhr-gzixHrFWNxyQiHWC045u9zDwQjBwIKj3iLxFWBbJAviK1p_UILvVRNQU_sCOXnexgdVw&sai=AMfl-YRnO8c9uitpFC0NTIB9YT_F0sSrgRA5a7BbD-VJiqYZvKEWoSGd5GzwRbxwsX8A7jv5Q1RVAgwE5L5lS8oO_zD0Qvp-lWjC9KyUaj24g1wE4hoUZZW4hTyWc9NgVHs&sig=Cg0ArKJSzFtDcBFsIeUzEAE&uach_m=[UACH]&adurl=
Frame ID: 3728A088BC30918B9F48E59A336FE45A
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbYZfvdBYPC1UkpzU_mzCfp5FLLZZd7m6TsqnlyGcb_xUEJAtlBoDTPFs34cTBqsR8f7WH76HRvVNop9HJIdx0l6KkvtRZRjZgb9_-AnH9uxxvkdVL2Dp4nY2t1VVZSt9So0CajwnorOoYJlQARwo06SJR0Aqa5xAzawTqPOyhVc6ispz0oVt1ht_F1VaBPYw3CIAKAlJTeMHc4im-W1rcZVvKoSPBe5js7xgk-bRKmWqAEz23EBKw_tcCJ_8K2wCsIhPuB8v7ik6NkZ4TYTDgXAIb5a-0aY-4fMLITHmkf1mkPGrtoRNW-L_5uX80m-rRv0aSABMICjY&sai=AMfl-YSIyE6ZR9WtzlPc00spMEqVzy658B7il8zVQ7WeZ2_zj6zCuBuryGny1F93eDk78__r59bApKy5JB3d8L3UD-xzsaNjbhFnSJtLHE-6q5oZuF1I_3n1G_8lU-NrAw0&sig=Cg0ArKJSzJus4PiIG4IGEAE&uach_m=[UACH]&adurl=
Frame ID: B6F2B561C321686711E2FD5BEF6B4A40
Requests: 9 HTTP requests in this frame

Frame: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A3FD96726540EB09339373830AF7C96D
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUlpG4Tib0GGJ5Xlj79lvlubCjzRodl5dTfZKOZoVfa1Z9qo0CwakeQlB73AzS0zTGIXDCD48Mu4alrhh5bglyCuslrbghkb5viEJes4PcJ3HhrYwtv2J3ZFH7s3avfcWzg8FnRkmhdEY9Sw0hNedCe5lXDAzGAfVc0uraKosjKSVuEn-8
Frame ID: 53CCAFCCD9DC831A16289E15649E7B7E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8991D7B18C7F927BEF74DC707CDD1137
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=43926000204209700710616011794002&actionid=731824&produktid=businessgiro&dt_url=
Frame ID: 73BDE1AF7B36B59F663525EC925A4328
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 48D0E4A270D96D5D9A2D783574B9C4E7
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CITK_uvrwPQCFcREHQkddTYD6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395
Frame ID: 6BFA1E769F3A36AAB12DE001637E76CE
Requests: 2 HTTP requests in this frame

Frame: https://hal90002.redintelligence.net/request_content.php?s=43926000204209700710616011794002&a=14753bce
Frame ID: 182DF1855DAB9379691365A336E45B1D
Requests: 8 HTTP requests in this frame

Frame: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 27AE02F3934510B83AD86972D13DBCF9
Requests: 26 HTTP requests in this frame

Frame: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B756CB79A62BCCB85516FC46EC8EBF5E
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A1F2FC4133806C00E023C9BFF8C3E5E4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DC6B91751902C9276D9AA8A4EE8EF712
Requests: 2 HTTP requests in this frame

Frame: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D222BDDCC660DE83C5DCAE8DAAC6C9D5
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3D5D88B923DC6FF44DC2472BBE38A74D
Requests: 9 HTTP requests in this frame

Frame: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F9ACB1A9D1ABB82C6DCB686C1D32764C
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5F52DDD5FD24AE6DC19F1A79A96B6942
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Daily Blog

Page Statistics

354
Requests

94 %
HTTPS

50 %
IPv6

36
Domains

53
Subdomains

42
IPs

10
Countries

8053 kB
Transfer

16421 kB
Size

41
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/566680893351540
Title: Like

Search URL Search Domain Scan URL

URL: https://twitter.com/TheDailyBlogNZ
Title: Follow

Search URL Search Domain Scan URL

URL: https://eveningreport.nz/er-podcasts/
Title: MIL PODCASTSBookmark

Search URL Search Domain Scan URL

URL: https://www.facebook.com/selwyn.manning
Title: Follow

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/eveningreport
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://podcasts.apple.com/us/podcast/evening-report/id1542433334?itsct=podcast_box&itscg=30200

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/102eox6FyOzfp48pPTv8nX

Search URL Search Domain Scan URL

URL: https://milnz.co.nz/
Title: MILNZ.co.nz

Search URL Search Domain Scan URL

URL: https://www.statcounter.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://tools.applemediaservices.com/api/badges/listen-on-apple-podcasts/badge/en-US?size=250x83&releaseDate=1606352220&h=79ac0fbf02ad5db86494e28360c5d19f HTTP 301
https://apple-resources.s3.amazonaws.com/media-badges/listen-on-apple-podcasts/badge/en-us.svg

Request Chain 214

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 225

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADGRWgGDXqeQNmh5nKZu3Y&google_cver=1

Request Chain 226

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaZ.Wp1Fd22iraeQB251TAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADGRWgGDXqeQNmh5nKZu3Y&google_cver=1&google_hm=2

Request Chain 227

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOBWYQOn-yW3TNQA3TxWPNw&google_cver=1

Request Chain 228

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk1MTg5MzY4MDk2MzIxMjg0MQ%3D%3D

Request Chain 233

https://hal90002.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=33378dbaaf&subid=&uid=261f6f7dfdb32c77&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx_VWX6mYZfRGdT77_UP4ZWb2AW1zfmDV8zeuavlDPAuEAEgot_RIGCV4pCCoAfIAQmpAmYnJL0kGLM-qAMBqgSVAk_QjBFRaOyzgJEFGaWJT8MHU7rtDJoNO4x2M7FyTNr9xoJKDNf01bESOtc5XgABprp7MWmDuywHMd0Y-hu_BP5SQllelbpEY87Eb5_dfUaZzwfVyExzoCGMHCBV6UyeBuWXJDfrQ-kxqrBakg_fPab7QebSoBvbuHQWRz3YA4r2bhb8LKf0tnLddoySNaz93z_9a2PShTFcIXHGH3K89x2JoV44RiVL5873J44KaV7lXDTlpOCHkFdFX89fysqHQDW7tUGdgYJAVatJH1VOkAhWWM-7OWW-SRy0n9eyUHP7_w2LoQkM_katdtaq9TJv7zP4g5CuUTJ9ThOpOCMVm1J09NrwwsIUNGQ7wk7JYfIMT3JQSDrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGFzwVeDlHHL2ykUrsJyJn0uXVQ%26sig%3DAOD64_36S9c5P60ZlcXY2OdneLZrHouSlQ%26client%3Dca-pub-6251155607275344%26dbm_c%3DAKAmf-AIgCa81hBlCWZC2L3hR3oUvKkjTADJAu00KFkKrVUKStzAqxe-xUgHsHQRAP5A8NrIPv0PhR9zKbE1uwrGiJjdQcdXq9ZUbhhkusgnU-voGtZ2cnHIpFD9jivdtArn225bYFSgNceHuPv5waYTWvnmnUt4yg%26cry%3D1%26dbm_d%3DAKAmf-A3N0EXQ2HtuJl2Mybsp0qXvcFBMcvEhZOh-uB2oUxjKElNas9PAIUvvCclepZ9wdoiNMiOH4qTY66cFxhA0T-4DS8eJ5c7bnGeaJP90_Aa-5RZO8ABdrwD8GpTbp9bgo0_lRbk4i-cX5BtHoWiJTqzgW64KpLuvuvGy-hlKHJ6zWPtxbMeEtjjwJylUrjr0-c0QuMfy1fL9IfGzduoTqFEtwPswD9Fk_Hh2VaR4_fNSkLO4JGcvDq7ZPHqgzz4WW-ojhzfIOnLj1y6ancfbqPT1tsaQoupSB4OeXAjKju2IhsceDunG81G7c_RG91ct1n16DUrdHEhWAvRfEiZtcA3M6aoX-1Cw-sxKfbDtOuypfUNEa6xBMPLEMGekJqCzxQFqWznobm2b21Bk6dy95OUsAbJS_ZNvrdGQGb4oDisTMoDZe1KmZMwtX4q3o8lte0UwriC%26adurl%3D&documentReferer=https%3A%2F%2Fthedailyblog.co.nz%2F&ancestorOrigins=https%3A%2F%2Fthedailyblog.co.nz&random=5616217258290&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90002.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=33378dbaaf&subid=&uid=261f6f7dfdb32c77&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx_VWX6mYZfRGdT77_UP4ZWb2AW1zfmDV8zeuavlDPAuEAEgot_RIGCV4pCCoAfIAQmpAmYnJL0kGLM-qAMBqgSVAk_QjBFRaOyzgJEFGaWJT8MHU7rtDJoNO4x2M7FyTNr9xoJKDNf01bESOtc5XgABprp7MWmDuywHMd0Y-hu_BP5SQllelbpEY87Eb5_dfUaZzwfVyExzoCGMHCBV6UyeBuWXJDfrQ-kxqrBakg_fPab7QebSoBvbuHQWRz3YA4r2bhb8LKf0tnLddoySNaz93z_9a2PShTFcIXHGH3K89x2JoV44RiVL5873J44KaV7lXDTlpOCHkFdFX89fysqHQDW7tUGdgYJAVatJH1VOkAhWWM-7OWW-SRy0n9eyUHP7_w2LoQkM_katdtaq9TJv7zP4g5CuUTJ9ThOpOCMVm1J09NrwwsIUNGQ7wk7JYfIMT3JQSDrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGFzwVeDlHHL2ykUrsJyJn0uXVQ%26sig%3DAOD64_36S9c5P60ZlcXY2OdneLZrHouSlQ%26client%3Dca-pub-6251155607275344%26dbm_c%3DAKAmf-AIgCa81hBlCWZC2L3hR3oUvKkjTADJAu00KFkKrVUKStzAqxe-xUgHsHQRAP5A8NrIPv0PhR9zKbE1uwrGiJjdQcdXq9ZUbhhkusgnU-voGtZ2cnHIpFD9jivdtArn225bYFSgNceHuPv5waYTWvnmnUt4yg%26cry%3D1%26dbm_d%3DAKAmf-A3N0EXQ2HtuJl2Mybsp0qXvcFBMcvEhZOh-uB2oUxjKElNas9PAIUvvCclepZ9wdoiNMiOH4qTY66cFxhA0T-4DS8eJ5c7bnGeaJP90_Aa-5RZO8ABdrwD8GpTbp9bgo0_lRbk4i-cX5BtHoWiJTqzgW64KpLuvuvGy-hlKHJ6zWPtxbMeEtjjwJylUrjr0-c0QuMfy1fL9IfGzduoTqFEtwPswD9Fk_Hh2VaR4_fNSkLO4JGcvDq7ZPHqgzz4WW-ojhzfIOnLj1y6ancfbqPT1tsaQoupSB4OeXAjKju2IhsceDunG81G7c_RG91ct1n16DUrdHEhWAvRfEiZtcA3M6aoX-1Cw-sxKfbDtOuypfUNEa6xBMPLEMGekJqCzxQFqWznobm2b21Bk6dy95OUsAbJS_ZNvrdGQGb4oDisTMoDZe1KmZMwtX4q3o8lte0UwriC%26adurl%3D&documentReferer=https%3A%2F%2Fthedailyblog.co.nz%2F&ancestorOrigins=https%3A%2F%2Fthedailyblog.co.nz&random=5616217258290&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 235

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=43926000204209700710616011794002&t=htlp HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=43926000204209700710616011794002&actionid=731824&produktid=businessgiro&dt_url=

Request Chain 238

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CITK_uvrwPQCFcREHQkddTYD6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395

Request Chain 240

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=43926000204209700710616011794002 HTTP 301
https://ad-server.eu/wm/pb/native.png

Request Chain 330

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC7wqyMOBCcChicCjIIWCv19vqeVug HTTP 301
https://tpc.googlesyndication.com/simgad/3218002549567218547

Request Chain 335

https://d.agkn.com/pixel/2175/?google_gid=CAESECH8cPvClIJ7e3X3u364h28&google_cver=1&google_push=AYg5qPLirjcWh8ZXhcLP3y-OgaEfuPYKfLwhCTjTNdQAb1H7GjssQGlG7jZx-hM9NcNfYS0tBA6i9xqzlPVL9_JjPk3m3uhp9Spf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLirjcWh8ZXhcLP3y-OgaEfuPYKfLwhCTjTNdQAb1H7GjssQGlG7jZx-hM9NcNfYS0tBA6i9xqzlPVL9_JjPk3m3uhp9Spf&google_hm=Q0FFU0VDSDhjUHZDbElKN2UzWDN1MzY0aDI4

Request Chain 336

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLtIB1kKjzPfLs42kJHoO5w-y3OTNztBo6lhyNPWtMXPvx2KbMh-KfixzL7109Kva8ZhNo7bIrjMO4F6gBzX3EpWTlrmucyAQ&google_gid=CAESEEoFJaVLWUqrtBF_ZD9nkE0&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLtIB1kKjzPfLs42kJHoO5w-y3OTNztBo6lhyNPWtMXPvx2KbMh-KfixzL7109Kva8ZhNo7bIrjMO4F6gBzX3EpWTlrmucyAQ&google_gid=CAESEEoFJaVLWUqrtBF_ZD9nkE0&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMzAxOTQxMTUwMDA5MjU0MTc0MDkyOQ%3D%3D&google_push=AYg5qPLtIB1kKjzPfLs42kJHoO5w-y3OTNztBo6lhyNPWtMXPvx2KbMh-KfixzL7109Kva8ZhNo7bIrjMO4F6gBzX3EpWTlrmucyAQ

Request Chain 338

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEALJJ2ENLjcm6oIjWNCphLo&google_cver=1&google_push=AYg5qPJXgB3ZDX2rClrv_zGEixEGGdNaAxqZCTYuD-uFf3N7PFRU-PFaK-tQ-KNHXEBWvCv6oO9kvnT57ZY9mOksGYWo25P19Aul-g HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEALJJ2ENLjcm6oIjWNCphLo&google_cver=1&google_push=AYg5qPJXgB3ZDX2rClrv_zGEixEGGdNaAxqZCTYuD-uFf3N7PFRU-PFaK-tQ-KNHXEBWvCv6oO9kvnT57ZY9mOksGYWo25P19Aul-g&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MqzQGjbOTq20vnoO20RrqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJXgB3ZDX2rClrv_zGEixEGGdNaAxqZCTYuD-uFf3N7PFRU-PFaK-tQ-KNHXEBWvCv6oO9kvnT57ZY9mOksGYWo25P19Aul-g

Request Chain 339

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE6Qy1_HMQaLeglqqT5NkfA&google_cver=1&google_push=AYg5qPKdaIUcNpxNHHQBIeThvDn2DXYPps8wK4NRaTTcWR8BQvzBL84W1P_WhRTFbyV74oEoqIn5zEi6f36SSskoCgCeAXDj8kUYTA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dNSUEyU1otMUItSDlVRA==&google_push=AYg5qPKdaIUcNpxNHHQBIeThvDn2DXYPps8wK4NRaTTcWR8BQvzBL84W1P_WhRTFbyV74oEoqIn5zEi6f36SSskoCgCeAXDj8kUYTA

Request Chain 340

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1

Request Chain 361

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGayuP6X5gr_ON-40SAM8r0&google_cver=1&google_push=AYg5qPK-ZxZa46-n5Y8oPd-EtUcWNyC2c-EzqWEySeLaxLrrK9fAAr5VqnH_yh3tqrEi54GHxDRF314qXZU2c3sqP1pmqswVQAQ HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK-ZxZa46-n5Y8oPd-EtUcWNyC2c-EzqWEySeLaxLrrK9fAAr5VqnH_yh3tqrEi54GHxDRF314qXZU2c3sqP1pmqswVQAQ&google_hm=RA4O_LoN8ckncZND0oWWrA

Request Chain 362

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIYW2SD3TA40TKBk-khoJEwi12jWaebhQQG_iM3ecwv3AohNIkw1UKiTBqS0xb3ZNqNh4VwB9hbsd_kWx3H1EWMpsy1El8&google_gid=CAESEJO_OpfbLyNYNN6wkvtO4vg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWFaQFhBQUFCWVRVbUZlaw&google_push=AYg5qPIYW2SD3TA40TKBk-khoJEwi12jWaebhQQG_iM3ecwv3AohNIkw1UKiTBqS0xb3ZNqNh4VwB9hbsd_kWx3H1EWMpsy1El8

Request Chain 364

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPw9h6nx9Aa0RaY_YtUSj3M&google_cver=1&google_push=AYg5qPIHSHBlk69GL7ClxBedeNZEaw_LbZR330qpkFDs0ZkdUWs-iZXN_DpZqOBXWq0VV-tquKqFNrtSkQvH1ivwd3iJ7UC04w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MqzQGjbOTq20vnoO20RrqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIHSHBlk69GL7ClxBedeNZEaw_LbZR330qpkFDs0ZkdUWs-iZXN_DpZqOBXWq0VV-tquKqFNrtSkQvH1ivwd3iJ7UC04w

Request Chain 365

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIa6pI3soUWQoWTJXu8xNIE&google_cver=1&google_push=AYg5qPLDZEhaaPXLQ6-hGu7X5LxlJS-234qLU5o01sI437U6qkLGELzw_G1bSYdvxjNbJgEqnF3nHqFnaR-PjQtxiCH6eEzU2D0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dNSUEzNkUtMVotNlJQSA==&google_push=AYg5qPLDZEhaaPXLQ6-hGu7X5LxlJS-234qLU5o01sI437U6qkLGELzw_G1bSYdvxjNbJgEqnF3nHqFnaR-PjQtxiCH6eEzU2D0

Request Chain 366

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_cver=1&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE

354 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
thedailyblog.co.nz/ 275 KB
34 KB 1249ms
326ms Document
text/html 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 81e5f11f8a2a8947ccb6cb8693b42f6d2acbeea99c44ae4b45917956b5ad7053

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Tue, 30 Nov 2021 19:41:10 GMT
content-type: text/html; charset=UTF-8
content-length: 34497
last-modified: Tue, 30 Nov 2021 19:26:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
x-powered-by: PleskLin

GET
H2 200 style.min.css
thedailyblog.co.nz/wp-includes/css/dist/block-library/ 79 KB
10 KB 618ms
617ms Stylesheet
text/css 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://thedailyblog.co.nz/wp-includes/css/dist/block-library/style.min.css?ver=d860d08fab8817159afd19afefb90d35
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:10 GMT
content-encoding: br
etag: W/"60fa65b2-13abe"
last-modified: Fri, 23 Jul 2021 06:46:10 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 style.css
thedailyblog.co.nz/wp-content/plugins/wordpress-social-login/assets/css/ 268 B
276 B 619ms
617ms Stylesheet
text/css 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://thedailyblog.co.nz/wp-content/plugins/wordpress-social-login/assets/css/style.css?ver=d860d08fab8817159afd19afefb90d35
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: ddca68622fef19ca9794aecf8a9b9566a3838d5892a5138bf5f0e1a3d56b5c92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:10 GMT
content-encoding: br
etag: W/"5f739d0f-10c"
last-modified: Tue, 29 Sep 2020 20:46:07 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 frontend.css
thedailyblog.co.nz/wp-content/plugins/wp-math-captcha/css/ 277 B
265 B 620ms
618ms Stylesheet
text/css 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://thedailyblog.co.nz/wp-content/plugins/wp-math-captcha/css/frontend.css?ver=d860d08fab8817159afd19afefb90d35
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: b67941a710bc007120fa919bf7feebe922b2e8835ff033cb4ae578745eef93eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:10 GMT
content-encoding: br
etag: W/"5ba4848b-115"
last-modified: Fri, 21 Sep 2018 05:41:31 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 style.css
thedailyblog.co.nz/wp-content/plugins/td-composer/td-multi-purpose/ 70 KB
9 KB 620ms
619ms Stylesheet
text/css 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://thedailyblog.co.nz/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=61179afdbbd6a8d8c8a7f82ae3fcd87d
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: b8d672580b2905758e845bc540e20fa872e990610e21f2f60408a8bfae76abcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:10 GMT
content-encoding: br
etag: W/"61284f37-11855"
last-modified: Fri, 27 Aug 2021 02:34:31 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 29 KB
2 KB 392ms
48ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.7.3

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0d63bf5491efdf119ff9c1fccdb8361c8d05b3ae2add05305ce5a3668ac49a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 18:21:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Nov 2021 19:41:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Nov 2021 19:41:10 GMT

GET
H2 200 style.css
thedailyblog.co.nz/wp-content/themes/Newspaper/ 177 KB
26 KB 621ms
619ms Stylesheet
text/css 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://thedailyblog.co.nz/wp-content/themes/Newspaper/style.css?ver=9.7.3
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: b5b703eeaf5065d45ab4bf9f4a256e2ebf791e0d4d6a82da4e7367cbe03ef30f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:10 GMT
content-encoding: br
etag: W/"61284f03-2c482"
last-modified: Fri, 27 Aug 2021 02:33:39 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 td_legacy_main.css
thedailyblog.co.nz/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 984 KB
81 KB 621ms
620ms Stylesheet
text/css 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://thedailyblog.co.nz/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=61179afdbbd6a8d8c8a7f82ae3fcd87d
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: d39565761da81a7a99fd66a537eeb7250c9bf5fe52529be9a6a91e67ad1ad46d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:10 GMT
content-encoding: br
etag: W/"61284f37-f5ece"
last-modified: Fri, 27 Aug 2021 02:34:31 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 tdb_less_front.css
thedailyblog.co.nz/wp-content/plugins/td-cloud-library/assets/css/ 101 KB
11 KB 621ms
620ms Stylesheet
text/css 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://thedailyblog.co.nz/wp-content/plugins/td-cloud-library/assets/css/tdb_less_front.css?ver=d158fac1e2f85794ec26781eb2a38fd9
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: a8acd6db992817ef0230b22e01b4772a59ef1e151112cbb039ad79a8d9260565

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:10 GMT
content-encoding: br
etag: W/"61284f5a-193e6"
last-modified: Fri, 27 Aug 2021 02:35:06 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 jquery.min.js Show response
thedailyblog.co.nz/wp-includes/js/jquery/ 87 KB
30 KB 621ms
620ms Script
application/javascript 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://thedailyblog.co.nz/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:10 GMT
content-encoding: br
etag: W/"60fa65b2-15db1"
last-modified: Fri, 23 Jul 2021 06:46:10 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
thedailyblog.co.nz/wp-includes/js/jquery/ 11 KB
4 KB 621ms
620ms Script
application/javascript 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://thedailyblog.co.nz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:10 GMT
content-encoding: br
etag: W/"5fd05a97-2bd8"
last-modified: Wed, 09 Dec 2020 05:03:19 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 jquery.colorbox.js Show response
thedailyblog.co.nz/wp-content/plugins/wp-ajax-edit-comments/js/ 28 KB
8 KB 935ms
934ms Script
application/javascript 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://thedailyblog.co.nz/wp-content/plugins/wp-ajax-edit-comments/js/jquery.colorbox.js?ver=6.1
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: c5a310590b84ddb8c45b12b32267c95961a7fc4f7bbd13828113d00abfdd24b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:10 GMT
content-encoding: br
etag: W/"5e6428ed-71f1"
last-modified: Sat, 07 Mar 2020 23:06:21 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 156ms
60ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-41539225-10

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56e804210fd89a6c96bd70419ae26b19bed0629a143bb9b8f3aeffc28a4050ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36136
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Nov 2021 19:41:11 GMT

GET
H2 200 wp-emoji-release.min.js Show response
thedailyblog.co.nz/wp-includes/js/ 18 KB
5 KB 344ms
331ms Script
application/javascript 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://thedailyblog.co.nz/wp-includes/js/wp-emoji-release.min.js?ver=d860d08fab8817159afd19afefb90d35
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
content-encoding: br
etag: W/"60fa65b2-4705"
last-modified: Fri, 23 Jul 2021 06:46:10 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 152ms
54ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

545c4f635d9b7adc66a5d435227d5982d2cf1722cd19be7652d7d35da7f9298b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1060 / 478 of 1000 / last-modified: 1638289429"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26853
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 30 Nov 2021 19:41:11 GMT

GET
H2 200 The-Daily-Blog-Logo-May-1-cdn.png
thedailyblog.co.nz/wp-content/uploads/2019/07/ 31 KB
31 KB 344ms
332ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2019/07/The-Daily-Blog-Logo-May-1-cdn.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 0d53e53662547ba7d7a2b5b82a2546ed1836fd30c1234f949d52218e31337859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
last-modified: Thu, 18 Jul 2019 05:28:57 GMT
server: nginx
x-powered-by: PleskLin
etag: "5d300399-7b23"
content-type: image/png
accept-ranges: bytes
content-length: 31523

GET
H2 200 Screen-Shot-2021-11-30-at-9.36.14-AM-324x160.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 101 KB
101 KB 624ms
612ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-30-at-9.36.14-AM-324x160.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: b56eecd25900ad77097a6c08f96c9ef7826cde9d8fbd64b5a5067f4bb2be0fe2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Mon, 29 Nov 2021 20:37:21 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a53a01-19325"
content-type: image/png
accept-ranges: bytes
content-length: 103205

GET
H2 200 Screen-Shot-2021-11-30-at-6.39.57-AM-324x160.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 70 KB
70 KB 662ms
651ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-30-at-6.39.57-AM-324x160.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 01fa6d2ca5c5a9c10141c53387fbb2f0a72c0e77cceea23edac17c300314863f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Mon, 29 Nov 2021 17:45:25 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a511b5-1179a"
content-type: image/png
accept-ranges: bytes
content-length: 71578

GET
H2 200 Screen-Shot-2021-11-30-at-6.33.31-AM-324x160.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 57 KB
57 KB 662ms
651ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-30-at-6.33.31-AM-324x160.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 58a0a3b8704ec1e1d8f37d3148cde822c6e7b3e7f38feb38dc196ebf34e5c2de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Mon, 29 Nov 2021 17:34:07 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a50f0f-e517"
content-type: image/png
accept-ranges: bytes
content-length: 58647

GET
H2 200 EPzXeeDXUAAX1li-1-1-324x160.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/ 11 KB
12 KB 662ms
651ms Image
image/jpeg 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/EPzXeeDXUAAX1li-1-1-324x160.jpg
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: babc40630140b5468e7d2f5ebe92b26f409e9b52d79a8ae0d176f58f2de9f5c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Mon, 29 Nov 2021 17:32:26 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a50eaa-2d85"
content-type: image/jpeg
accept-ranges: bytes
content-length: 11653

GET
H2 200 2902443145_9da4e9770e_c-324x160.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/ 6 KB
6 KB 662ms
651ms Image
image/jpeg 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/2902443145_9da4e9770e_c-324x160.jpg
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 87d4eaf643585cc24cd1c85fa47a4ebdbd1afb6feba82d87a7ccb248432952be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Sun, 28 Nov 2021 01:09:49 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a2d6dd-18dd"
content-type: image/jpeg
accept-ranges: bytes
content-length: 6365

GET
H2 200 Screen-Shot-2021-11-28-at-4.01.15-PM-324x160.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 31 KB
31 KB 662ms
651ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-28-at-4.01.15-PM-324x160.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: eef15e0f5b63223c06167149d13e65daa91155531c57c7672a2d60949031c87b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Sun, 28 Nov 2021 03:01:37 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a2f111-7b41"
content-type: image/png
accept-ranges: bytes
content-length: 31553

GET
H2 200 Screen-Shot-2021-11-30-at-6.33.31-AM-324x235.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 80 KB
80 KB 662ms
652ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-30-at-6.33.31-AM-324x235.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: aa1cab67f2ce2f4fed626d0c140bae547db6dd55802e480438fd635ed7b1b5aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Mon, 29 Nov 2021 17:34:08 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a50f10-13f82"
content-type: image/png
accept-ranges: bytes
content-length: 81794

GET
H2 200 skynews-omicron-variant-charlotte-lomas_5598175-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/ 2 KB
3 KB 663ms
652ms Image
image/jpeg 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/skynews-omicron-variant-charlotte-lomas_5598175-100x70.jpg
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 93ca0c9eb6a8c20f5c4c91c7791891bfbdb74199ecf15e352dfee1b300b37072

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Sun, 28 Nov 2021 16:18:27 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a3abd3-9db"
content-type: image/jpeg
accept-ranges: bytes
content-length: 2523

GET
H2 200 2902443145_9da4e9770e_c-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/ 2 KB
2 KB 662ms
652ms Image
image/jpeg 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/2902443145_9da4e9770e_c-100x70.jpg
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: cf5185f75e3a887c7f312005d9d59a29893e6f964d8a351bd9d2c5ec0d983d70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Sun, 28 Nov 2021 01:09:49 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a2d6dd-834"
content-type: image/jpeg
accept-ranges: bytes
content-length: 2100

GET
H2 200 Screen-Shot-2021-11-28-at-4.01.15-PM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 6 KB
7 KB 662ms
652ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-28-at-4.01.15-PM-100x70.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 5b278d4956a05c098c4470ebc4e8eef09f6cc0603aec285b99f2390a549fcb53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Sun, 28 Nov 2021 03:01:37 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a2f111-19f6"
content-type: image/png
accept-ranges: bytes
content-length: 6646

GET
H2 200 unnamed-1-1-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/ 3 KB
3 KB 662ms
652ms Image
image/jpeg 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/unnamed-1-1-100x70.jpg
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 705ab96fffcb6271b575e41f5a56f29302e9062742c472755b5ff67d4560bc3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Sat, 27 Nov 2021 17:22:19 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a2694b-b3d"
content-type: image/jpeg
accept-ranges: bytes
content-length: 2877

GET
H2 200 Screen-Shot-2021-11-28-at-6.19.08-AM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 17 KB
17 KB 662ms
652ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-28-at-6.19.08-AM-100x70.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 0913125a85710095ce4e31d77f2a9a9917e2a7a9f3cf2575f74308b14c22b579

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Sat, 27 Nov 2021 18:24:23 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a277d7-4386"
content-type: image/png
accept-ranges: bytes
content-length: 17286

GET
H2 200 Screen-Shot-2021-11-30-at-9.36.14-AM-324x235.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 141 KB
141 KB 662ms
653ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-30-at-9.36.14-AM-324x235.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: ed6c2370e3d2a5e1a2ec2da2964b71b9f4ad159d5688cf3851958ac56278206f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Mon, 29 Nov 2021 20:37:21 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a53a01-232bf"
content-type: image/png
accept-ranges: bytes
content-length: 144063

GET
H2 200 Screen-Shot-2021-11-25-at-5.52.23-PM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 12 KB
12 KB 662ms
653ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-25-at-5.52.23-PM-100x70.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 452a41553aeea0a8b6a20a9610abbb8d1d3e1f57e77737b45defb8b43865a8e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Thu, 25 Nov 2021 04:52:47 GMT
server: nginx
x-powered-by: PleskLin
etag: "619f169f-3128"
content-type: image/png
accept-ranges: bytes
content-length: 12584

GET
H2 200 unnamed-1-1-1-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/ 2 KB
2 KB 662ms
653ms Image
image/jpeg 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/unnamed-1-1-1-100x70.jpg
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 342ef537e7c4b83126b6c082466ec18d3fb17c994e6079a537f7ebd3fc2ba1ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Sat, 27 Nov 2021 18:06:47 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a273b7-74a"
content-type: image/jpeg
accept-ranges: bytes
content-length: 1866

GET
H2 200 3b4e35f475e8076af3ffb98d50dad7a7-1-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/10/ 3 KB
3 KB 662ms
653ms Image
image/jpeg 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/10/3b4e35f475e8076af3ffb98d50dad7a7-1-100x70.jpg
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 1f1dad5118af2904b6baebf68ca6812accaa29e6e6991545c0c85952993b7955

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Wed, 20 Oct 2021 20:34:32 GMT
server: nginx
x-powered-by: PleskLin
etag: "61707d58-aed"
content-type: image/jpeg
accept-ranges: bytes
content-length: 2797

GET
H2 200 2902443145_9da4e9770e_c-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/10/ 2 KB
2 KB 662ms
653ms Image
image/jpeg 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/10/2902443145_9da4e9770e_c-100x70.jpg
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: cf5185f75e3a887c7f312005d9d59a29893e6f964d8a351bd9d2c5ec0d983d70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Mon, 18 Oct 2021 18:19:29 GMT
server: nginx
x-powered-by: PleskLin
etag: "616dbab1-834"
content-type: image/jpeg
accept-ranges: bytes
content-length: 2100

GET
H2 200 Screen-Shot-2021-11-27-at-5.45.59-AM-324x235.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 97 KB
97 KB 662ms
653ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-27-at-5.45.59-AM-324x235.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 41c1c14d4949e2fe0d0f378f46800961b24b9a7cd8f515fd67727af809006245

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Fri, 26 Nov 2021 16:46:22 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a10f5e-18281"
content-type: image/png
accept-ranges: bytes
content-length: 98945

GET
H2 200 Nobel-awards-680wide-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 12 KB
12 KB 662ms
653ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Nobel-awards-680wide-100x70.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 17fb87c96fb0c8607ca806340880caf12c3f64ef820aa46ad83f442c58bd8ae5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Fri, 26 Nov 2021 12:17:53 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a0d071-2ee6"
content-type: image/png
accept-ranges: bytes
content-length: 12006

GET
H2 200 1626759855963-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/ 3 KB
3 KB 662ms
654ms Image
image/jpeg 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/1626759855963-100x70.jpg
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 110e64beb89f1827af4da07190ed859bb6ffd5d090cd43879c9bdc96cf678508

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Tue, 23 Nov 2021 18:00:31 GMT
server: nginx
x-powered-by: PleskLin
etag: "619d2c3f-b30"
content-type: image/jpeg
accept-ranges: bytes
content-length: 2864

GET
H2 200 Screen-Shot-2021-11-21-at-9.03.51-AM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 13 KB
13 KB 662ms
654ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-21-at-9.03.51-AM-100x70.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 45f42a9e2401a2f382dd98f2bb8b0ad3a8f108b48cea1583c234374f819e4ecd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Sat, 20 Nov 2021 20:04:22 GMT
server: nginx
x-powered-by: PleskLin
etag: "619954c6-32d5"
content-type: image/png
accept-ranges: bytes
content-length: 13013

GET
H2 200 Screen-Shot-2021-11-21-at-8.20.37-AM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 14 KB
14 KB 662ms
654ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-21-at-8.20.37-AM-100x70.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 15f408dbe95ea982498c273a0f8b5bb62663e63d05003b0b0a3cf3b921cd3656

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Sat, 20 Nov 2021 19:20:55 GMT
server: nginx
x-powered-by: PleskLin
etag: "61994a97-36a5"
content-type: image/png
accept-ranges: bytes
content-length: 13989

GET
H2 200 Screen-Shot-2021-11-21-at-7.44.37-AM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 15 KB
15 KB 662ms
654ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-21-at-7.44.37-AM-100x70.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: c61a9f345c53f349e9cd65bdb793219f3313f6123e4a853d8816cb21c748974c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Sat, 20 Nov 2021 18:51:25 GMT
server: nginx
x-powered-by: PleskLin
etag: "619943ad-3c31"
content-type: image/png
accept-ranges: bytes
content-length: 15409

GET
H2 200 EPzXeeDXUAAX1li-1-1-324x235.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/ 16 KB
16 KB 662ms
654ms Image
image/jpeg 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/EPzXeeDXUAAX1li-1-1-324x235.jpg
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 58abc50280b1ab8b51dbfba47cc6f29716891240da58dc367c4df680af13b8c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Mon, 29 Nov 2021 17:32:26 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a50eaa-3f7b"
content-type: image/jpeg
accept-ranges: bytes
content-length: 16251

GET
H2 200 Screen-Shot-2021-10-10-at-12.12.28-PM-1536x1185-1-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 15 KB
15 KB 662ms
654ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-10-10-at-12.12.28-PM-1536x1185-1-100x70.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: f11e712f5ba6206d7a0d18f722e4432541c83f305a4487df0221c177a77d82cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Thu, 11 Nov 2021 00:36:35 GMT
server: nginx
x-powered-by: PleskLin
etag: "618c6593-3bab"
content-type: image/png
accept-ranges: bytes
content-length: 15275

GET
H2 200 1625169872233-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/ 4 KB
4 KB 662ms
654ms Image
image/jpeg 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/1625169872233-100x70.jpg
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 112cd63fd5ea29884b8bfb783298e9b62dfbb6957f72f6c314c319be19da7fd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Wed, 24 Nov 2021 06:12:58 GMT
server: nginx
x-powered-by: PleskLin
etag: "619dd7ea-1106"
content-type: image/jpeg
accept-ranges: bytes
content-length: 4358

GET
H2 200 Screen-Shot-2021-11-24-at-5.52.43-PM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 14 KB
14 KB 662ms
655ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-24-at-5.52.43-PM-100x70.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: b326ea6de03ce4cf0e65d5f84d46bd3061e061f68b56b53189fa18b2f0bd6a2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Wed, 24 Nov 2021 04:55:34 GMT
server: nginx
x-powered-by: PleskLin
etag: "619dc5c6-3655"
content-type: image/png
accept-ranges: bytes
content-length: 13909

GET
H2 200 Screen-Shot-2021-05-09-at-6.44.05-AM-1-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/07/ 6 KB
7 KB 662ms
655ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/07/Screen-Shot-2021-05-09-at-6.44.05-AM-1-100x70.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 2f9026bfd34af089ef174d86c7c4d3a7ca9162b22216b544e518d462e5f60e90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Thu, 01 Jul 2021 18:19:16 GMT
server: nginx
x-powered-by: PleskLin
etag: "60de0724-19cf"
content-type: image/png
accept-ranges: bytes
content-length: 6607

GET
H2 200 1502244531487-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/ 2 KB
2 KB 662ms
655ms Image
image/jpeg 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/1502244531487-100x70.jpg
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: a2f4e82889c321379d880ffccb70876e454cf53351ff4777a9905a37b12a9b98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Tue, 16 Nov 2021 17:03:05 GMT
server: nginx
x-powered-by: PleskLin
etag: "6193e449-703"
content-type: image/jpeg
accept-ranges: bytes
content-length: 1795

GET
H2 200 Screen-Shot-2021-11-30-at-6.39.57-AM-324x235.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 102 KB
102 KB 662ms
655ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-30-at-6.39.57-AM-324x235.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: df9cf65cf8eeda243962715c134e21678d4c1ac8e5a90d96dd003b8352d57727

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Mon, 29 Nov 2021 17:45:25 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a511b5-19882"
content-type: image/png
accept-ranges: bytes
content-length: 104578

GET
H2 200 unnamed-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 6 KB
6 KB 662ms
655ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/unnamed-100x70.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 7d6e6199c851602282d6bec87bf88a1f9a4aea35aa228937da59f520e354d705

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Sat, 27 Nov 2021 19:10:49 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a282b9-1898"
content-type: image/png
accept-ranges: bytes
content-length: 6296

GET
H2 200 Screen-Shot-2021-11-03-at-10.10.36-AM-1-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 15 KB
15 KB 662ms
655ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-03-at-10.10.36-AM-1-100x70.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 21837485e10c6b663c4eec4b3bc5d9a2276632ba28d60feff08eb2fd0e66c5f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Fri, 19 Nov 2021 02:29:36 GMT
server: nginx
x-powered-by: PleskLin
etag: "61970c10-3b2c"
content-type: image/png
accept-ranges: bytes
content-length: 15148

GET
H2 200 Screen-Shot-2021-11-04-at-1.47.59-PM-1-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 8 KB
8 KB 662ms
655ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-04-at-1.47.59-PM-1-100x70.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 38aea16b938dcd7510429cb96ea3e845f2451485538bc9dd9d40929dfb9fafcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Thu, 25 Nov 2021 03:39:39 GMT
server: nginx
x-powered-by: PleskLin
etag: "619f057b-1e50"
content-type: image/png
accept-ranges: bytes
content-length: 7760

GET
H2 200 cover-1-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 11 KB
11 KB 662ms
656ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/cover-1-100x70.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 6ca1978797374f9bfac40e1129dea601e2efb1ed6c28c608528bcc84505b1071

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Tue, 23 Nov 2021 19:30:54 GMT
server: nginx
x-powered-by: PleskLin
etag: "619d416e-2cbb"
content-type: image/png
accept-ranges: bytes
content-length: 11451

GET
H2 200 Screen-Shot-2021-12-01-at-7.28.33-AM-324x235.png
thedailyblog.co.nz/wp-content/uploads/2021/12/ 134 KB
134 KB 662ms
656ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/12/Screen-Shot-2021-12-01-at-7.28.33-AM-324x235.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 3026fe5d8b3c29b1505450207f48e80cb4b358cf0c9d8b42d691c9d7c2134454

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Tue, 30 Nov 2021 18:59:32 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a67494-2160c"
content-type: image/png
accept-ranges: bytes
content-length: 136716

GET
H2 200 Screen-Shot-2017-07-22-at-8.23.41-AM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 6 KB
6 KB 662ms
656ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2017-07-22-at-8.23.41-AM-100x70.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 28d1a6730ff05f9e14ba04cfa7e6cdb813e2fac5b1200a301bf03341428852a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Thu, 25 Nov 2021 17:19:16 GMT
server: nginx
x-powered-by: PleskLin
etag: "619fc594-164b"
content-type: image/png
accept-ranges: bytes
content-length: 5707

GET
H2 200 Screen-Shot-2021-11-30-at-9.36.14-AM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 16 KB
17 KB 662ms
656ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-30-at-9.36.14-AM-100x70.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: b40f986a9ddb9cc58ee58d4132eb20e89b1cc160f6ad4747a1d9a14af9047edf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Mon, 29 Nov 2021 20:37:21 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a53a01-41d9"
content-type: image/png
accept-ranges: bytes
content-length: 16857

GET
H2 200 image-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/ 2 KB
2 KB 662ms
656ms Image
image/jpeg 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/image-100x70.jpg
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 08f9cfe799c314f157fe6a88446be906373859e57a66ece7e866582e129622f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Sun, 28 Nov 2021 20:47:04 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a3eac8-912"
content-type: image/jpeg
accept-ranges: bytes
content-length: 2322

GET
H2 200 1200-100x70.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/ 3 KB
3 KB 662ms
656ms Image
image/jpeg 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/1200-100x70.jpg
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: c31d2b1c4652ec5a7c8e5c412fffe63773e5542ae9849ea5bbfe9c9dc597382d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Sun, 28 Nov 2021 15:58:25 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a3a721-a67"
content-type: image/jpeg
accept-ranges: bytes
content-length: 2663

GET
H2 200 Unknown-1-4.jpeg
thedailyblog.co.nz/wp-content/uploads/2021/11/ 8 KB
8 KB 662ms
656ms Image
image/jpeg 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Unknown-1-4.jpeg
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 4e5da5ddf83a42ab5f30c5f474011805d1f84f859a10ddc6b5478556a33c4c81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Mon, 29 Nov 2021 17:20:27 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a50bdb-1f58"
content-type: image/jpeg
accept-ranges: bytes
content-length: 8024

GET
H2 200 Unknown-8-100x70.jpeg
thedailyblog.co.nz/wp-content/uploads/2021/11/ 3 KB
3 KB 662ms
657ms Image
image/jpeg 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Unknown-8-100x70.jpeg
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: e20e81b00213976f21f87de80297a2047f24eb9c7702a74f17cb0d32d7931504

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Mon, 29 Nov 2021 17:09:38 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a50952-cbc"
content-type: image/jpeg
accept-ranges: bytes
content-length: 3260

GET
H2 200 Screen-Shot-2021-11-08-at-4.52.25-AM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 18 KB
18 KB 662ms
657ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-08-at-4.52.25-AM-100x70.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 03966f855eacb7ab58e5d814869ce127bc956a6d8c96d8adaeb7182a75e5e7e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Sun, 07 Nov 2021 15:52:43 GMT
server: nginx
x-powered-by: PleskLin
etag: "6187f64b-4714"
content-type: image/png
accept-ranges: bytes
content-length: 18196

GET
H2 200 Screen-Shot-2021-11-29-at-3.33.38-PM-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 14 KB
14 KB 662ms
657ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-29-at-3.33.38-PM-100x70.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 74774e29f34f591648d77455e2f2aa70bcc72eb4ecef7d06e76bc155989f86f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Mon, 29 Nov 2021 02:34:02 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a43c1a-3892"
content-type: image/png
accept-ranges: bytes
content-length: 14482

GET
H2 200 Unknown-13-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 3 KB
3 KB 662ms
657ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Unknown-13-100x70.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 6b471e3e0fe243d81bde212bfa10b56236464e52c9c84864b32fc392ff8c2290

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Sun, 28 Nov 2021 16:22:31 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a3acc7-c23"
content-type: image/png
accept-ranges: bytes
content-length: 3107

GET
H2 200 Unknown-5-100x70.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 2 KB
3 KB 662ms
657ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Unknown-5-100x70.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: ed783dc04a12297851b6cb79308338d982d19de35aaa3de92766ef8a57f33cae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Sun, 07 Nov 2021 16:14:37 GMT
server: nginx
x-powered-by: PleskLin
etag: "6187fb6d-9e0"
content-type: image/png
accept-ranges: bytes
content-length: 2528

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 155ms
52ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

545c4f635d9b7adc66a5d435227d5982d2cf1722cd19be7652d7d35da7f9298b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1060 / 802 of 1000 / last-modified: 1638289429"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26853
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 30 Nov 2021 19:41:11 GMT

GET
H/1.1

200
OK

en-us.svg
apple-resources.s3.amazonaws.com/media-badges/listen-on-apple-podcasts/badge/
Redirect Chain

https://tools.applemediaservices.com/api/badges/listen-on-apple-podcasts/badge/en-US?size=250x83&releaseDate=1606352220&h=79ac0fbf02ad5db86494e28360c5d19f
https://apple-resources.s3.amazonaws.com/media-badges/listen-on-apple-podcasts/badge/en-us.svg

15 KB
15 KB

426ms
117ms

Image
image/svg+xml

52.216.101.139
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://apple-resources.s3.amazonaws.com/media-badges/listen-on-apple-podcasts/badge/en-us.svg
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: HTTP/1.1
Server: 52.216.101.139 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: aca2df4cadce191ac1a3971f0992dacdfe74bd91fac4be65bf44f50501fd090e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 19:41:13 GMT
Last-Modified: Wed, 25 Sep 2019 20:57:40 GMT
Server: AmazonS3
x-amz-request-id: 7M9NYGQEM4Z7A6Q9
ETag: "73e9586637bc3c66a109a02ff0e941cc"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 15299
x-amz-id-2: EynQ/KrQ0wTCpZUMhAiUBzJn5k65LmMD3Gir647fDm4DjUUePFajQO+4NkGUyZuO1BxFGS+qkEA=

Redirect headers

x-runtime: 0.004595
date: Tue, 30 Nov 2021 19:41:11 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: https://apple-resources.s3.amazonaws.com/media-badges/listen-on-apple-podcasts/badge/en-us.svg
x-xss-protection: 1; mode=block
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-request-id: 58f4d377-097a-454e-a97d-c225d47bcb53

GET
H2 200 spotify-podcast-badge-blk-grn-330x80-1.png
eveningreport.nz/wp-content/uploads/2020/12/ 8 KB
8 KB 1583ms
302ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eveningreport.nz/wp-content/uploads/2020/12/spotify-podcast-badge-blk-grn-330x80-1.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: a28365cd282903fb5fffd8bad185af709326623d32def1f3613f594cb05083d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:13 GMT
last-modified: Sun, 13 Dec 2020 04:52:13 GMT
server: nginx
x-powered-by: PleskLin
etag: "5fd59dfd-215a"
content-type: image/png
accept-ranges: bytes
content-length: 8538

GET
H2 200 default.jpg
img.youtube.com/vi/cvga01tHYRc/ 3 KB
4 KB 135ms
45ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/cvga01tHYRc/default.jpg

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0637f3a500b413b8352bc0e576e8de4150daf55a6d99a744f4e1eebd42ad605f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3510
x-xss-protection: 0
server: sffe
etag: "1629952402"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Nov 2021 21:41:11 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/GOWAxGVoND0/ 3 KB
3 KB 138ms
48ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/GOWAxGVoND0/default.jpg

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad10bbf847525ba6a67fb1e619a42cd49e5b3aef41c6b3aae291fb7530b04d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3035
x-xss-protection: 0
server: sffe
etag: "1629343707"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Nov 2021 21:41:11 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/Xck7qIB33Mc/ 3 KB
4 KB 148ms
59ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Xck7qIB33Mc/default.jpg

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4e702a8b29fb467c446adbc495051fafd5446f9782ecc630e25ac15a9abee66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3564
x-xss-protection: 0
server: sffe
etag: "1628745647"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Nov 2021 21:41:11 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/f5OQ08tCjgQ/ 3 KB
3 KB 145ms
56ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/f5OQ08tCjgQ/default.jpg

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad1e34304ab814ab8d6f79ed77db2ec72d8a445efe2cbace2dbef7065512151c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3107
x-xss-protection: 0
server: sffe
etag: "1601418711"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Nov 2021 21:41:11 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/FGjGtXKN2Ik/ 4 KB
4 KB 140ms
51ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/FGjGtXKN2Ik/default.jpg

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

162391f51ebd58aebb4215fe9c90db931c4514f37004742c29f1421edb42f71c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3889
x-xss-protection: 0
server: sffe
etag: "1567400689"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Nov 2021 21:41:11 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/ayReNeRg8WY/ 5 KB
5 KB 58ms
58ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/ayReNeRg8WY/default.jpg

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f3d6f4f8120e43546823b135b11f38d90777f826669db7a4a4965e0fe51138e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4896
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Nov 2021 21:41:11 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/Cr5-gk-8TKU/ 5 KB
5 KB 46ms
45ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Cr5-gk-8TKU/default.jpg

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef841e92bcd2666d84e1f14b07e8b04e1040b82b4442edc2a2650769294ca0de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4788
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Nov 2021 21:41:11 GMT

GET
H2 200 default.jpg
img.youtube.com/vi/Zl8MOAPZCVs/ 5 KB
5 KB 53ms
52ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/Zl8MOAPZCVs/default.jpg

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60f95df4a5e754f8d84e603841febc8b7b8cb5a0ae14a7440ef20d5dc804c840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4893
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Nov 2021 21:41:11 GMT

GET
H2 200 1558241354977-218x150.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/ 7 KB
8 KB 661ms
657ms Image
image/jpeg 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/1558241354977-218x150.jpg
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 71b955427b418dd287d9fdeff8a28c0533181c79f0275d821c6056c98e1a90b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Wed, 24 Nov 2021 15:39:12 GMT
server: nginx
x-powered-by: PleskLin
etag: "619e5ca0-1dc3"
content-type: image/jpeg
accept-ranges: bytes
content-length: 7619

GET
H2 200 Screen-Shot-2021-11-18-at-5.40.06-AM-218x150.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 57 KB
57 KB 661ms
657ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-18-at-5.40.06-AM-218x150.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 0746e2ef32ef6d5f9cad7e09128c601ac30419895f90a55ad774f50726eafa29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Wed, 17 Nov 2021 16:40:37 GMT
server: nginx
x-powered-by: PleskLin
etag: "61953085-e4a1"
content-type: image/png
accept-ranges: bytes
content-length: 58529

GET
H2 200 Screen-Shot-2021-11-23-at-5.51.23-PM-218x150.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 69 KB
69 KB 661ms
657ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-23-at-5.51.23-PM-218x150.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: f2d6800181f55473a31864c278c85c544d8e7b0c07fd00206f82ebbce177d6e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Tue, 23 Nov 2021 04:51:47 GMT
server: nginx
x-powered-by: PleskLin
etag: "619c7363-11350"
content-type: image/png
accept-ranges: bytes
content-length: 70480

GET
H2 200 unnamed-1-1-1-218x150.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/ 5 KB
5 KB 661ms
658ms Image
image/jpeg 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/unnamed-1-1-1-218x150.jpg
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 96c07c7efb7f667f57918d51a6eecbe397fffb0bfdd1b7c1dd6a6d9de4280ba9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Sat, 27 Nov 2021 18:06:47 GMT
server: nginx
x-powered-by: PleskLin
etag: "61a273b7-142c"
content-type: image/jpeg
accept-ranges: bytes
content-length: 5164

GET
H2 200 Screen-Shot-2021-07-18-at-6.56.17-AM-218x150.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 67 KB
67 KB 661ms
658ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-07-18-at-6.56.17-AM-218x150.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 6a928910f082e0c86d86100dca7cd9e10cd517eb1ebd2fc54bde6c64e56b6d93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Tue, 09 Nov 2021 02:12:19 GMT
server: nginx
x-powered-by: PleskLin
etag: "6189d903-10aae"
content-type: image/png
accept-ranges: bytes
content-length: 68270

GET
H2 200 141003-Moss-christ-real-tease_v3hlhq-218x150.jpeg
thedailyblog.co.nz/wp-content/uploads/2021/11/ 8 KB
8 KB 661ms
658ms Image
image/jpeg 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/141003-Moss-christ-real-tease_v3hlhq-218x150.jpeg
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 1191e5ba707655a4efca2e0939a4557c33d74e8a009135fba789878bd2244cbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Mon, 22 Nov 2021 18:13:06 GMT
server: nginx
x-powered-by: PleskLin
etag: "619bddb2-1f7d"
content-type: image/jpeg
accept-ranges: bytes
content-length: 8061

GET
H2 200 Screen-Shot-2021-11-12-at-6.19.10-AM-218x150.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 77 KB
77 KB 661ms
658ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-12-at-6.19.10-AM-218x150.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: d4852779df5e8c22392d7581b7ebb1fa5d1933ddbd04cc30da0fd4caf9862577

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Thu, 11 Nov 2021 17:19:43 GMT
server: nginx
x-powered-by: PleskLin
etag: "618d50af-13435"
content-type: image/png
accept-ranges: bytes
content-length: 78901

GET
H2 200 unnamed-1-218x150.jpg
thedailyblog.co.nz/wp-content/uploads/2021/11/ 11 KB
11 KB 661ms
658ms Image
image/jpeg 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/unnamed-1-218x150.jpg
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: d1edac4e8b9235b20c47addd67ecf8d14815edc475cc1761be60d06c82efda94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Thu, 25 Nov 2021 18:39:38 GMT
server: nginx
x-powered-by: PleskLin
etag: "619fd86a-2cfc"
content-type: image/jpeg
accept-ranges: bytes
content-length: 11516

GET
H2 200 Screen-Shot-2021-11-19-at-5.10.27-AM-218x150.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 64 KB
64 KB 661ms
658ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-19-at-5.10.27-AM-218x150.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 8f6f1c01204988c94493b7611c3dfb5ca706efc0a0a2b20e75bb3a189bc54881

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Thu, 18 Nov 2021 16:11:05 GMT
server: nginx
x-powered-by: PleskLin
etag: "61967b19-ff6d"
content-type: image/png
accept-ranges: bytes
content-length: 65389

GET
H2 200 a97b122e34_photo.jpg-324x235.png
thedailyblog.co.nz/wp-content/uploads/2019/11/ 45 KB
46 KB 661ms
658ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2019/11/a97b122e34_photo.jpg-324x235.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 80a9c29d12d183d279ae773c6552e674ed68a456b380476d13c47ee4eee8cc66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Tue, 05 Nov 2019 04:35:13 GMT
server: nginx
x-powered-by: PleskLin
etag: "5dc0fc01-b5ba"
content-type: image/png
accept-ranges: bytes
content-length: 46522

GET
H2 200 underscore.min.js Show response
thedailyblog.co.nz/wp-includes/js/ 19 KB
7 KB 319ms
319ms Script
application/javascript 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://thedailyblog.co.nz/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
content-encoding: br
etag: W/"60fa65b2-4a84"
last-modified: Fri, 23 Jul 2021 06:46:10 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 js_posts_autoload.min.js Show response
thedailyblog.co.nz/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 325ms
313ms Script
application/javascript 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://thedailyblog.co.nz/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=d158fac1e2f85794ec26781eb2a38fd9
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 7dadf41d55487432b3b4f5db5e8ed8a757ad7d295b1570567d2d2fc6929bd24f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
content-encoding: br
etag: W/"61284f5a-13c4"
last-modified: Fri, 27 Aug 2021 02:35:06 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 tagdiv_theme.min.js Show response
thedailyblog.co.nz/wp-content/plugins/td-composer/legacy/Newspaper/js/ 222 KB
49 KB 339ms
326ms Script
application/javascript 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://thedailyblog.co.nz/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=9.7.3
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: bfc68292dce3d30b4560f474533c284e190e30ab44adfec151584e409814b52c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
content-encoding: br
etag: W/"61284f37-379bd"
last-modified: Fri, 27 Aug 2021 02:34:31 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 comment-reply.min.js Show response
thedailyblog.co.nz/wp-includes/js/ 3 KB
1 KB 343ms
329ms Script
application/javascript 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://thedailyblog.co.nz/wp-includes/js/comment-reply.min.js?ver=d860d08fab8817159afd19afefb90d35
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
content-encoding: br
etag: W/"607887e9-ba8"
last-modified: Thu, 15 Apr 2021 18:37:29 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 js_files_for_front.min.js Show response
thedailyblog.co.nz/wp-content/plugins/td-cloud-library/assets/js/ 12 KB
3 KB 343ms
330ms Script
application/javascript 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://thedailyblog.co.nz/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=d158fac1e2f85794ec26781eb2a38fd9
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 374fefdcddee55c37ce66bdc2f94c29d95089daf20eafd8a12c6e1e36eba4f4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
content-encoding: br
etag: W/"61284f5a-2fe8"
last-modified: Fri, 27 Aug 2021 02:35:06 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 jquery.atd.textarea.js Show response
thedailyblog.co.nz/wp-content/plugins/wp-ajax-edit-comments/js/ 27 KB
7 KB 343ms
331ms Script
application/javascript 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://thedailyblog.co.nz/wp-content/plugins/wp-ajax-edit-comments/js/jquery.atd.textarea.js?ver=6.1
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 59eea5789a6787902ce1ec6a71b34f32808d75f6a0be489cd4f5910d7bed804b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
content-encoding: br
etag: W/"5e6428ed-6bd5"
last-modified: Sat, 07 Mar 2020 23:06:21 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 frontend.js Show response
thedailyblog.co.nz/wp-content/plugins/wp-ajax-edit-comments/js/ 1 KB
658 B 344ms
331ms Script
application/javascript 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://thedailyblog.co.nz/wp-content/plugins/wp-ajax-edit-comments/js/frontend.js?ver=6.1
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: cf929e11b42b085a4f5d5385314f7b7104d2e260a10691955ab6eed27f5c241f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
content-encoding: br
etag: W/"5e6428ed-589"
last-modified: Sat, 07 Mar 2020 23:06:21 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 wp-embed.min.js Show response
thedailyblog.co.nz/wp-includes/js/ 1 KB
808 B 344ms
332ms Script
application/javascript 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://thedailyblog.co.nz/wp-includes/js/wp-embed.min.js?ver=d860d08fab8817159afd19afefb90d35
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
content-encoding: br
etag: W/"601c30d1-592"
last-modified: Thu, 04 Feb 2021 17:37:21 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 background-2.png
thedailyblog.co.nz/wp-content/uploads/2019/07/ 3 KB
3 KB 651ms
651ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2019/07/background-2.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 6fdf2e738abfdce14ffdf46869ac63a03b357c9eeeed6a02411a68bb7714a0dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Sun, 21 Jul 2019 05:49:55 GMT
server: nginx
x-powered-by: PleskLin
etag: "5d33fd03-cbe"
content-type: image/png
accept-ranges: bytes
content-length: 3262

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 elements.png
thedailyblog.co.nz/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/ 4 KB
4 KB 641ms
640ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/sprite/elements.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=61179afdbbd6a8d8c8a7f82ae3fcd87d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=61179afdbbd6a8d8c8a7f82ae3fcd87d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Fri, 27 Aug 2021 02:34:30 GMT
server: nginx
x-powered-by: PleskLin
etag: "61284f36-10e4"
content-type: image/png
accept-ranges: bytes
content-length: 4324

GET
H2 200 newspaper.woff
thedailyblog.co.nz/wp-content/themes/Newspaper/images/icons/ 120 KB
121 KB 641ms
640ms Font
font/woff 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://thedailyblog.co.nz/wp-content/themes/Newspaper/images/icons/newspaper.woff?16
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/wp-content/themes/Newspaper/style.css?ver=9.7.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 0f74eda5ca917f0146ec28a71e0602f7a3b9dae063acfeecfe6549bdb165d47a

Request headers

Referer: https://thedailyblog.co.nz/wp-content/themes/Newspaper/style.css?ver=9.7.3
Origin: https://thedailyblog.co.nz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Fri, 27 Aug 2021 02:33:50 GMT
server: nginx
x-powered-by: PleskLin
etag: "61284f0e-1e17c"
content-type: font/woff
accept-ranges: bytes
content-length: 123260

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 121ms
37ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=9.7.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thedailyblog.co.nz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 366549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:52:02 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 172ms
88ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thedailyblog.co.nz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 367283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:39:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 231ms
147ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thedailyblog.co.nz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 14:02:00 GMT
x-content-type-options: nosniff
age: 20351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 14:02:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 203ms
119ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thedailyblog.co.nz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 524692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 17:56:19 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v27/ 47 KB
47 KB 223ms
154ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thedailyblog.co.nz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:44:20 GMT
x-content-type-options: nosniff
age: 367011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47836
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:44:20 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v29/ 17 KB
17 KB 143ms
129ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thedailyblog.co.nz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:21:56 GMT
x-content-type-options: nosniff
age: 368355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17304
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 13:21:56 GMT

GET
H2 200 pubads_impl_2021111701.js Show response
securepubads.g.doubleclick.net/gpt/ 345 KB
116 KB 50ms
50ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

8d8aa9c2c3798099cba43890c7808bfb34b70dbc853177ef287b50bc28161911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://thedailyblog.co.nz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118578
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 09:34:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 30 Nov 2021 19:41:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-41539225-10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2404
date: Tue, 30 Nov 2021 19:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 30 Nov 2021 21:01:07 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 135ms
48ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=thedailyblog.co.nz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 19:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 130ms
48ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=thedailyblog.co.nz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 19:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 229 KB
38 KB 1580ms
1579ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2771262642247056&correlator=3674118884877988&output=ldjh&impl=fifs&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211130&iu_parts=9201682%2CTDB_Inpage%2CTDB_Top_Left%2CTDB_Top-Premium_RHS%2CTDB_Custom_2_Sidebar%2CTDB_BigBanner&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=300x250%2C300x250%2C300x250%2C300x250%7C300x600%2C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1638300379&dt=1638301271907&dlt=1638301270255&idt=1628&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C1010%2C-9%2C606&adys=-9%2C-9%2C1126%2C-9%2C56&adks=1428025172%2C2170472645%2C4066769718%2C779929888%2C3305512707&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthedailyblog.co.nz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C324x250%7C0x-1%7C728x90&msz=0x-1%7C0x-1%7C300x-1%7C0x-1%7C728x90&ga_vid=1271377222.1638301272&ga_sid=1638301272&ga_hid=833964476&ga_fc=false&fws=2%2C2%2C4%2C2%2C4&ohw=0%2C0%2C1164%2C0%2C1600&btvi=-1%7C-1%7C0%7C-1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9e003d0a9b6e48625f2545c1c244c1fd60c90365a9ca4644d34f33f0c9565f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39080
x-xss-protection: 0
google-lineitem-id: 5117564639,-1,5631716845,5631734098,5746352566
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138345394481,-1,138341317577,138341759389,138357154544
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://thedailyblog.co.nz
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
19 KB 99ms
98ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2771262642247056&correlator=3674118884877988&output=ldjh&impl=fifs&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211130&iu_parts=9201682%2CTDB_Custom_3_Sidebar&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1638300379&dt=1638301271917&dlt=1638301270255&idt=1628&frm=20&biw=1600&bih=1200&oid=2&adxs=1022&adys=1424&adks=4041111758&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthedailyblog.co.nz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x44&msz=300x0&ga_vid=1271377222.1638301272&ga_sid=1638301272&ga_hid=833964476&ga_fc=false&fws=4&ohw=1164&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

0a175bce85730a96d2facacbcc6c6bf0c2ea2744dd519ee6089225cdfb88ca25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18973
x-xss-protection: 0
google-lineitem-id: 5668412368
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138369104301
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://thedailyblog.co.nz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 567D 6 KB
4 KB 182ms
48ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 30 Nov 2021 19:41:12 GMT
expires: Wed, 30 Nov 2022 19:41:12 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 mG3nm_a0D0U Show response
www.youtube.com/embed/ Frame CD20 59 KB
25 KB 84ms
83ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/mG3nm_a0D0U

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a701d12a41eefbeca1b94b18cb069f4923885dd86c72f2d132127d2eeb201115

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 30 Nov 2021 19:41:11 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
19 KB 1519ms
1519ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2771262642247056&correlator=3674118884877988&output=ldjh&impl=fifs&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211130&iu_parts=9201682%2CTDB_Custom_Sidebar1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1638300379&dt=1638301271946&dlt=1638301270255&idt=1628&frm=20&biw=1600&bih=1200&oid=2&adxs=1022&adys=2588&adks=1376718479&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthedailyblog.co.nz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x21&msz=300x0&ga_vid=1271377222.1638301272&ga_sid=1638301272&ga_hid=833964476&ga_fc=false&fws=4&ohw=1164&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

6c43f80bf3ca6ced6a071c779581cf3f2d0b15347cc26cdc9259e20c3b69d856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19035
x-xss-protection: 0
google-lineitem-id: 5120109838
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138321021077
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://thedailyblog.co.nz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 1872ms
1872ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2771262642247056&correlator=3674118884877988&output=ldjh&impl=fifs&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211130&iu_parts=9201682%2CTDB_Custom_4_Sidebar&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1638300379&dt=1638301271955&dlt=1638301270255&idt=1628&frm=20&biw=1600&bih=1200&oid=2&adxs=1022&adys=2609&adks=3845702400&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthedailyblog.co.nz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=1271377222.1638301272&ga_sid=1638301272&ga_hid=833964476&ga_fc=false&fws=4&ohw=1164&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

29a6d5ddf0b6b4ce05fa86a77f46e23fa0469595b5a94e2e496fb66c9b309a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8366
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://thedailyblog.co.nz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 101 KB
25 KB 2409ms
2408ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2771262642247056&correlator=3674118884877988&output=ldjh&impl=fifs&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211130&iu_parts=9201682%2CTDB_Custom_5_Sidebar&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1638300379&dt=1638301271960&dlt=1638301270255&idt=1628&frm=20&biw=1600&bih=1200&oid=2&adxs=1022&adys=2609&adks=1997834511&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthedailyblog.co.nz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=300x0&ga_vid=1271377222.1638301272&ga_sid=1638301272&ga_hid=833964476&ga_fc=false&fws=4&ohw=1164&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

39ba78bb21ee97e4a8dfbffe40468ca376f3888a4eba366ddda4bc4126fb0660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25428
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://thedailyblog.co.nz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 87 KB
22 KB 2872ms
2871ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2771262642247056&correlator=3674118884877988&output=ldjh&impl=fifs&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211130&iu_parts=9201682%2CTDB_Extra_Ad_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1638300379&dt=1638301271965&dlt=1638301270255&idt=1628&frm=20&biw=1600&bih=1200&oid=2&adxs=1010&adys=2635&adks=2066838578&ucis=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthedailyblog.co.nz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=324x0&msz=324x0&ga_vid=1271377222.1638301272&ga_sid=1638301272&ga_hid=833964476&ga_fc=false&fws=4&ohw=1164&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

97bb377e81d07773db24552f566e2d1d99763837fb5ce826513d80c417f2012e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22946
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://thedailyblog.co.nz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 125 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cc9f7888aa74f17e27205ad59ecf79db56b25123b30aa7913b5a6617206b58a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Screen-Shot-2021-11-14-at-2.26.27-PM-534x462.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 190 KB
190 KB 569ms
568ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-14-at-2.26.27-PM-534x462.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 090bfccf24b07e5178fe468500964411acd65badb135d0953c42743df50d41d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Sun, 14 Nov 2021 16:33:00 GMT
server: nginx
x-powered-by: PleskLin
etag: "61913a3c-2f836"
content-type: image/png
accept-ranges: bytes
content-length: 194614

GET
H2 200 Screen-Shot-2021-11-07-at-11.43.06-AM-534x462.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 454 KB
455 KB 569ms
568ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-07-at-11.43.06-AM-534x462.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 51d8b554bc4b79dac28be002c0774228f4797702851be15a3c4dab20ab322492

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Sun, 07 Nov 2021 06:16:55 GMT
server: nginx
x-powered-by: PleskLin
etag: "61876f57-718c0"
content-type: image/png
accept-ranges: bytes
content-length: 465088

GET
H2 200 Screen-Shot-2021-11-04-at-5.55.34-PM-534x462.png
thedailyblog.co.nz/wp-content/uploads/2021/11/ 524 KB
525 KB 569ms
568ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/11/Screen-Shot-2021-11-04-at-5.55.34-PM-534x462.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 7bc2c48f13ebfcc7698e88eac7e5bf3b4a8ef162830496e8eb849917753c76aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Thu, 04 Nov 2021 04:56:06 GMT
server: nginx
x-powered-by: PleskLin
etag: "618367e6-830d1"
content-type: image/png
accept-ranges: bytes
content-length: 536785

GET
H2 200 Screen-Shot-2021-08-20-at-4.56.25-PM-534x462.png
thedailyblog.co.nz/wp-content/uploads/2021/08/ 270 KB
270 KB 568ms
568ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2021/08/Screen-Shot-2021-08-20-at-4.56.25-PM-534x462.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 2b9a9e20a2087fbfe29c5ad841151f560719560927aab480b578abb759e3dacf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Mon, 23 Aug 2021 17:33:53 GMT
server: nginx
x-powered-by: PleskLin
etag: "6123dc01-4366c"
content-type: image/png
accept-ranges: bytes
content-length: 276076

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v27/ 31 KB
31 KB 83ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thedailyblog.co.nz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:45:57 GMT
x-content-type-options: nosniff
age: 399315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31272
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:45 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 04:45:57 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 87ms
43ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=833964476&t=pageview&_s=1&dl=https%3A%2F%2Fthedailyblog.co.nz%2F&ul=en-us&de=UTF-8&dt=The%20Daily%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=597139017&gjid=1900242360&cid=1271377222.1638301272&tid=UA-41539225-10&_gid=113896429.1638301272&_r=1&gtm=2ouba1&z=57406350

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedailyblog.co.nz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://thedailyblog.co.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 104 KB
25 KB 3269ms
3268ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2771262642247056&correlator=3674118884877988&output=ldjh&impl=fifs&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211130&iu_parts=9201682%2CTDB_Custom_5_Sidebar&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&eri=2&cookie_enabled=1&bc=31&abxe=1&lmt=1638300379&dt=1638301272064&dlt=1638301270255&idt=1628&frm=20&biw=1600&bih=1200&oid=2&adxs=1022&adys=7072&adks=1997834510&ucis=b&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthedailyblog.co.nz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x44&msz=300x0&ga_vid=1271377222.1638301272&ga_sid=1638301272&ga_hid=833964476&ga_fc=true&fws=4&ohw=1164&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

0beadc559ed158412d3e2c05023e3d81b622f831cd2398748f5ad38dc3c909a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25773
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://thedailyblog.co.nz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E141 0
0 74ms
74ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8ed-Z847yf1FRFk0gOyiqlsTCJpwFFalP-s-KNFb33T4GfwCIJyWTvo18DxucBfhg--HHObFlUJXZY_TzfFph8F33F9uukYlPueB5SDwkuKDRtP4_koYEWm6DK7g4B8CvnJxTu-WqsNQisy7ZqzUZSsmSnqI1ICYm1fJK0zxkpyt-72Urf1a5B_qfE2GBvdZrVxnOhZy2aVcp1lElpRRWB1OwgCIJqCYpQNk8fW8vzxxnm0serH04Xn1pesQOtjcBc7abdLz4XWrn8BD_e87HZ04mGlGwuDrgOHNQV-MRRfOzWnIfVodxMGZtyETBH7oldIk&sai=AMfl-YQPrIo5y-sBKP_371a941joSCgqXRI34XxZImnlk5erx7ma1f0KqhTB-Qt9boqbQfoAvGthdZWuNQzYD22QZBiJ86u4c62RJRGUc6gPPAJdlD19KDLR8Du6x99VxR1U&sig=Cg0ArKJSzIumhKAL1ruGEAE&uach_m=[UACH]&adurl=

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 19:41:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 30 Nov 2021 19:41:12 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame E141 19 KB
8 KB 121ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:40:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:40:56 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame E141 2 KB
1 KB 135ms
53ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:40:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E141 119 KB
36 KB 108ms
61ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 19:41:12 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E141 0
0 134ms
52ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbi81M6n-EFGHcjV95IldSSMsSZQ0CggCNMM9x1mpmz1-3MdLOSPJrq201uP5Ibz_HgdXqPpAmEuf_tMkEz67c3uE5Hw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 12816479813386492085
tpc.googlesyndication.com/simgad/ Frame E141 13 KB
13 KB 133ms
53ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12816479813386492085

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9616efe33dcade754cca2b451c6fa9b65c28f2a717c7d4bbc076e3ae11d5992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 06:44:50 GMT
x-content-type-options: nosniff
age: 46582
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12862
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 19:46:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 06:44:50 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 90 KB
24 KB 3978ms
3978ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2771262642247056&correlator=3674118884877988&output=ldjh&impl=fifs&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211130&iu_parts=9201682%2CTDB_Custom_5_Sidebar&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&eri=2&cookie=ID%3Db9c062c731419ff1-227510be1bcc0018%3AT%3D1638301271%3AS%3DALNI_Ma3nIQGjS-9UqCuck1u6ykdB7iTKQ&bc=31&abxe=1&lmt=1638300379&dt=1638301272112&dlt=1638301270255&idt=1628&frm=20&biw=1600&bih=1200&oid=2&adxs=1022&adys=7742&adks=1997834509&ucis=c&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthedailyblog.co.nz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x44&msz=300x0&psts=AGkb-H9ngbzE9TrFdBKEmWAWfA_7sbyuw4BPVJRJ8_msPbQ5U5JOD2rlT1f_M3fS8jn3lf1pz8pptqT-jOzR&ga_vid=1271377222.1638301272&ga_sid=1638301272&ga_hid=833964476&ga_fc=true&fws=4&ohw=1164&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

7bc56885b54f01152ef604104f28278df6209a546216f0e2c133a81ff5999e06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24828
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://thedailyblog.co.nz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Citizen-A-KL-MB-MH.png
thedailyblog.co.nz/wp-content/uploads/2013/05/ 224 KB
224 KB 442ms
441ms Image
image/png 210.5.53.72
VOYAGERNET-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedailyblog.co.nz/wp-content/uploads/2013/05/Citizen-A-KL-MB-MH.png
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 210.5.53.72 , New Zealand, ASN56030 (VOYAGERNET-AS-AP Voyager Internet Ltd., NZ),
Reverse DNS: vps1166.lnx.vps.isx.net.nz
Software: nginx / PleskLin
Resource Hash: 2e48e1678c508bc7a9fc6eaacdd41f084266964cef2376dc9cd86b95ec4ad9dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
last-modified: Fri, 01 Jul 2016 02:13:31 GMT
server: nginx
x-powered-by: PleskLin
etag: "5775d1cb-38062"
content-type: image/png
accept-ranges: bytes
content-length: 229474

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 438 B
257 B 3508ms
3508ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2771262642247056&correlator=3674118884877988&output=ldjh&impl=fifs&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211130&iu_parts=9201682%2CTDB_Footer&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=2&cookie=ID%3Db9c062c731419ff1-227510be1bcc0018%3AT%3D1638301271%3AS%3DALNI_Ma3nIQGjS-9UqCuck1u6ykdB7iTKQ&bc=31&abxe=1&lmt=1638300379&dt=1638301272120&dlt=1638301270255&idt=1628&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=9044&adks=2328761135&ucis=d&ifi=13&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthedailyblog.co.nz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0&msz=728x0&psts=AGkb-H9ngbzE9TrFdBKEmWAWfA_7sbyuw4BPVJRJ8_msPbQ5U5JOD2rlT1f_M3fS8jn3lf1pz8pptqT-jOzR&ga_vid=1271377222.1638301272&ga_sid=1638301272&ga_hid=833964476&ga_fc=true&fws=4&ohw=1600&btvi=8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

6abd20d7799972da16c835c68da65121bc4722c77bb62b0a4d4c62cc87f205dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 226
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://thedailyblog.co.nz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-41539225-10&cid=1271377222.1638301272&jid=597139017&gjid=1900242360&_gid=113896429.1638301272&_u=YAhAAUAAAAAAAC~&z=476865949

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thedailyblog.co.nz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 30 Nov 2021 19:41:12 GMT
content-type: text/plain
access-control-allow-origin: https://thedailyblog.co.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 counter.js Show response
secure.statcounter.com/counter/ 39 KB
13 KB 77ms
43ms Script
application/x-javascript 104.20.228.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.statcounter.com/counter/counter.js
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.228.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9573e931158bcc83146a7882d6c298c1adf3828b6c785af7cbb9fd9d25ad884

Request headers

Referer: https://thedailyblog.co.nz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Oct 2021 11:08:17 GMT
server: cloudflare
age: 30029
etag: W/"61656ca1-9cdd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43200
cf-ray: 6b668d470f124a98-FRA
expires: Tue, 30 Nov 2021 23:20:43 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/10df06bb/ Frame CD20 336 KB
46 KB 37ms
36ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/10df06bb/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mG3nm_a0D0U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c55743b58d342599d6de2048f24e73a34db12343acaf87b41083cb90d35304f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/mG3nm_a0D0U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 12:05:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27363
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47200
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 14:49:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Nov 2022 12:05:09 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/10df06bb/www-embed-player.vflset/ Frame CD20 215 KB
70 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/10df06bb/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mG3nm_a0D0U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5241d3458a6081971613b26af579e3e5bb320d399bd699bf0b943f72f10271ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/mG3nm_a0D0U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 13:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71977
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 14:49:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Nov 2022 13:07:43 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/ Frame CD20 2 MB
523 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mG3nm_a0D0U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ade01c43a6a30c054628dabd4b086ca6566c6421ed69ccb37af29c642cc50c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/mG3nm_a0D0U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 535067
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 14:49:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Nov 2022 16:02:34 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/10df06bb/fetch-polyfill.vflset/ Frame CD20 8 KB
3 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/10df06bb/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mG3nm_a0D0U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/mG3nm_a0D0U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 06:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48445
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 14:49:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Nov 2022 06:13:47 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CD20 15 KB
15 KB 37ms
37ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mG3nm_a0D0U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 9271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 17:06:41 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 348 B
696 B 206ms
204ms XHR
application/json 104.20.228.67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=11553132&u1=9385628C54634F5DCF09C56971DC6A94&java=1&security=2e55f0b2&sc_snum=1&sess=30eed3&sc_rum_e_s=3218&sc_rum_e_e=3224&sc_rum_f_s=0&sc_rum_f_e=3210&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//thedailyblog.co.nz/&t=The%20Daily%20Blog&get_config=true
Requested by: Host: secure.statcounter.com
URL: https://secure.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.228.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b228b131f5265f370bf12a87c6a517aaa06fcd9f53adce94ecf5805fe3d0b60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b668d4778634a98-FRA
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: https://thedailyblog.co.nz
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 player_api Show response
www.youtube.com/ 980 B
512 B 57ms
57ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api?_=1638301271560

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c5213ae9607e223883edb6fc2e766c15e2de3916e76855a226f8b539cce6b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires: Tue, 30 Nov 2021 19:41:12 GMT

GET
DATA 200
OK truncated
/ Frame E141 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 037a1f8c14829784d3d6b6eb8889da5c955e253440c8f587ea65a14451dc1549

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E141 0
0 123ms
77ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSXYEjcy3FMake_mvtscBH5oz5S850pb0EKOP_FkHznGI6HFEqHJH61rppf0wniCbM8SBg7LDmw-MQwGD5ly0AmOs-ZHu5zNPRMGWHkMuNjy0JS6TWpP3pISsr_4SN0EDGiTJyk2bfHTU7YVHbGvHkWZBnEUfm0Bsp36FYQNi8xQNvnm-l5ylUSU9lFs4of9c5CTtFUlvGCg5ddseP3vYZdRRT5jS5S_uGnpTmKMUG8xPQoKNUoe3KDeDbl11EdZYNL6661dAP4Jm724PmNTxB73yOl3D4DqpEADl4RkLtu7ICN3Hqk11RXlMX2ccra9aT5SPaoQ&sai=AMfl-YQUYYXUlnO0alGZF1wJSh1tApk_HrG26DyRa0vhFww7YEUeIRuHJ6yJbJoc3L4dk8eLBTNVlyzVk2Cy1p-9_kNHJJPyvBQPdLDuHAxIgTVWAgCOdeEmYn0_8bKrCH68&sig=Cg0ArKJSzFMhyO_2LzgTEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 19:41:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 30 Nov 2021 19:41:12 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/10df06bb/www-widgetapi.vflset/ 146 KB
48 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/10df06bb/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api?_=1638301271560

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7baeed670b9dfe277223ef349839f35391de32a5c4df26f241c90c1d878a30fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:07:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48723
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 14:49:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Nov 2022 16:07:28 GMT

GET
H2 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame CD20 113 B
723 B 158ms
69ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e64ecccb52fdb8676562da8fec80716ca7138b6d139422adfce24eec42c4eab0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CD20 29 B
588 B 127ms
40ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:27:28 GMT
x-content-type-options: nosniff
age: 824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Nov 2021 19:42:28 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/ Frame CD20 94 KB
29 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54f22aa5e8ca501f9a326bb2bfd66cda703af49194cbca042413ce710855d662

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/mG3nm_a0D0U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29859
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 14:49:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Nov 2022 16:02:37 GMT

GET
H3 200 TEwuquBp3QwJuFHIV_KXdL761CQTMLpoUpbSVkNeo80.js Show response
www.google.com/js/th/ Frame CD20 35 KB
13 KB 84ms
37ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/TEwuquBp3QwJuFHIV_KXdL761CQTMLpoUpbSVkNeo80.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c4c2eaae069dd0c09b851c857f29774befad4241330ba685296d256435ea3cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13375
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Nov 2022 15:04:12 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/ Frame CD20 24 KB
7 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b79552b464a6cae059926b71822dc20c7eeabec6336b43b6d3074f00561a9e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/mG3nm_a0D0U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7355
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 14:49:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Nov 2022 16:02:31 GMT

GET
DATA 200
OK truncated
/ Frame CD20 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLSJ14sB0CtJhMb88MGQ786nK_zDJJYJo4Pf5scO=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CD20 3 KB
3 KB 125ms
37ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLSJ14sB0CtJhMb88MGQ786nK_zDJJYJo4Pf5scO=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mG3nm_a0D0U

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

353dd6889e2b035cfcc5f805e5422819a218a618f8b6ce7380c1ae1f2c2e0d18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 17:11:10 GMT
x-content-type-options: nosniff
age: 9002
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2595
x-xss-protection: 0
server: fife
etag: "v1d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 05:35:09 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/mG3nm_a0D0U/ Frame CD20 4 KB
5 KB 123ms
38ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/mG3nm_a0D0U/default.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/mG3nm_a0D0U

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5f671e0af697ecab4baa111def1d10fc177a156542554c954adc63c33ba9ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:21:48 GMT
x-content-type-options: nosniff
age: 1164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4051
x-xss-protection: 0
server: sffe
etag: "1637801908"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Nov 2021 21:21:48 GMT

GET
DATA 200
OK truncated
/ 171 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d54dcd77074f01887904d8c513df01f4263607b438f5a98a3366f192b908d75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 cvga01tHYRc Show response
www.youtube.com/embed/ Frame C51A 60 KB
24 KB 94ms
93ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f5bb2c93033629733463ca6445e17b5e6d1978a4d62ed5910216f7c598337d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 30 Nov 2021 19:41:12 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: br
server: ESF
x-xss-protection: 0
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CD20 4 KB
3 KB 154ms
67ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 19:41:12 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame CD20 0
9 B 36ms
36ms Image
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?sK9iaw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/mG3nm_a0D0U
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/mG3nm_a0D0U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/10df06bb/ Frame C51A 336 KB
46 KB 37ms
37ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/10df06bb/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c55743b58d342599d6de2048f24e73a34db12343acaf87b41083cb90d35304f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 12:05:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27363
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47200
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 14:49:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Nov 2022 12:05:09 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/10df06bb/www-embed-player.vflset/ Frame C51A 215 KB
70 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/10df06bb/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5241d3458a6081971613b26af579e3e5bb320d399bd699bf0b943f72f10271ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 13:07:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71977
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 14:49:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Nov 2022 13:07:43 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/ Frame C51A 2 MB
523 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ade01c43a6a30c054628dabd4b086ca6566c6421ed69ccb37af29c642cc50c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 535067
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 14:49:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Nov 2022 16:02:34 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/10df06bb/fetch-polyfill.vflset/ Frame C51A 8 KB
3 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/10df06bb/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 06:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48445
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 14:49:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Nov 2022 06:13:47 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C51A 15 KB
15 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 9271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 17:06:41 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/96/ Frame CD20 52 KB
15 KB 93ms
40ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/96/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 13:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20637
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15236
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 15:10:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Wed, 01 Dec 2021 13:57:15 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame C51A 113 B
159 B 126ms
72ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f67468353051bd55e02f4851f957e9ee695c3f1e5a6b5353503ca548d2a62bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame C51A 29 B
54 B 87ms
37ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:27:28 GMT
x-content-type-options: nosniff
age: 824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Nov 2021 19:42:28 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/ Frame C51A 94 KB
29 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54f22aa5e8ca501f9a326bb2bfd66cda703af49194cbca042413ce710855d662

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:02:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29859
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 14:49:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Nov 2022 16:02:37 GMT

GET
H3 200 TEwuquBp3QwJuFHIV_KXdL761CQTMLpoUpbSVkNeo80.js Show response
www.google.com/js/th/ Frame C51A 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/TEwuquBp3QwJuFHIV_KXdL761CQTMLpoUpbSVkNeo80.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c4c2eaae069dd0c09b851c857f29774befad4241330ba685296d256435ea3cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 15:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13375
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Nov 2022 15:04:12 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/ Frame C51A 24 KB
7 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b79552b464a6cae059926b71822dc20c7eeabec6336b43b6d3074f00561a9e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7355
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 14:49:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Nov 2022 16:02:31 GMT

GET
DATA 200
OK truncated
/ Frame C51A 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AKedOLSJ14sB0CtJhMb88MGQ786nK_zDJJYJo4Pf5scO=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame C51A 3 KB
3 KB 86ms
40ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLSJ14sB0CtJhMb88MGQ786nK_zDJJYJo4Pf5scO=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

353dd6889e2b035cfcc5f805e5422819a218a618f8b6ce7380c1ae1f2c2e0d18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 17:11:10 GMT
x-content-type-options: nosniff
age: 9002
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2595
x-xss-protection: 0
server: fife
etag: "v1d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 05:35:09 GMT

GET
H3 200 maxresdefault.jpg
i.ytimg.com/vi/cvga01tHYRc/ Frame C51A 90 KB
90 KB 87ms
40ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/cvga01tHYRc/maxresdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c240a5146daf94f9fa762825b3d88545b0b8301b261ff0782b22016c17fc8add

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:39:19 GMT
x-content-type-options: nosniff
age: 113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91733
x-xss-protection: 0
server: sffe
etag: "1629952402"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Nov 2021 21:39:19 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame C51A 4 KB
2 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 19:41:13 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame C51A 0
9 B 36ms
36ms Image
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?ICGdOA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/96/ Frame C51A 52 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/96/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 13:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15236
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 15:10:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Wed, 01 Dec 2021 13:57:15 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2273 0
0 74ms
73ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnQHqRL-c_NJBAftHB7O53NrOWhpoQGBqC5ydRbQFvgIvu38ugIvR8N1VEAi5xbuQe6ivAt6wk6DR8xRT94IFp7MIF7mBALy51mS64mXRRGKwmsLJ6YT_P5K7YI-5QV4GQWpBT6Oo1NcYOLM5_krwHXsXhm5o-9pFiz5r1HjVbwD4M0rDaQM6E6ZKW4VYZo7ZvcbSswV48PmPgTFuxw7J9L6s_afdISPVER0Cw9ZG80z5V2457uz20zz0c54UUGN93kS4rdoKl7QgjGKVjlkNR-C2VctULNVqRbV2Poo8MR8DOMKTb4DYmzcQ_IQM20yIhtWRwQA&sai=AMfl-YSJuZxmU8R1xPdQczAIyJlhDS8rmmZw_NHHAbO83OxhCWUA3QZb1QJrPVkHlWcRscuO9SYgRGK2bn7_h9mf3Y1_9iEAkj4bNMy1v6TzGdYdqh775Sndk4Y-1LVF-3c&sig=Cg0ArKJSzEw_AcTe4ZwYEAE&uach_m=[UACH]&adurl=

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 19:41:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 2273 19 KB
8 KB 91ms
41ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:39:58 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 2273 2 KB
1 KB 90ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:40:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2273 119 KB
36 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 19:41:13 GMT

GET
H3 200 2583571175871041583
tpc.googlesyndication.com/simgad/ Frame 2273 50 KB
50 KB 95ms
46ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2583571175871041583

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9b4c9c0fb4555dc93155778ce71c918f42a46e212d1e1358eeca27df4135c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:40:01 GMT
x-content-type-options: nosniff
age: 561672
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51163
x-xss-protection: 0
last-modified: Tue, 25 Aug 2020 20:32:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 07:40:01 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame A0E3 189 KB
55 KB 167ms
42ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 271181
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Sat, 27 Nov 2021 16:21:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 27 Nov 2022 16:21:32 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame A0E3 13 KB
5 KB 259ms
134ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 271181
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Sat, 27 Nov 2021 16:21:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 27 Nov 2022 16:21:32 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame A0E3 89 KB
28 KB 232ms
107ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 271181
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Sat, 27 Nov 2021 16:21:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 27 Nov 2022 16:21:32 GMT

GET
H2 200 amp-bind-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame A0E3 39 KB
14 KB 252ms
127ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-bind-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdc5c77fe8175f57d1dfab4cfb8085616d8134bc78125aef0ad20e94eabea2f5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 603366
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13809
x-xss-protection: 0
server: sffe
date: Tue, 23 Nov 2021 20:05:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6246efd7e09cdfdf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Nov 2022 20:05:07 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame A0E3 5 KB
2 KB 261ms
137ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 271181
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Sat, 27 Nov 2021 16:21:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 27 Nov 2022 16:21:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame A0E3 40 KB
13 KB 246ms
121ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 271181
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Sat, 27 Nov 2021 16:21:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 27 Nov 2022 16:21:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A0E3 3 KB
579 B 106ms
60ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 17:51:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Nov 2021 19:41:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Nov 2021 19:41:13 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 16F0 0
0 93ms
92ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQLMJtXsmgxc3UbgEcTHrJJAxwvPyyuVJwFL8kgJ3L07esmMuZJiPQaPa6Vv-jCq7Qah4E_36isBecvfT0MA41POHjr8mhE0M4QLcByq6y6olI8k5JIi9Je3GB4YyuyTi3CVf-ZUT6BOCy1G3ncCBHvrTEzUOpzIACFr1aPRED9DCGFEtuzu4jHM9sSblf9jIxm0hEFY-IAouoBRLkpCHeE7_r2gqE3fSBhqh4dVSSXZZ_VjoZZHnpH4jwaQnijJ7364BnPnJUdDxcX1EF7tTYh89ClMyO6RkEwznSgG6xHJxRt3eQZDkir2cFSXL4cSRGnsKeqQ&sai=AMfl-YSqKD3JarnMlaFvuDHuT-mcxjyBxXq0kmiwDKohqQPl6ZsUDf0KBmThXByUKNajbqwCMGY1A3zGJgSkP0DpdvzJp7wNeCoKBp9tnXJaB8CwLJ-bwNQDW91aawET5TY&sig=Cg0ArKJSzPgkN1KhUeTKEAE&uach_m=[UACH]&adurl=

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 19:41:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 16F0 19 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:39:58 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 16F0 2 KB
1 KB 96ms
96ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:40:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 16F0 119 KB
36 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 19:41:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 16F0 0
0 48ms
48ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUBitoObDfcB14Gk6siJVBn7PiHaSUcAhkzpSEmaGGNnK32Pf6XzMqlWwKEMQ7tQU-zjFPMScvnmNri36oSrUrhu5FIQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 15515833803270513543
tpc.googlesyndication.com/simgad/ Frame 16F0 41 KB
41 KB 96ms
96ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15515833803270513543

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7414c20598c02f964afbaa5f423af72885050a7aa71a363711b1c0a49fb37bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 18:08:08 GMT
x-content-type-options: nosniff
age: 178385
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41923
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 22:42:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 28 Nov 2022 18:08:08 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3728 0
0 90ms
89ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuX2GNv83mVt47UgwSKVxCSVWBmxNUc7Zx5TQhRTdV1bkMOZqhAwcE6ubRb4bWwdqDvUFX-vTzFYl9dsr7-RRPQNP3csh9yv061Bl3d454QJRaF_8w780_IIGQzigQ0SUq7gRlZWKYG5SbAJ6Q7trfKMmBXildLiDScerQQpG_qSUZdGRqLip0hfTI2TPp6P2X3oeZtGWD5KWjus8VJ9n3STTelG0N36Dn1KNWtJcQCFeaePJZ2SjllmHxP_LawqnlJhr-gzixHrFWNxyQiHWC045u9zDwQjBwIKj3iLxFWBbJAviK1p_UILvVRNQU_sCOXnexgdVw&sai=AMfl-YRnO8c9uitpFC0NTIB9YT_F0sSrgRA5a7BbD-VJiqYZvKEWoSGd5GzwRbxwsX8A7jv5Q1RVAgwE5L5lS8oO_zD0Qvp-lWjC9KyUaj24g1wE4hoUZZW4hTyWc9NgVHs&sig=Cg0ArKJSzFtDcBFsIeUzEAE&uach_m=[UACH]&adurl=

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 19:41:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 3728 19 KB
8 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:39:58 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 3728 2 KB
1 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:40:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3728 119 KB
36 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 19:41:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3728 0
0 52ms
52ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrtqwklUBlbngznOCwDxaEDmsvDTR6639WN4orkX3iN9tqhROZ_K53YNessSrewBZYxA5F5T7Fw4QavZg-SgEINivT9w
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 17339819649150446487
tpc.googlesyndication.com/simgad/ Frame 3728 23 KB
23 KB 99ms
99ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17339819649150446487

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749b1c397eff7ebda926c547943bae2e1f0d12b9dc5c30c60e095402080f705c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:29:54 GMT
x-content-type-options: nosniff
age: 51079
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23472
x-xss-protection: 0
last-modified: Mon, 01 Mar 2021 22:48:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 05:29:54 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B6F2 0
0 90ms
89ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbYZfvdBYPC1UkpzU_mzCfp5FLLZZd7m6TsqnlyGcb_xUEJAtlBoDTPFs34cTBqsR8f7WH76HRvVNop9HJIdx0l6KkvtRZRjZgb9_-AnH9uxxvkdVL2Dp4nY2t1VVZSt9So0CajwnorOoYJlQARwo06SJR0Aqa5xAzawTqPOyhVc6ispz0oVt1ht_F1VaBPYw3CIAKAlJTeMHc4im-W1rcZVvKoSPBe5js7xgk-bRKmWqAEz23EBKw_tcCJ_8K2wCsIhPuB8v7ik6NkZ4TYTDgXAIb5a-0aY-4fMLITHmkf1mkPGrtoRNW-L_5uX80m-rRv0aSABMICjY&sai=AMfl-YSIyE6ZR9WtzlPc00spMEqVzy658B7il8zVQ7WeZ2_zj6zCuBuryGny1F93eDk78__r59bApKy5JB3d8L3UD-xzsaNjbhFnSJtLHE-6q5oZuF1I_3n1G_8lU-NrAw0&sig=Cg0ArKJSzJus4PiIG4IGEAE&uach_m=[UACH]&adurl=

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 19:41:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame B6F2 19 KB
8 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:39:58 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B6F2 2 KB
1 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:40:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B6F2 119 KB
36 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 19:41:13 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B6F2 0
0 56ms
56ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxIbYf_sw9c78o2tEXKt-En37v6k9KWnok1f9QaVouVwQDJHs54fSSBbGSfNuMkoX-awO8kMLOhrh56UI_hPET-Svxqg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 17477597680110236569
tpc.googlesyndication.com/simgad/ Frame B6F2 66 KB
66 KB 94ms
93ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17477597680110236569

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0c275307b8e5e416916a37725bb7a8561bc98648534ebeabfe2c5402957e23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:15:32 GMT
x-content-type-options: nosniff
age: 401141
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67569
x-xss-protection: 0
last-modified: Fri, 23 Jul 2021 04:59:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 26 Nov 2022 04:15:32 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A0E3 2 KB
2 KB 98ms
96ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 09:41:39 GMT
x-content-type-options: nosniff
server: cafe
age: 35974
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 01 Dec 2021 09:41:39 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A0E3 295 B
319 B 97ms
95ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 35288
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 01 Dec 2021 09:53:05 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A0E3 0
0 91ms
89ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Czx22V36mYY2SPNSIlQf38rmYAYz43N1mhYjzxoUPwI23ARABIKLf0SBgleKQgqAHoAHEhseeA8gBAakC2daWD8ERsz7gAgCoAwGqBKsCT9DMjgfbO_20Z2eYkJGh1HRLywdf9eNJQfWS2aZaMhdTZwQ-28lr4Rd-tmC-QXmW5EdrEbA7VDbhKkeRXw-oPWh6qw-gajhds0vRpobFwV4fL_WyneQtWnygZzG0pBiHcHlLlC_bB5gduzTkbMYVkQiNoMXdb4nzkNaMKbG3xCZdB_T6LSzcMsws1wOHQAOV8k06dBTI-4JXiu13NurXma9bwdfflZ8WMVy3aQk0TRATZtCyOxfnviPYh8VY3eB_3JYjjeTknpb_KIs3Wq54Td0nvpz0JeSrO53E2vkcWmR7wFNggU0VC_ByMZ6ydAclvZ9eW3zzf8FvRcBTzjpKU97SqsgR_Xa7PptFdYq-lwik5wHGkvGrOYZPZyxaVYL72R0sn4qrum3mvVPABKe6rtfvA-AEAYAHpPm4YagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcDEIZB0ggJCIjhgBAQARgdgAoByAsB2BMD0BUBmBYBgBcBshceChwIABIUcHViLTYyNTExNTU2MDcyNzUzNDQY8vQU&sigh=hq9ky21-8LM&uach_m=[UACH]&template_id=5001&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2273 0
0 77ms
76ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVI14pPYJugzLjwHVtNDgDqBLOxIQ6m9STHE50cEW2F52RJsNjsli37tuwCjhNf9cs5cwK-E-NvqqNNSRCh4E5JH9Fv8bNMqwKbLmr-x5Hd7S9owGZebjld-1FaeB7wXeBR9TXZAvIVs2v4Lu1RSvEPB9PWP3xEYD6XtxHHgCTJZFdcP5lOzJw8ummOrk3SAmeKZZGLLsqh6tkZNVjXu8T8ab_qlvHDttWM8iDgtr69VRclnD5ijD6howQStxkAfi-VV3ZYQkVdPif0xL65NFamvog9FU4XuJMcn6tGJuKXB73_Sg2YGgK4-nZwwX6WwpJKUfPKyof&sai=AMfl-YT0l9uJt5ps4eaIut4j3XGWRpGUD3JL0qSmKbC9b5JmSjVoTMH6QcnqALfb1Vj8nyQqofhsHZ7Dfx37FVKqhcGMwIHB_PpBNNNh_pkoJsNBLlZTLcn5OaFnMJ79x1Q&sig=Cg0ArKJSzAxb0bZWRZUtEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 19:41:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 30 Nov 2021 19:41:13 GMT

GET
DATA 200
OK truncated
/ Frame 2273 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35042c496581e1d0b6f8b29ce448b35444c90cf4616a80b70331429aaa2166e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 16F0 0
0 75ms
74ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBV38E-474MolMlnNVzcZwyK2j4k3EkFB8nkvHqKCQ6Wgw0aTKgkUhaLAtfGZKNb9f_vWBAkU6ENIePMH3FT-4-4tREt6Y35fPorLmGv99Vco2QB6k4Cc4viUm2jF7bLISNQCZH3sMjqLbM6Det-kBd4bfddz8v8rercvLiGrQJlgI4zo0jS-57TfVfAruzXh3eU5y7Jtn4fId92U3kiy7HdqF9eOA3IdCJEjEpQ8Q8pYhdB1Kv08gqrh4HfIxsX4rdWZ0KUkvzaCPwRRlVul0FrkrT5QIa4KtS532US-L-S6IgaLWhmekYsufE3WfNSOuFSl2DAGN&sai=AMfl-YTDtJYNMHOWwf3EmJuNICvtBgF0Pf5OzE1QHhAeVKem-oLhNpCFvD3qUjsfBGV_Uqlve2i1NLaIfS3n_NYG0GDrYK0faflHg9oL7B-KzYnwWh8hUIKl9sXhK-9Tnks&sig=Cg0ArKJSzO94gNl8OBtmEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 19:41:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 30 Nov 2021 19:41:13 GMT

GET
DATA 200
OK truncated
/ Frame 16F0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 872c97ba4a0520a75ad0e159768f93c47220ace2f07978ed667101a88b17774e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3728 0
0 75ms
75ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUau5MkhmuWqg2FQ_SN47SZBrNlw-Oux6mouH5oWLh24yAu9SEs9Vb47SGWSU5gD5DRO6JA-CzP_8uur_nxqwi5NPcVxxHLHIfqv0xv9Irouv0AoILxP8UTjYvm9wD4CCmZWr1_vKS9bTAPyug0vAujaHO5DUzfM5ZELEdk4p9Ds_AL_KaYQbGrRAyG4p1DKZElNsEt3jTsaLbq-P5rNoxOhX7dOPncloW2Ounp1hldZ7cRDG8HrqbGQoUOHgl2UpbN4PWdmca2d9D8xBMzcX--TAB6XnjjTp6DEG7b0U3rzaRNzunWMqpS2e2A4bw4k6XwTLlJ52Rcw&sai=AMfl-YQhazJdGLFSom0lqRzAMJdlluh7dZkvMANXnNLpkf3T8NC12JWWcUyajEypwv6SeNu7ns4t55DHwVpeX5zqRNgEg6QrBd8VPA16pruPHaL9LR38G_SrTCTPd4L01mk&sig=Cg0ArKJSzNlZf-yw-Wa3EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 19:41:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 30 Nov 2021 19:41:13 GMT

GET
DATA 200
OK truncated
/ Frame 3728 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b5623b4ad4e21e08825566ea685829f4a8a5b570ce1709a75f27e0a35d5967f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B6F2 0
0 74ms
74ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstH_8eKEwWyicAc_2RaFcAyy9V-FP5vtbiUsOoOZ3Cq1_mPMxVqssMzw0FA5L0imxrkJJfyKHPqrHuitCNg5f1CT1rEUpNS7bYgGy8_ZYk6raPvwyywxIcv0NFwIHs5GBul1zdI-XuauBHrIdEvV151z0koI49yB1anITSYzyDRBNzmWlaWNzByl7ChAoRapol1NViFsiH_RPykfN7KHlLeg4htnjc8M7fh75A7xW8x9Cs76gUaZewqDn_xjuymxvmkmqMUY3damvSHqu-89Th8gsaKSL8TF74XH1hM5yMUgfZ_iF303qIzkSifFsI&sai=AMfl-YRpAjNRhMqHQSrJVRTF4GdpdpeyEEeI1ZFLRGib5v5KpY9f72uank2MhEP0w9BNwKL9aHpTpihF2GbrDxQ0sRI8vZ42_u7auVObDNhKXs2pGs7AIU5C7NqckxYv3pA&sig=Cg0ArKJSzANqclEzbpihEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 19:41:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 30 Nov 2021 19:41:13 GMT

GET
DATA 200
OK truncated
/ Frame B6F2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebf941cf3b118bbe070e35c2ff116f3285eaf846ff87bb4b5119c8a496b683f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17663047172003170444/ Frame A0E3 2 KB
2 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17663047172003170444/downsize_200k_v1?w=100&h=100

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7056c0a72648ef2f7dc77f9ba194755c45df5c9f7cc31eb6cbaa465f15c4945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 16:57:38 GMT
x-content-type-options: nosniff
age: 269015
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2457
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 11:53:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 27 Nov 2022 16:57:38 GMT

GET
DATA 200
OK truncated
/ Frame A0E3 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3030cd165935e13129a538d05355e4cab04a5291003e37ecec8245cc513bcb8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame A0E3 21 KB
21 KB 36ms
36ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thedailyblog.co.nz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:54:46 GMT
x-content-type-options: nosniff
age: 9987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 16:54:46 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame A0E3 21 KB
21 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thedailyblog.co.nz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 91187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 29 Nov 2022 18:21:26 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A0E3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

94ms
94ms

Image
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H3
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

date: Tue, 30 Nov 2021 19:41:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 ww.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame A0E3 44 KB
13 KB 119ms
39ms Fetch
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/ww.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12b5a0cd92c9c7b2dc1eb27e61f457f3aea8a63efdb8730379b69b5699760f5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: text/plain
Referer: https://thedailyblog.co.nz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 592570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13267
x-xss-protection: 0
server: sffe
date: Tue, 23 Nov 2021 23:05:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7efc785ca7345398"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Nov 2022 23:05:03 GMT

GET
H3 200 container.html Show response
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A3FD 6 KB
3 KB 87ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 30 Nov 2021 19:41:12 GMT
expires: Wed, 30 Nov 2022 19:41:12 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 53CC 624 B
299 B 51ms
51ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUlpG4Tib0GGJ5Xlj79lvlubCjzRodl5dTfZKOZoVfa1Z9qo0CwakeQlB73AzS0zTGIXDCD48Mu4alrhh5bglyCuslrbghkb5viEJes4PcJ3HhrYwtv2J3ZFH7s3avfcWzg8FnRkmhdEY9Sw0hNedCe5lXDAzGAfVc0uraKosjKSVuEn-8

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 30 Nov 2021 19:41:13 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Nov 2021 19:41:13 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A3FD 25 KB
15 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dz1I9XFI222RypnbgRUyagSY4nQmc45xrP1cqrmfwUOBbSyvILdVpZ5WZjwN3YVopiEwXgiO9YcfFXXxBMadwyBjmvlhnvnU2lBrC-H3OHUt72NTIHywiCi4FV1wAA_MQiG6RDc--uaq6ujODbNJ71Kay7Aw&cry=1&dbm_d=AKAmf-CjPKMcnphgB9tYnClSYd_3PjlWYKiitP0-33h_jnEGTSYmKfyPFZNHnQh9i2f7OrFKhBzQCgeKAXFDADRCsUWYsqaixAnAIMq1ZfMt1jr8rBaRhyMZPvqY7DEI5hXGIsRn6bmhv06GjRW3Hw74GDIsgxWATZAjU-uG-6wfdXWBLiYPjtlJC9KDO67LMBnW-O2Y4WKGc-XnO00gVLEBsGhETV5RgaC-ywyDB4xAk3u7UJdXtjnyDWwJBcbnAiOjsLE-0Dn6-eogrA5qozGOp9nldSbyCuv0b5U4ztOiVm7dogyIhH0QQZytZp4jiQUQqFXKCfbKeHomyZbNpuZ-xhkRcIruHHAMolH5nEzmzLQY0EjjxiXBwWfw_wSm6VjXtjsH9iRFD1MINEHFdU5Q1LZdCsBf9f92SAOQtVlRfsM7AQht8MRiiOoDldAOJQL1JmwvCASOqbrx7Z8-eIqeuNzbtFnxOd9BJT80JabL8sB6Wxn85MGmHpLFO_aG8pCJhDOnh5uQ3o5nLQqqZn-Y7zI5ObrLC64cX0Lx5yMVJNuede5kylBjKxbzj_DqjHfSR6dC0yLCmeOW_UyqdBnvIF16x1u-E7CqAJbobxLofvINN56kaYeb-JZwp1lCrN9or0hfA09i4quu8vs1hwonJsuzpzZj5NsbOIgdYgMZi_9vZwebDMxCumkYuCMehJd3niT9stkMyQ0TZ1FkaPSti3Q-AV_2EyC-C4gaxcLUqi5hBqpnXTSg31LqSeKfyTpDj0J-TbyO7r6UqbsiY29WnlHk7wddetA6rgg8DJAE1l_1SuA-j4thBCaC0dfw6z7wvVl1qMPICRDAhL6_P0CPbG8rz0afWlbMi9b0QT3TFcB13y5lCAO76PCzqwgq7NfetRE48l5p8SplXqn1FQRSXvoM_Jc7rrf13DrukDw6q0kvLDKRprdVJF9pjWUFsxx0mLFYn_VS45vu2ghf65fVbieGZJ9YeSG04lQKHytgVRdSwYI-ug-aH6VE1n1fDnAEj1dSgL0Iw-hjNoG4nkoldbJ3tY5VflLQwD1-npqzmHPQk3nh5kRS7t1wZqvU2xVCkj2EC4ftkLS4AgxdNfDXVUB58z781HhaC9Xq27yYeuVGdW8OZI7Z0e_CThY0MguaY6kCPYMgfOnWK3qKaOrAod_881zMC_G61Cg6sUifIow0dVEAEMfZWzl_3obJfJEyORUNvoE3WRjsFi9c8zsErIwMZZfxMcy82wx0w5UV2Mw58VrPopQL8z_3-hF7vYrjkQD4f1q7cmuUieqMzD8107H-JGOqXPOlJMxwZs_tmA-0QCzWLcmTi92eOYvWT5ndDfdYsKaY7kTac74knSa9yaYPBhGH0v5BQEJNGZChyEo1gocWZaRCPD8B1RS23C6Oh5rLe5GLjL3WZShy1mcmWaSgCBIMbkLS7IUJJubfJJpAHkucjgyFz8iZS86WfjE-3vpuGGwWaK-Sk06NrShpo5WGEMn-IQnzWj9TbuqL1OED4eSXquI0Yzu4lKvmBwweNrHfBQF-AmPtD6CjgjuecWprsHKbxmjOC6_3gnNeVqU1Lmau9fZuMlhjxO-CqwPvXZOw_vW45ATP_A99nFYKnCcbgDftqLEMADoNJTA8Stec1pxtB69zXetPlA4N4JP6tmOCCdZnq3jFKH3audxU5xl33J0531JvnQkMqnWtK17p-BRpezE6WfX_Plm6ZW9ei-bN--4qK0khDn5gwn8LZ_6lh2bPoQoknFlyXovuECOtSE8xlHrt6D1cwgbDcz8jVhwMSh7mFYJKKhb2Z8rKCnklqFHfsG6gfPUHRWVtUqHTQXcIER92Gn6alNmSVNgioJws8DhdPv6SV72e4QfAoDyvYZ_B06hPbEjgEsCPIPUcGrKjaV_wnYDruqnJbKzhPW2rmvrYqWar7qtgNUqX0_8icamBfultuF_2XS4AG0s2Kz32_FDZbE7ac_1ZR0l7ADEX1jM1u4bVG1n4XRO7YVVcVLxRVSiVB0-_g8WdfJrT_YJzHD_9B-yKCHMmoHJPsOLlhlj1JAefHiAwmSHlxKmUzjO8Hu4VxyXdSteh2Wtn_hvai8LiYgQ2hQSTzzew1JE59jJnwfd5p5lmH--cxjzT3697qSFvnzhka5xWuezq791SeXd-5MuXEzTyj4b7K_A4MrkNCcfIQrz5KRuXiLWBbHcShvM84O-USwYuxytI2MS5903n4a3Dl5M-La03F27Tv5I09Yi81xOP4bW_QdXovsNqMHGJbqioJLyJ5TG4KjUuKICZTIRSPa6ncpzUm-CsihnqulHVX1JeT5Eb0eNZxIx_S9tG9xtdacFAf53Ps7ec1i_Vz-sWhUBW1Bj_juufp5tOZ9q_Jg9YbNhZRXZ99VVrK-A18R_YXcQ3ujCP_MyvC3WOzOWLcbcDoBq0mRUMyTYXHRtMGesUuZd55GxoPKfiuvkqYOFAQ3xbxXy8jMwdXWOmpIAfnnAZQEv44r_1joJrmDWzwAmql19XlngPwofdqvcBAVfgomLpPWMDZwnmQwwQxzv28DexoNqEL3SkrR-8gq9mbTNf2WdFBmCtRjpzCtNWn5ree8qAiqv8z4OUhXTuz6easQ1isl7UZJKTJf-rAQzgEnOAWVfCjGZO1SGw_KaxFtU8qY3i1vIAQTSnibjcq0QxJYFeQHNOwjlNzcJLZTzCpPGgyxkQPQf-phh0muHsBA17dExkHxHMkNeRK8MFbp5-zIYwCjyW_p1U8K_LrJwhIYFy7fbYx8bG_3CmXi6hvLSYf_Iz8aCeDhv5KrHDBEjEOwQ796PfOPaZ8zbZwktNk2HdQ01TNXr1u0Y2JgksgSiFFslA0WMtRjJGOhls9OoWHtBcQiOhh3ZaYxYiK-drk9e1hNTF-p24beL5y6PzzTVIJzX2zKIhIJBqjTQBt9ZIFOWAhAbdYAWOWUDsjNf8Z7CehhmfKYeldPtU_4ySK-ASxmgTzbn_i6V3ozy_S-CpOLibz-3k9MIV0kigc7Wfz9vXjl7k_qR75jr9ahIvV1fkq0yxaO7OsIKiJknQCaB55Xw-mEPt0RzDfhNXqm5s6O8rgtDw25-reAsCOaBi6LX9yhOBeVy65y0ZMsPJk9jfGZNXGDLOqMaZusKSy-W_BvAyLL4kdJF429tU6jW_Udm_nx8nJeH0BIK_w3lFlggBT-gqgufbQ7ciaV62Y_ZfBdrYIjtb_Y3zJBCx0ZDAGzlpfWrEl75WoEuEbnoc8-57ueDZ7LFOjIGk4nzCzxgw80Srj5ZC1jpYpVbgyg&cid=CAASFeRoGFzwVeDlHHL2ykUrsJyJn0uXVQ&rfl=1%2Chttps%253A%252F%252Fthedailyblog.co.nz%252F%240

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a68d2fb183323e0cb518ea83604a099751c8451f454c1e8abc7c51f5643e3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14904
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A3FD 42 B
173 B 156ms
72ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BA_hFZOh1vm3gxp3idZSzbeHT4ge7MrWqpisEmnoboKxWVyUe_mnB-Usg8tgE38RxBwlZi7dkJwkZhi5CFCEiABCgenDCzcFD7BQKmCJPpIfrH7bA

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame A3FD 2 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:40:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A3FD 119 KB
36 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 19:41:13 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame A3FD 15 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:40:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:40:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A3FD 0
0 44ms
44ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT6EI71U8ogWkc5zvvAPt7KbR0tW9ukIWp4e2NHpWWoiUV1Lc2BsR8g7WqToGX8PO5N7zwVyHBvI8uIpKpOtkyRZET7ug
Requested by: Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
BLOB 200
OK 0f17d601-81e9-4494-b434-b0f5ec9dda6e
https://thedailyblog.co.nz/ Frame A0E3 44 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://thedailyblog.co.nz/0f17d601-81e9-4494-b434-b0f5ec9dda6e
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b29aaed9adc4ec2ddd131f9e65173f34be17e68efb348a675cb900942f9675c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 45108
Content-Type: text/javascript

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 53CC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADGRWgGDXqeQNmh5nKZu3Y&google_cver=1

43 B
894 B

12ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADGRWgGDXqeQNmh5nKZu3Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUlpG4Tib0GGJ5Xlj79lvlubCjzRodl5dTfZKOZoVfa1Z9qo0CwakeQlB73AzS0zTGIXDCD48Mu4alrhh5bglyCuslrbghkb5viEJes4PcJ3HhrYwtv2J3ZFH7s3avfcWzg8FnRkmhdEY9Sw0hNedCe5lXDAzGAfVc0uraKosjKSVuEn-8
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 19:41:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 19:41:14 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADGRWgGDXqeQNmh5nKZu3Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 53CC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaZ.Wp1Fd22iraeQB251TAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADGRWgGDXqeQNmh5nKZu3Y&google_cver=1&google_hm=2

43 B
894 B

24ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADGRWgGDXqeQNmh5nKZu3Y&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUlpG4Tib0GGJ5Xlj79lvlubCjzRodl5dTfZKOZoVfa1Z9qo0CwakeQlB73AzS0zTGIXDCD48Mu4alrhh5bglyCuslrbghkb5viEJes4PcJ3HhrYwtv2J3ZFH7s3avfcWzg8FnRkmhdEY9Sw0hNedCe5lXDAzGAfVc0uraKosjKSVuEn-8
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 19:41:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 19:41:14 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEADGRWgGDXqeQNmh5nKZu3Y&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 53CC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOBWYQOn-yW3TNQA3TxWPNw&google_cver=1

43 B
1008 B

35ms
35ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOBWYQOn-yW3TNQA3TxWPNw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUlpG4Tib0GGJ5Xlj79lvlubCjzRodl5dTfZKOZoVfa1Z9qo0CwakeQlB73AzS0zTGIXDCD48Mu4alrhh5bglyCuslrbghkb5viEJes4PcJ3HhrYwtv2J3ZFH7s3avfcWzg8FnRkmhdEY9Sw0hNedCe5lXDAzGAfVc0uraKosjKSVuEn-8

Protocol

HTTP/1.1

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 19:41:14 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 14405579-d493-4c6d-85d8-1a7d8ba4c87f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOBWYQOn-yW3TNQA3TxWPNw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 53CC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk1MTg5MzY4MDk2MzIxMjg0MQ%3D%3D

170 B
243 B

65ms
65ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk1MTg5MzY4MDk2MzIxMjg0MQ%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 19:41:14 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a4be6485-a90d-4d53-af1f-eeaeea9db163
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzk1MTg5MzY4MDk2MzIxMjg0MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame A3FD 24 KB
10 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dz1I9XFI222RypnbgRUyagSY4nQmc45xrP1cqrmfwUOBbSyvILdVpZ5WZjwN3YVopiEwXgiO9YcfFXXxBMadwyBjmvlhnvnU2lBrC-H3OHUt72NTIHywiCi4FV1wAA_MQiG6RDc--uaq6ujODbNJ71Kay7Aw&cry=1&dbm_d=AKAmf-CjPKMcnphgB9tYnClSYd_3PjlWYKiitP0-33h_jnEGTSYmKfyPFZNHnQh9i2f7OrFKhBzQCgeKAXFDADRCsUWYsqaixAnAIMq1ZfMt1jr8rBaRhyMZPvqY7DEI5hXGIsRn6bmhv06GjRW3Hw74GDIsgxWATZAjU-uG-6wfdXWBLiYPjtlJC9KDO67LMBnW-O2Y4WKGc-XnO00gVLEBsGhETV5RgaC-ywyDB4xAk3u7UJdXtjnyDWwJBcbnAiOjsLE-0Dn6-eogrA5qozGOp9nldSbyCuv0b5U4ztOiVm7dogyIhH0QQZytZp4jiQUQqFXKCfbKeHomyZbNpuZ-xhkRcIruHHAMolH5nEzmzLQY0EjjxiXBwWfw_wSm6VjXtjsH9iRFD1MINEHFdU5Q1LZdCsBf9f92SAOQtVlRfsM7AQht8MRiiOoDldAOJQL1JmwvCASOqbrx7Z8-eIqeuNzbtFnxOd9BJT80JabL8sB6Wxn85MGmHpLFO_aG8pCJhDOnh5uQ3o5nLQqqZn-Y7zI5ObrLC64cX0Lx5yMVJNuede5kylBjKxbzj_DqjHfSR6dC0yLCmeOW_UyqdBnvIF16x1u-E7CqAJbobxLofvINN56kaYeb-JZwp1lCrN9or0hfA09i4quu8vs1hwonJsuzpzZj5NsbOIgdYgMZi_9vZwebDMxCumkYuCMehJd3niT9stkMyQ0TZ1FkaPSti3Q-AV_2EyC-C4gaxcLUqi5hBqpnXTSg31LqSeKfyTpDj0J-TbyO7r6UqbsiY29WnlHk7wddetA6rgg8DJAE1l_1SuA-j4thBCaC0dfw6z7wvVl1qMPICRDAhL6_P0CPbG8rz0afWlbMi9b0QT3TFcB13y5lCAO76PCzqwgq7NfetRE48l5p8SplXqn1FQRSXvoM_Jc7rrf13DrukDw6q0kvLDKRprdVJF9pjWUFsxx0mLFYn_VS45vu2ghf65fVbieGZJ9YeSG04lQKHytgVRdSwYI-ug-aH6VE1n1fDnAEj1dSgL0Iw-hjNoG4nkoldbJ3tY5VflLQwD1-npqzmHPQk3nh5kRS7t1wZqvU2xVCkj2EC4ftkLS4AgxdNfDXVUB58z781HhaC9Xq27yYeuVGdW8OZI7Z0e_CThY0MguaY6kCPYMgfOnWK3qKaOrAod_881zMC_G61Cg6sUifIow0dVEAEMfZWzl_3obJfJEyORUNvoE3WRjsFi9c8zsErIwMZZfxMcy82wx0w5UV2Mw58VrPopQL8z_3-hF7vYrjkQD4f1q7cmuUieqMzD8107H-JGOqXPOlJMxwZs_tmA-0QCzWLcmTi92eOYvWT5ndDfdYsKaY7kTac74knSa9yaYPBhGH0v5BQEJNGZChyEo1gocWZaRCPD8B1RS23C6Oh5rLe5GLjL3WZShy1mcmWaSgCBIMbkLS7IUJJubfJJpAHkucjgyFz8iZS86WfjE-3vpuGGwWaK-Sk06NrShpo5WGEMn-IQnzWj9TbuqL1OED4eSXquI0Yzu4lKvmBwweNrHfBQF-AmPtD6CjgjuecWprsHKbxmjOC6_3gnNeVqU1Lmau9fZuMlhjxO-CqwPvXZOw_vW45ATP_A99nFYKnCcbgDftqLEMADoNJTA8Stec1pxtB69zXetPlA4N4JP6tmOCCdZnq3jFKH3audxU5xl33J0531JvnQkMqnWtK17p-BRpezE6WfX_Plm6ZW9ei-bN--4qK0khDn5gwn8LZ_6lh2bPoQoknFlyXovuECOtSE8xlHrt6D1cwgbDcz8jVhwMSh7mFYJKKhb2Z8rKCnklqFHfsG6gfPUHRWVtUqHTQXcIER92Gn6alNmSVNgioJws8DhdPv6SV72e4QfAoDyvYZ_B06hPbEjgEsCPIPUcGrKjaV_wnYDruqnJbKzhPW2rmvrYqWar7qtgNUqX0_8icamBfultuF_2XS4AG0s2Kz32_FDZbE7ac_1ZR0l7ADEX1jM1u4bVG1n4XRO7YVVcVLxRVSiVB0-_g8WdfJrT_YJzHD_9B-yKCHMmoHJPsOLlhlj1JAefHiAwmSHlxKmUzjO8Hu4VxyXdSteh2Wtn_hvai8LiYgQ2hQSTzzew1JE59jJnwfd5p5lmH--cxjzT3697qSFvnzhka5xWuezq791SeXd-5MuXEzTyj4b7K_A4MrkNCcfIQrz5KRuXiLWBbHcShvM84O-USwYuxytI2MS5903n4a3Dl5M-La03F27Tv5I09Yi81xOP4bW_QdXovsNqMHGJbqioJLyJ5TG4KjUuKICZTIRSPa6ncpzUm-CsihnqulHVX1JeT5Eb0eNZxIx_S9tG9xtdacFAf53Ps7ec1i_Vz-sWhUBW1Bj_juufp5tOZ9q_Jg9YbNhZRXZ99VVrK-A18R_YXcQ3ujCP_MyvC3WOzOWLcbcDoBq0mRUMyTYXHRtMGesUuZd55GxoPKfiuvkqYOFAQ3xbxXy8jMwdXWOmpIAfnnAZQEv44r_1joJrmDWzwAmql19XlngPwofdqvcBAVfgomLpPWMDZwnmQwwQxzv28DexoNqEL3SkrR-8gq9mbTNf2WdFBmCtRjpzCtNWn5ree8qAiqv8z4OUhXTuz6easQ1isl7UZJKTJf-rAQzgEnOAWVfCjGZO1SGw_KaxFtU8qY3i1vIAQTSnibjcq0QxJYFeQHNOwjlNzcJLZTzCpPGgyxkQPQf-phh0muHsBA17dExkHxHMkNeRK8MFbp5-zIYwCjyW_p1U8K_LrJwhIYFy7fbYx8bG_3CmXi6hvLSYf_Iz8aCeDhv5KrHDBEjEOwQ796PfOPaZ8zbZwktNk2HdQ01TNXr1u0Y2JgksgSiFFslA0WMtRjJGOhls9OoWHtBcQiOhh3ZaYxYiK-drk9e1hNTF-p24beL5y6PzzTVIJzX2zKIhIJBqjTQBt9ZIFOWAhAbdYAWOWUDsjNf8Z7CehhmfKYeldPtU_4ySK-ASxmgTzbn_i6V3ozy_S-CpOLibz-3k9MIV0kigc7Wfz9vXjl7k_qR75jr9ahIvV1fkq0yxaO7OsIKiJknQCaB55Xw-mEPt0RzDfhNXqm5s6O8rgtDw25-reAsCOaBi6LX9yhOBeVy65y0ZMsPJk9jfGZNXGDLOqMaZusKSy-W_BvAyLL4kdJF429tU6jW_Udm_nx8nJeH0BIK_w3lFlggBT-gqgufbQ7ciaV62Y_ZfBdrYIjtb_Y3zJBCx0ZDAGzlpfWrEl75WoEuEbnoc8-57ueDZ7LFOjIGk4nzCzxgw80Srj5ZC1jpYpVbgyg&cid=CAASFeRoGFzwVeDlHHL2ykUrsJyJn0uXVQ&rfl=1%2Chttps%253A%252F%252Fthedailyblog.co.nz%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:33:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:33:41 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A3FD 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 08:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41357
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 30 Nov 2022 08:11:57 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8991 22 KB
8 KB 39ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 30 Nov 2021 16:54:31 GMT
expires: Wed, 30 Nov 2022 16:54:31 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK npoee1nv94vs Show response
hal9000.redintelligence.net/zone/ Frame A3FD 11 KB
4 KB 44ms
12ms Script
text/html 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/npoee1nv94vs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx_VWX6mYZfRGdT77_UP4ZWb2AW1zfmDV8zeuavlDPAuEAEgot_RIGCV4pCCoAfIAQmpAmYnJL0kGLM-qAMBqgSVAk_QjBFRaOyzgJEFGaWJT8MHU7rtDJoNO4x2M7FyTNr9xoJKDNf01bESOtc5XgABprp7MWmDuywHMd0Y-hu_BP5SQllelbpEY87Eb5_dfUaZzwfVyExzoCGMHCBV6UyeBuWXJDfrQ-kxqrBakg_fPab7QebSoBvbuHQWRz3YA4r2bhb8LKf0tnLddoySNaz93z_9a2PShTFcIXHGH3K89x2JoV44RiVL5873J44KaV7lXDTlpOCHkFdFX89fysqHQDW7tUGdgYJAVatJH1VOkAhWWM-7OWW-SRy0n9eyUHP7_w2LoQkM_katdtaq9TJv7zP4g5CuUTJ9ThOpOCMVm1J09NrwwsIUNGQ7wk7JYfIMT3JQSDrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGFzwVeDlHHL2ykUrsJyJn0uXVQ%26sig%3DAOD64_36S9c5P60ZlcXY2OdneLZrHouSlQ%26client%3Dca-pub-6251155607275344%26dbm_c%3DAKAmf-AIgCa81hBlCWZC2L3hR3oUvKkjTADJAu00KFkKrVUKStzAqxe-xUgHsHQRAP5A8NrIPv0PhR9zKbE1uwrGiJjdQcdXq9ZUbhhkusgnU-voGtZ2cnHIpFD9jivdtArn225bYFSgNceHuPv5waYTWvnmnUt4yg%26cry%3D1%26dbm_d%3DAKAmf-A3N0EXQ2HtuJl2Mybsp0qXvcFBMcvEhZOh-uB2oUxjKElNas9PAIUvvCclepZ9wdoiNMiOH4qTY66cFxhA0T-4DS8eJ5c7bnGeaJP90_Aa-5RZO8ABdrwD8GpTbp9bgo0_lRbk4i-cX5BtHoWiJTqzgW64KpLuvuvGy-hlKHJ6zWPtxbMeEtjjwJylUrjr0-c0QuMfy1fL9IfGzduoTqFEtwPswD9Fk_Hh2VaR4_fNSkLO4JGcvDq7ZPHqgzz4WW-ojhzfIOnLj1y6ancfbqPT1tsaQoupSB4OeXAjKju2IhsceDunG81G7c_RG91ct1n16DUrdHEhWAvRfEiZtcA3M6aoX-1Cw-sxKfbDtOuypfUNEa6xBMPLEMGekJqCzxQFqWznobm2b21Bk6dy95OUsAbJS_ZNvrdGQGb4oDisTMoDZe1KmZMwtX4q3o8lte0UwriC%26adurl%3D
Requested by: Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: beb5c0640cf41c5bdd5d61aa7abc2d847a9fa97d6df69c1e6eed3631e8ef8255

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 19:41:14 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3941
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

request.php Show response
hal90002.redintelligence.net/ Frame A3FD
Redirect Chain

https://hal90002.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=33378dbaaf&subid=&uid=261f6f7dfdb32c77&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90002.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=33378dbaaf&subid=&uid=261f6f7dfdb32c77&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

112ms
90ms

Script
application/x-javascript

46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=33378dbaaf&subid=&uid=261f6f7dfdb32c77&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx_VWX6mYZfRGdT77_UP4ZWb2AW1zfmDV8zeuavlDPAuEAEgot_RIGCV4pCCoAfIAQmpAmYnJL0kGLM-qAMBqgSVAk_QjBFRaOyzgJEFGaWJT8MHU7rtDJoNO4x2M7FyTNr9xoJKDNf01bESOtc5XgABprp7MWmDuywHMd0Y-hu_BP5SQllelbpEY87Eb5_dfUaZzwfVyExzoCGMHCBV6UyeBuWXJDfrQ-kxqrBakg_fPab7QebSoBvbuHQWRz3YA4r2bhb8LKf0tnLddoySNaz93z_9a2PShTFcIXHGH3K89x2JoV44RiVL5873J44KaV7lXDTlpOCHkFdFX89fysqHQDW7tUGdgYJAVatJH1VOkAhWWM-7OWW-SRy0n9eyUHP7_w2LoQkM_katdtaq9TJv7zP4g5CuUTJ9ThOpOCMVm1J09NrwwsIUNGQ7wk7JYfIMT3JQSDrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGFzwVeDlHHL2ykUrsJyJn0uXVQ%26sig%3DAOD64_36S9c5P60ZlcXY2OdneLZrHouSlQ%26client%3Dca-pub-6251155607275344%26dbm_c%3DAKAmf-AIgCa81hBlCWZC2L3hR3oUvKkjTADJAu00KFkKrVUKStzAqxe-xUgHsHQRAP5A8NrIPv0PhR9zKbE1uwrGiJjdQcdXq9ZUbhhkusgnU-voGtZ2cnHIpFD9jivdtArn225bYFSgNceHuPv5waYTWvnmnUt4yg%26cry%3D1%26dbm_d%3DAKAmf-A3N0EXQ2HtuJl2Mybsp0qXvcFBMcvEhZOh-uB2oUxjKElNas9PAIUvvCclepZ9wdoiNMiOH4qTY66cFxhA0T-4DS8eJ5c7bnGeaJP90_Aa-5RZO8ABdrwD8GpTbp9bgo0_lRbk4i-cX5BtHoWiJTqzgW64KpLuvuvGy-hlKHJ6zWPtxbMeEtjjwJylUrjr0-c0QuMfy1fL9IfGzduoTqFEtwPswD9Fk_Hh2VaR4_fNSkLO4JGcvDq7ZPHqgzz4WW-ojhzfIOnLj1y6ancfbqPT1tsaQoupSB4OeXAjKju2IhsceDunG81G7c_RG91ct1n16DUrdHEhWAvRfEiZtcA3M6aoX-1Cw-sxKfbDtOuypfUNEa6xBMPLEMGekJqCzxQFqWznobm2b21Bk6dy95OUsAbJS_ZNvrdGQGb4oDisTMoDZe1KmZMwtX4q3o8lte0UwriC%26adurl%3D&documentReferer=https%3A%2F%2Fthedailyblog.co.nz%2F&ancestorOrigins=https%3A%2F%2Fthedailyblog.co.nz&random=5616217258290&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 8a4976aaa552e4588ae56d635078948327444020525c1a4a73a4eb24a5f49622

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 19:41:14 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 43926000204209700710616011794002
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1306
Expires: Tue, 30 Nov 2021 19:41:14 +0100

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 19:41:14 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=33378dbaaf&subid=&uid=261f6f7dfdb32c77&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx_VWX6mYZfRGdT77_UP4ZWb2AW1zfmDV8zeuavlDPAuEAEgot_RIGCV4pCCoAfIAQmpAmYnJL0kGLM-qAMBqgSVAk_QjBFRaOyzgJEFGaWJT8MHU7rtDJoNO4x2M7FyTNr9xoJKDNf01bESOtc5XgABprp7MWmDuywHMd0Y-hu_BP5SQllelbpEY87Eb5_dfUaZzwfVyExzoCGMHCBV6UyeBuWXJDfrQ-kxqrBakg_fPab7QebSoBvbuHQWRz3YA4r2bhb8LKf0tnLddoySNaz93z_9a2PShTFcIXHGH3K89x2JoV44RiVL5873J44KaV7lXDTlpOCHkFdFX89fysqHQDW7tUGdgYJAVatJH1VOkAhWWM-7OWW-SRy0n9eyUHP7_w2LoQkM_katdtaq9TJv7zP4g5CuUTJ9ThOpOCMVm1J09NrwwsIUNGQ7wk7JYfIMT3JQSDrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGFzwVeDlHHL2ykUrsJyJn0uXVQ%26sig%3DAOD64_36S9c5P60ZlcXY2OdneLZrHouSlQ%26client%3Dca-pub-6251155607275344%26dbm_c%3DAKAmf-AIgCa81hBlCWZC2L3hR3oUvKkjTADJAu00KFkKrVUKStzAqxe-xUgHsHQRAP5A8NrIPv0PhR9zKbE1uwrGiJjdQcdXq9ZUbhhkusgnU-voGtZ2cnHIpFD9jivdtArn225bYFSgNceHuPv5waYTWvnmnUt4yg%26cry%3D1%26dbm_d%3DAKAmf-A3N0EXQ2HtuJl2Mybsp0qXvcFBMcvEhZOh-uB2oUxjKElNas9PAIUvvCclepZ9wdoiNMiOH4qTY66cFxhA0T-4DS8eJ5c7bnGeaJP90_Aa-5RZO8ABdrwD8GpTbp9bgo0_lRbk4i-cX5BtHoWiJTqzgW64KpLuvuvGy-hlKHJ6zWPtxbMeEtjjwJylUrjr0-c0QuMfy1fL9IfGzduoTqFEtwPswD9Fk_Hh2VaR4_fNSkLO4JGcvDq7ZPHqgzz4WW-ojhzfIOnLj1y6ancfbqPT1tsaQoupSB4OeXAjKju2IhsceDunG81G7c_RG91ct1n16DUrdHEhWAvRfEiZtcA3M6aoX-1Cw-sxKfbDtOuypfUNEa6xBMPLEMGekJqCzxQFqWznobm2b21Bk6dy95OUsAbJS_ZNvrdGQGb4oDisTMoDZe1KmZMwtX4q3o8lte0UwriC%26adurl%3D&documentReferer=https%3A%2F%2Fthedailyblog.co.nz%2F&ancestorOrigins=https%3A%2F%2Fthedailyblog.co.nz&random=5616217258290&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Tue, 30 Nov 2021 19:41:14 +0100

GET
H3 200 Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8991 35 KB
13 KB 81ms
37ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 18:29:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13476
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Nov 2022 18:29:59 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 73BD
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=43926000204209700710616011794002&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=43926000204209700710616011794002&actionid=731824&produktid=businessgiro&dt_url=

0
629 B

173ms
130ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=43926000204209700710616011794002&actionid=731824&produktid=businessgiro&dt_url=

Requested by

Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=33378dbaaf&subid=&uid=261f6f7dfdb32c77&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx_VWX6mYZfRGdT77_UP4ZWb2AW1zfmDV8zeuavlDPAuEAEgot_RIGCV4pCCoAfIAQmpAmYnJL0kGLM-qAMBqgSVAk_QjBFRaOyzgJEFGaWJT8MHU7rtDJoNO4x2M7FyTNr9xoJKDNf01bESOtc5XgABprp7MWmDuywHMd0Y-hu_BP5SQllelbpEY87Eb5_dfUaZzwfVyExzoCGMHCBV6UyeBuWXJDfrQ-kxqrBakg_fPab7QebSoBvbuHQWRz3YA4r2bhb8LKf0tnLddoySNaz93z_9a2PShTFcIXHGH3K89x2JoV44RiVL5873J44KaV7lXDTlpOCHkFdFX89fysqHQDW7tUGdgYJAVatJH1VOkAhWWM-7OWW-SRy0n9eyUHP7_w2LoQkM_katdtaq9TJv7zP4g5CuUTJ9ThOpOCMVm1J09NrwwsIUNGQ7wk7JYfIMT3JQSDrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGFzwVeDlHHL2ykUrsJyJn0uXVQ%26sig%3DAOD64_36S9c5P60ZlcXY2OdneLZrHouSlQ%26client%3Dca-pub-6251155607275344%26dbm_c%3DAKAmf-AIgCa81hBlCWZC2L3hR3oUvKkjTADJAu00KFkKrVUKStzAqxe-xUgHsHQRAP5A8NrIPv0PhR9zKbE1uwrGiJjdQcdXq9ZUbhhkusgnU-voGtZ2cnHIpFD9jivdtArn225bYFSgNceHuPv5waYTWvnmnUt4yg%26cry%3D1%26dbm_d%3DAKAmf-A3N0EXQ2HtuJl2Mybsp0qXvcFBMcvEhZOh-uB2oUxjKElNas9PAIUvvCclepZ9wdoiNMiOH4qTY66cFxhA0T-4DS8eJ5c7bnGeaJP90_Aa-5RZO8ABdrwD8GpTbp9bgo0_lRbk4i-cX5BtHoWiJTqzgW64KpLuvuvGy-hlKHJ6zWPtxbMeEtjjwJylUrjr0-c0QuMfy1fL9IfGzduoTqFEtwPswD9Fk_Hh2VaR4_fNSkLO4JGcvDq7ZPHqgzz4WW-ojhzfIOnLj1y6ancfbqPT1tsaQoupSB4OeXAjKju2IhsceDunG81G7c_RG91ct1n16DUrdHEhWAvRfEiZtcA3M6aoX-1Cw-sxKfbDtOuypfUNEa6xBMPLEMGekJqCzxQFqWznobm2b21Bk6dy95OUsAbJS_ZNvrdGQGb4oDisTMoDZe1KmZMwtX4q3o8lte0UwriC%26adurl%3D&documentReferer=https%3A%2F%2Fthedailyblog.co.nz%2F&ancestorOrigins=https%3A%2F%2Fthedailyblog.co.nz&random=5616217258290&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Schwaig, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Tue, 30 Nov 2021 08:41:14 GMT
server: Microsoft-IIS/10.0
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Tue, 30 Nov 2021 19:41:13 GMT
content-length: 0

Redirect headers

Server: nginx/1.17.5
Date: Tue, 30 Nov 2021 19:41:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Keep-Alive: timeout=20
X-Powered-By: PHP/7.2.21
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials: true
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=43926000204209700710616011794002&actionid=731824&produktid=businessgiro&dt_url=
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID: B9D59BA5:B416_91EFC182:01BB_61A67E5A_FBA2359:2A262
X-IPLB-Instance: 40028
Cache-control: private

GET
H2 200 / Show response
adv.office-partner.de/ Frame 48D0 930 B
1 KB 142ms
6ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=33378dbaaf&subid=&uid=261f6f7dfdb32c77&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx_VWX6mYZfRGdT77_UP4ZWb2AW1zfmDV8zeuavlDPAuEAEgot_RIGCV4pCCoAfIAQmpAmYnJL0kGLM-qAMBqgSVAk_QjBFRaOyzgJEFGaWJT8MHU7rtDJoNO4x2M7FyTNr9xoJKDNf01bESOtc5XgABprp7MWmDuywHMd0Y-hu_BP5SQllelbpEY87Eb5_dfUaZzwfVyExzoCGMHCBV6UyeBuWXJDfrQ-kxqrBakg_fPab7QebSoBvbuHQWRz3YA4r2bhb8LKf0tnLddoySNaz93z_9a2PShTFcIXHGH3K89x2JoV44RiVL5873J44KaV7lXDTlpOCHkFdFX89fysqHQDW7tUGdgYJAVatJH1VOkAhWWM-7OWW-SRy0n9eyUHP7_w2LoQkM_katdtaq9TJv7zP4g5CuUTJ9ThOpOCMVm1J09NrwwsIUNGQ7wk7JYfIMT3JQSDrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGFzwVeDlHHL2ykUrsJyJn0uXVQ%26sig%3DAOD64_36S9c5P60ZlcXY2OdneLZrHouSlQ%26client%3Dca-pub-6251155607275344%26dbm_c%3DAKAmf-AIgCa81hBlCWZC2L3hR3oUvKkjTADJAu00KFkKrVUKStzAqxe-xUgHsHQRAP5A8NrIPv0PhR9zKbE1uwrGiJjdQcdXq9ZUbhhkusgnU-voGtZ2cnHIpFD9jivdtArn225bYFSgNceHuPv5waYTWvnmnUt4yg%26cry%3D1%26dbm_d%3DAKAmf-A3N0EXQ2HtuJl2Mybsp0qXvcFBMcvEhZOh-uB2oUxjKElNas9PAIUvvCclepZ9wdoiNMiOH4qTY66cFxhA0T-4DS8eJ5c7bnGeaJP90_Aa-5RZO8ABdrwD8GpTbp9bgo0_lRbk4i-cX5BtHoWiJTqzgW64KpLuvuvGy-hlKHJ6zWPtxbMeEtjjwJylUrjr0-c0QuMfy1fL9IfGzduoTqFEtwPswD9Fk_Hh2VaR4_fNSkLO4JGcvDq7ZPHqgzz4WW-ojhzfIOnLj1y6ancfbqPT1tsaQoupSB4OeXAjKju2IhsceDunG81G7c_RG91ct1n16DUrdHEhWAvRfEiZtcA3M6aoX-1Cw-sxKfbDtOuypfUNEa6xBMPLEMGekJqCzxQFqWznobm2b21Bk6dy95OUsAbJS_ZNvrdGQGb4oDisTMoDZe1KmZMwtX4q3o8lte0UwriC%26adurl%3D&documentReferer=https%3A%2F%2Fthedailyblog.co.nz%2F&ancestorOrigins=https%3A%2F%2Fthedailyblog.co.nz&random=5616217258290&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/

Response headers

server: keycdn-engine
date: Tue, 30 Nov 2021 19:41:14 GMT
content-type: text/html
content-length: 930
last-modified: Thu, 06 May 2021 15:37:28 GMT
etag: "3a2-5c1ab16ba8ac4"
expires: Tue, 07 Dec 2021 19:41:14 GMT
cache-control: max-age=604800
link: <http://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
x-cache: HIT
x-edge-location: defr
access-control-allow-origin: *
accept-ranges: bytes

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame A3FD 1 KB
2 KB 218ms
111ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=43926000204209700710616011794002&nw=1
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 0fc1c182ca4b639cf2e6b8a1172c6e00f7c597e5d24ff191268f8f542104dfc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 19:41:14 GMT
Last-Modified: Tue, 30 Nov 2021 19:41:14 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1233
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

activityi;dc_pre=CITK_uvrwPQCFcREHQkddTYD6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395 Show response
8019191.fls.doubleclick.net/ Frame 6BFA
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CITK_uvrwPQCFcREHQkddTYD6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395?

392 B
346 B

115ms
66ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CITK_uvrwPQCFcREHQkddTYD6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395?

Requested by

Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

5715ccce357c101474624bcb4f6950296f7db5d10d650939b01dfc4e6e759e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 30 Nov 2021 19:41:14 GMT
expires: Tue, 30 Nov 2021 19:41:14 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 323
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 30 Nov 2021 19:41:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CITK_uvrwPQCFcREHQkddTYD6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal90002.redintelligence.net/ Frame 182D 7 KB
2 KB 33ms
11ms Document
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request_content.php?s=43926000204209700710616011794002&a=14753bce
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=33378dbaaf&subid=&uid=261f6f7dfdb32c77&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGx_VWX6mYZfRGdT77_UP4ZWb2AW1zfmDV8zeuavlDPAuEAEgot_RIGCV4pCCoAfIAQmpAmYnJL0kGLM-qAMBqgSVAk_QjBFRaOyzgJEFGaWJT8MHU7rtDJoNO4x2M7FyTNr9xoJKDNf01bESOtc5XgABprp7MWmDuywHMd0Y-hu_BP5SQllelbpEY87Eb5_dfUaZzwfVyExzoCGMHCBV6UyeBuWXJDfrQ-kxqrBakg_fPab7QebSoBvbuHQWRz3YA4r2bhb8LKf0tnLddoySNaz93z_9a2PShTFcIXHGH3K89x2JoV44RiVL5873J44KaV7lXDTlpOCHkFdFX89fysqHQDW7tUGdgYJAVatJH1VOkAhWWM-7OWW-SRy0n9eyUHP7_w2LoQkM_katdtaq9TJv7zP4g5CuUTJ9ThOpOCMVm1J09NrwwsIUNGQ7wk7JYfIMT3JQSDrABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKAZgLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoGFzwVeDlHHL2ykUrsJyJn0uXVQ%26sig%3DAOD64_36S9c5P60ZlcXY2OdneLZrHouSlQ%26client%3Dca-pub-6251155607275344%26dbm_c%3DAKAmf-AIgCa81hBlCWZC2L3hR3oUvKkjTADJAu00KFkKrVUKStzAqxe-xUgHsHQRAP5A8NrIPv0PhR9zKbE1uwrGiJjdQcdXq9ZUbhhkusgnU-voGtZ2cnHIpFD9jivdtArn225bYFSgNceHuPv5waYTWvnmnUt4yg%26cry%3D1%26dbm_d%3DAKAmf-A3N0EXQ2HtuJl2Mybsp0qXvcFBMcvEhZOh-uB2oUxjKElNas9PAIUvvCclepZ9wdoiNMiOH4qTY66cFxhA0T-4DS8eJ5c7bnGeaJP90_Aa-5RZO8ABdrwD8GpTbp9bgo0_lRbk4i-cX5BtHoWiJTqzgW64KpLuvuvGy-hlKHJ6zWPtxbMeEtjjwJylUrjr0-c0QuMfy1fL9IfGzduoTqFEtwPswD9Fk_Hh2VaR4_fNSkLO4JGcvDq7ZPHqgzz4WW-ojhzfIOnLj1y6ancfbqPT1tsaQoupSB4OeXAjKju2IhsceDunG81G7c_RG91ct1n16DUrdHEhWAvRfEiZtcA3M6aoX-1Cw-sxKfbDtOuypfUNEa6xBMPLEMGekJqCzxQFqWznobm2b21Bk6dy95OUsAbJS_ZNvrdGQGb4oDisTMoDZe1KmZMwtX4q3o8lte0UwriC%26adurl%3D&documentReferer=https%3A%2F%2Fthedailyblog.co.nz%2F&ancestorOrigins=https%3A%2F%2Fthedailyblog.co.nz&random=5616217258290&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: f8fcaf54764f74d91dcdad1570ed73d9746d389f6bd46767bc1ce6d2a575bd42

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/

Response headers

Date: Tue, 30 Nov 2021 19:41:14 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 30 Nov 2021 19:41:14 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2047
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame A3FD
Redirect Chain

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=43926000204209700710616011794002
https://ad-server.eu/wm/pb/native.png

68 B
312 B

172ms
28ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 19:45:43 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Tue, 30 Nov 2021 19:41:14 GMT
Server: nginx/1.19.7
X-IPLB-Request-ID: B9D59BA5:B414_91EFC182:01BB_61A67E5A_FB60DD4:627B
X-Powered-By: PHP/7.2.34
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type: text/html; charset=UTF-8
Location: https://ad-server.eu/wm/pb/native.png
Cache-control: private
Transfer-Encoding: chunked
Keep-Alive: timeout=20

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame A3FD 43 B
704 B 72ms
12ms Image
image/gif 104.92.94.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2601051&v=18332&q=376776&r=296283&pref1=43926000204209700710616011794002&pv=1

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.92.94.3 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-94-3.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 19:41:14 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A3FD 0
0 115ms
70ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=8299265

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A3FD 0
0 113ms
69ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=7468637

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame A3FD 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 631b3dae83647389ba77b86999a8aeaf4e86637c6e3ca966c3c7914beb9317ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8991 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bx1WNWX6mYdSlO8CM7_UP-LWCmAsAAAAAOAHgBAI&bg=!b2ylbCjNAAZQLpa_UC47ACkAdvg8Woi-BmgmIOoiqccZBnBtgnKHnNb_ECsOZl0_FpJbP0Ux_35xcwIAAABDUgAAAApoAQcKAKYhiCba6X4KIvkMy7Q7jN9KVnOOsLSRpBtiruc3T_BVMk8XHhy7R4lB4RkILgJewjWXTpDiPZtKj7GcBtD-2xvrFC9nA0jtFFSHZzXx2G5AeFbhvtudkPXWfcFwhAWnQ6yYYbwUsV8UZcN4nLy89_do70zzJo7smACtJ9neLbY__KwlH0XolmzfN_co0EivwM614aNtOoH8plZKZUFOTpYpLfyOo4pPmQLTPX09rTmxzIq67GQWgfnpsrK3SWMFp-TuFEO5MT6dSv-tIUiUY8esdsCQa7qt-hS_x_syuvrUzv5F2iqi99XNB6tPlGzCKyJOpT8rAgAVg-I4KBM8QiQxzrW3wdj4kbJcSnBFRp7WDWYNEc9HNjeRHZ-JnCYl61UMTsKNzj-9MptjaReaU0B_Z_v8Dx3-eVnGEOru-QV_Lsh1mrui8fLSyFwCUfd67Z43O9JiPSpBXT5f9nwkwSUPyZArX79y7nJFyQiTiPjPp-9CD3FIqogGpv3vsUbaSqDGE9b-OPBQyEe9sorkxolmAKMjgTvX1LuYxGHM4SQmMwfZ5ihwYhkFCghP7Kjw5Wx_sNrClqaXFLGAuxyVeaUEU85FS0twcIMgXI_dmDICWu27i-RptrWosagCZu6aY754YlG95cAkmbUnB04a3BXKJHUgejnHmRCoWHM5u_6jsgQRNchePnBBgFWAtAOkqK3B_RNCt18gLc3B-SD5KeyAeKezaE0ngGEqjj97-fM9cpL8PIc0QeJkBlAsR0vPbnbEV_0YTxtA4uHUs3WWIrHBmvhVm9KkDNUwBLiK30DRZ0i33DDCHnETcQlQzg2F2A02_v4dQMLopHshhE55COJl9-dlgmTRdP7k49YFIYEc-ENijgJ15mRYgDHruwwpEBJsywRFmJnHIsDkNBLnXtPFxJNfUXjV0Bmu0scyjTlsG1RINTK_SkznOzRIxkMdPJ0Y2PpBEqLYMaGDB8Ubj3zS5GT5FLlZ1xe9ucj3GkZK0jYTwstBb9V4MBteATfe3UEG6hs9_gPuvbGY3Sok_lX4HwNMVJ4SGIhu_VSWdYiib5haTKPpvNQzXtWHyTuFE4FDkW_a57DTkFQQQUZjTFJ2reBS7tRbcvN233MN2D88s7V2MF-HYHxphvUAjHfBv223SvFK1ZYTyAZPRGnhnL9_DnBd9iX4So595OqI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 27AE 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 30 Nov 2021 19:41:12 GMT
expires: Wed, 30 Nov 2022 19:41:12 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame 182D 4 KB
649 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=43926000204209700710616011794002&a=14753bce

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 18:05:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Nov 2021 19:41:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Nov 2021 19:41:14 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 182D 16 KB
16 KB 34ms
12ms Image
image/png 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=43926000204209700710616011794002&a=14753bce
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 081a76be5cfc9a0b3d862570c8c3dccca4142348d07ee36b239027fef5d20eef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 19:41:14 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16464
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 182D 16 KB
16 KB 34ms
12ms Image
image/png 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=43926000204209700710616011794002&a=14753bce
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 367066087d5c480312745a1f35b64c2391cb7bb76f1a0da3db9ff669a21b4813

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 19:41:14 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16531
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 182D 15 KB
15 KB 34ms
12ms Image
image/png 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52343/creativesup/1200x627_2.jpg
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=43926000204209700710616011794002&a=14753bce
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: c2fcc178cc00a442c558b4b319cc2a7c3b7a0c0237458d99f4fa91cc1b1e850f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 19:41:14 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 15250
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 548bdb63b969e5c27f75e62faf543d70.js Show response
www.gstatic.com/mysidia/ Frame 27AE 7 KB
3 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/548bdb63b969e5c27f75e62faf543d70.js?tag=client_fast_engine_2019

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541a22e85f3238899f2589d44b9390a8d6d6e193a5d436c10e8ec9ce7b256e76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 21:03:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 599893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3286
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 21 Feb 2022 21:03:01 GMT

GET
H3 200 e896defd9da58cd70544d59688f4a346.js Show response
www.gstatic.com/mysidia/ Frame 27AE 11 KB
5 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e896defd9da58cd70544d59688f4a346.js?tag=pingback

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67e6599b9fd28869eb047c72fd7486c191b54a661ec61accdf9b2de87f246ce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 21:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4792
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 21:25:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 27AE 2 KB
532 B 47ms
45ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 17:53:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Nov 2021 19:41:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Nov 2021 19:41:14 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 27AE 1 KB
890 B 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:40:12 GMT

GET
H3 200 b85b9965a6c1d8af98ff0fb9e6466ad8.js Show response
www.gstatic.com/mysidia/ Frame 27AE 6 KB
2 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b85b9965a6c1d8af98ff0fb9e6466ad8.js?tag=analytics_pingback_2019

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64e62b6ed84c308d8011efc4a92b313480ca230a7c2df6e3992aec36d300de37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 17:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2518
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 28 Feb 2022 17:02:58 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 27AE 19 KB
8 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:39:58 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 27AE 2 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:40:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 27AE 119 KB
36 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 19:41:14 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 27AE 15 KB
6 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:40:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:40:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 27AE 0
0 45ms
44ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMJC-3C3SM09Jx57OGnaDY-hp3J22wk6slSJ4nFEl-NlkWVokddkZSF_3VjhqzeVWQeQVRJA5B44c7uLzxSGC-Fkld1w
Requested by: Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame 27AE 27 KB
11 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 28 Feb 2022 16:53:57 GMT

GET
H/1.1 200
OK viewability Show response
hal90002.redintelligence.net/ Frame 182D 0
150 B 34ms
12ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/viewability?s=43926000204209700710616011794002&a=eb2457ed&vb=m
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=43926000204209700710616011794002&a=14753bce
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/request_content.php?s=43926000204209700710616011794002&a=14753bce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 19:41:14 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 182D 13 KB
13 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90002.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 21:39:33 GMT
x-content-type-options: nosniff
age: 79301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13072
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:17:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 29 Nov 2022 21:39:33 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 182D 13 KB
13 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90002.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 14:56:27 GMT
x-content-type-options: nosniff
age: 535487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13080
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 14:56:27 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 27AE 36 KB
37 KB 54ms
39ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRd13SC1clhMLOj4YxmrM8oBL0hCiRom02wDiTp_0BQVTosTvSpCucWCPL8fg&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c03055751bda88bf3b63a684f4ac960d54dfe1ec6d2bf80932e579ab0051c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 28 Nov 2021 10:24:44 GMT
x-content-type-options: nosniff
age: 206190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37159
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 02:37:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 28 Nov 2022 10:24:44 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 27AE 30 KB
31 KB 144ms
42ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTd9Q6p4ZhSzXw4sztVjxEBPELSGXJBGSgs-4nfFuh-JiBw3xRjRgaLiuIpqYI&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cd7a95730591cfef472bb448ede01d404fb9342555cbc6246bebff399477622

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 18:08:49 GMT
x-content-type-options: nosniff
age: 264745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31137
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 13:24:46 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 27 Nov 2022 18:08:49 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 27AE 34 KB
34 KB 216ms
114ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQEp6AXW5C2GAVO21Jej8CGlyGWUq5OithbBOtfZaL63SUsFw&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf199d1c59dbe0ebb318374f67f7e5c1c55b0f82e179b1978774c3583d35b4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:04:30 GMT
x-content-type-options: nosniff
age: 448604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35114
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 10:05:09 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 25 Nov 2022 15:04:30 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 27AE 23 KB
24 KB 138ms
40ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTboPqCfNfjk9GFD8Ej7J-69eK3yb5MU5HpMzJCRyzs18jvu801_QbPgpdmBd4&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fd819fb7acd22b23e4fb5b8029ff301a74c7d9803aa8a1f5c5c50bb1aac7eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 04:41:16 GMT
x-content-type-options: nosniff
age: 572398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23741
x-xss-protection: 0
last-modified: Sun, 13 Jun 2021 11:14:48 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Nov 2022 04:41:16 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 27AE 28 KB
28 KB 92ms
78ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRZNjk66jSeq1z379lMrn4LsQ-47BIhchl5O8pEDk34u_fCx5u_gBeJPh8xRA&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8ddfc546b9bc7954137e92e16a27d0d980607b37194229312b2f89496dfccc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 13:56:06 GMT
x-content-type-options: nosniff
age: 539108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28455
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 08:34:22 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Nov 2022 13:56:06 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 27AE 20 KB
20 KB 192ms
91ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSqifwUnYJ8iWnfVqFyamd_hSNkvB4NUlDaLimd-aaKeaWAcPYIJu6-fRDWVig&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8607e1dba8e292c8dcd8bbb94e341f726b410cf61fa1bccf5dc3637b79b1b02e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 20:09:13 GMT
x-content-type-options: nosniff
age: 430321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
x-xss-protection: 0
last-modified: Fri, 20 Nov 2020 23:37:34 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 25 Nov 2022 20:09:13 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 27AE 21 KB
21 KB 237ms
136ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcS5av6GPv5JuCOK_krvk21ZXtjWqd1C9lJPaoR-xXqZvjAiSdCZAEk4QJ4qqxw&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f31ca53bcf23097920090516e35a88f95d38c2bf3170e0e209e6383df25031f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 15:59:40 GMT
x-content-type-options: nosniff
age: 13294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21694
x-xss-protection: 0
last-modified: Sat, 26 Dec 2020 07:30:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 30 Nov 2022 15:59:40 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 27AE 25 KB
25 KB 75ms
62ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRqbeC0nADzhNXLhwi4M0ZgZ_9-SVnsalYq9l9nKRnEISwH6hzKrqC2WlCl5sU&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1095cbc869aa37c70e64e526342033b0260704548ef331cf1cf218f427a144bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 13:44:25 GMT
x-content-type-options: nosniff
age: 21409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25733
x-xss-protection: 0
last-modified: Fri, 27 Nov 2020 08:40:35 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 30 Nov 2022 13:44:25 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 27AE 9 KB
9 KB 250ms
149ms Image
image/png 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRtRC4Dlp5T4P_vZELKblL49j1Uo4XLl2Oj16PJeZjRuag2vnTR&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81ab60093a572306ea4faeb5763d2640593e2f9960ed82b0a231cc75db9953bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 09:55:02 GMT
x-content-type-options: nosniff
age: 553572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8961
x-xss-protection: 0
last-modified: Fri, 10 Jul 2020 08:37:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Nov 2022 09:55:02 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 27AE 0
0 82ms
82ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEGmHWX6mYaiaMLTX7_UPtMOKmAHo0-7oZoH8lfWdDtrK3cXZKRABIKLf0SBgleKQgqAHoAHrzcH7AcgBCeACAKgDAcgDmwSqBKkCT9ABfXST8k7I6YGtM0f6pQwUcmj2ZxZaOAoue4udHlXicQPscEuwRFMQ08DTj_N628YUy8iKzuK4OlbDwL79gFVwo9dO9Ii5CW3yri8-uEA1U_sxcplxVsSp7beDk5CCeQqo66zEQsCN6zItlHw27oAFXAiu7bKEQO4p7HWSS2awRQrcW4r8CoANdRZj0r-PNdK0Tko7P-Fc2NgNYmhpibEmCjS8hT0E4WrNxc6JbyPw5Hfx7uPF-T2ls2Ec_cEqk-W5zqm27irUiH4_MyZx-56YTLJjDoqqJgXZqs1dLlr-4AP4jGTgvNVJFb-zz3vjwqEa0ujdlUTKNlNXVXRFP4oArBgcd5THHuOA_B0katuUizB8HLuUUu5fyI-l8MVidVoOZZsBdAHDwASr9OTu5gPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHze2u5wKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQ8-ID0ggJCIjhgBAQARgdgAoByAsB2BMO0BUBgBcBshceChwIABIUcHViLTYyNTExNTU2MDcyNzUzNDQY8vQU&sigh=WZjV-klwePo&uach_m=[UACH]&template_id=494
Requested by: Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 48D0 81 KB
31 KB 96ms
49ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d53996bb9cbdd1c2856522faccc16250a296942fecc92f8dde81109c7547aa7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32169
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 Nov 2021 19:41:14 GMT

GET
DATA 200
OK truncated
/ Frame 27AE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3711272b4e0b88a53fd70a9833516e0df726443df4d5303e85d31de28d6a1fae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame A3FD 51 KB
51 KB 49ms
9ms Script
application/javascript 18.66.248.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=43926000204209700710616011794002&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 52109
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 30 Nov 2021 05:12:46 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: gtd6exl6-GLl0tYZs5hjH4N2cU5otR9KyXPZ0srqxa2dAZc23Od5OQ==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame A3FD 3 KB
3 KB 76ms
29ms Image
image/png 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=20132000203074000710616011794022&wglinkid=2513145
Requested by: Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 19:41:14 GMT
Last-Modified: Tue, 30 Nov 2021 19:41:14 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Content-Length: 2808
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 dc_pre=CITK_uvrwPQCFcREHQkddTYD6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395
adservice.google.com/ddm/fls/z/ Frame 6BFA 42 B
63 B 121ms
75ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CITK_uvrwPQCFcREHQkddTYD6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CITK_uvrwPQCFcREHQkddTYD6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2794780153201.4395?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 27AE 0
20 B 70ms
70ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgcIByoDd2ViCgcICCoDbHRyChEIASoNdG93ZXIyLXNxdWFyZQoKCAIqBnNlcnZlcgotCAQqKW15c2lkaWFfYW5hbHl0aWNzX2V4cDMscmRhX3B1Yl9jbG9zZV90ZXh0Cg0QKyEAAAAAAAA4QDAECg0QAyEAAAAwM5NfQDAECg0QCiEAAAAAzcz8PzAECg0QDSEAAAAAAAAAADAECg0QHioHMzAweDYwMDAECg0QGSoHMzAweDYwMDAECg0QDiEAAAAAAAAAADAECg0QBCEAAABmZhZgQDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAAA8QDAECg0QBSEAAACYmRlgQDAECg0QECEAAAAAAKCqQDAECg0QESEAAAAAgAPNQDAECg0QEiEAAAAAAAAUQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAAAyM6NiQDAEEhpDT2lxMXV2cndQUUNGYlRydXdnZHRLRUNFdyISZ3BhL21heGltYWxfdjFfb2NoKAw=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e896defd9da58cd70544d59688f4a346.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B6F2 42 B
64 B 70ms
69ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3uPTOkKODuOcW7YwkLzMbhJg4cjG6Ak-W337jbRDEBtYx6UhkZYYtIQDmh7LUqyAHVtF3PaZ5hszDIwqAIfFedFdO5et3j9SO59IEcX5lNXqE3xjI&sig=Cg0ArKJSzApxVeUpg2_TEAE&id=lidar2&mcvt=1000&p=56,606,146,1334&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3305512707&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638301273560&rpt=156&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 27AE 20 KB
20 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 09:49:59 GMT
x-content-type-options: nosniff
age: 553875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 09:49:59 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 51ms
50ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47869a51a42b38b3af59eabcb26553fea0373fa1e0a6155e2a1ed11d2ecfbd7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 19:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9232
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 30 Nov 2021 19:41:14 GMT

GET
H3 200 container.html Show response
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B756 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 30 Nov 2021 19:41:12 GMT
expires: Wed, 30 Nov 2022 19:41:12 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A1F2 12 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 30 Nov 2021 19:17:14 GMT
expires: Wed, 30 Nov 2022 19:17:14 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DC6B 783 B
535 B 47ms
47ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9be859d5d10da790bbc506d3987dceb1dbd9b7f9210d9fa0abec298e58893275

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PbVGc/1jK+elk9LrkADh7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 30 Nov 2021 19:41:14 GMT
date: Tue, 30 Nov 2021 19:41:14 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-PbVGc/1jK+elk9LrkADh7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame B756 2 KB
532 B 47ms
47ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 17:45:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Nov 2021 19:41:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Nov 2021 19:41:14 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B756 1 KB
890 B 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:40:12 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B756 0
0 80ms
80ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C83oKWn6mYbHIEZmf7_UPuYyluAvBjK3qZtz5l-yBDtrK3cXZKRABIKLf0SBgleKQgqAHoAHrzcH7AcgBCeACAKgDAcgDmwSqBJ0CT9BY-6zGBYS_awFUgbsiJ1MlmDRmL9JEQtMz_RKDhXApqyefeKKKkWZuXT3ivnBBAjG5ZgjrygDB_AIjPHtUQKfS-C6ojmEhuvb0PY2UqM08SL6IU_I_rUnfcIocUFPx-qfry_32PELGoqj9Wn2WePQKppAQWLrwLc7KdXmnEXwuw0vLiPGZM1Sw09u44VknzYCi_2yaI8j5a1FEEoju8ujEgpwV0Q1tb0rempZTlFj65ohv5ttPfp8GWyLeCwx1TPGD8i-JZ_k0YiNjmDBYP7nmbWc26lmhpcb6z-1nP0bhvDAHQn0Q8tC8A4vDErDF6mLf7C-X3W8ms__ZLBm4jiPsuQP6PP3ZPS46tQ0KTkUfwe-0Ual9ad0AmkxXwATB78f61QPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHze2u5wKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQ1bwE0ggJCIjhgBAQARgdgAoByAsB2BMO0BUBgBcBshceChwIABIUcHViLTYyNTExNTU2MDcyNzUzNDQY8vQU&sigh=6jbzEGERs_0&uach_m=[UACH]&template_id=494
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame B756 19 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:39:58 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B756 2 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:40:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B756 119 KB
36 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 19:41:14 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame B756 15 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:40:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:40:44 GMT

GET
H3 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame B756 27 KB
11 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 28 Feb 2022 16:53:57 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame B756 27 KB
27 KB 99ms
54ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTknpWYO9yAAr5lIZ8gxgutoXZs2ykLYZE_jOuBiYlbxVKbS2V5495Xel6df1c&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3032aa2e11e011c57a42b15acd7f194bd22b6bcc23a8332c32b12fb7edf6100

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:55:47 GMT
x-content-type-options: nosniff
age: 463527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27202
x-xss-protection: 0
last-modified: Sun, 24 Oct 2021 02:09:11 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 25 Nov 2022 10:55:47 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame B756 20 KB
20 KB 58ms
43ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRi_eIxA3LS_ergiO-2U_ug7qN1SenUphSG3LEwGCCXZVFXfqkDHm6qc_Lbm3w&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f122e1f3ea83bac5fea8db8fdd7af1f80f5bce1570eae99ed71c85ff746e07f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:06:33 GMT
x-content-type-options: nosniff
age: 351281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20767
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 10:38:42 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 26 Nov 2022 18:06:33 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame B756 34 KB
34 KB 83ms
40ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSuboKwciQC3d6rLA6QyIyBtgU6uhiFvY-Djis0Li72F_O2OHqEZiNPVLYVE-M&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0af876e881d62be795f61e9546668851e1f8959d1186a1d06e7bade17558f8b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 16:23:22 GMT
x-content-type-options: nosniff
age: 443872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34639
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 08:50:39 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 25 Nov 2022 16:23:22 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame B756 36 KB
36 KB 82ms
37ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRJ5qpl_tTf2vSzS27OZGOGzsbTJ4Bdjrv4Y9_n5k_w1G76rqPjNlXoDA6PQ2g&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c15dc602c7f26db362b306eb32adbfc51a1472752095059b748bc8e3fff59661

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:29:39 GMT
x-content-type-options: nosniff
age: 288695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37076
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 01:35:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 27 Nov 2022 11:29:39 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame B756 15 KB
15 KB 54ms
40ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRM4ApgmkG6fDGe7YMlVC3nZXntVeCfleoae5MT90P4Fl6HVpVNLWvub-J16Q&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b014d8cb57db6f068a5005f39ab92efb138a9c3b11f30016effe7bbd9d4c3ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:11:21 GMT
x-content-type-options: nosniff
age: 520193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15560
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 19:14:33 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Nov 2022 19:11:21 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame B756 19 KB
19 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTQx82cxGXhMUT6QUydhZh5a5ZhrWRQvqeDHKoIA5ozgJossRfk77EI_RBeZg&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a80193f67e5045f2bb3bd3f002cdddd1a0ed75889381a590ff8379a57afba564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:00:56 GMT
x-content-type-options: nosniff
age: 13218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 11:20:17 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 30 Nov 2022 16:00:56 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame B756 9 KB
9 KB 79ms
36ms Image
image/png 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRtRC4Dlp5T4P_vZELKblL49j1Uo4XLl2Oj16PJeZjRuag2vnTR&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81ab60093a572306ea4faeb5763d2640593e2f9960ed82b0a231cc75db9953bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 09:55:02 GMT
x-content-type-options: nosniff
age: 553572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8961
x-xss-protection: 0
last-modified: Fri, 10 Jul 2020 08:37:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Nov 2022 09:55:02 GMT

GET
H3 200 Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response
pagead2.googlesyndication.com/bg/ Frame A1F2 35 KB
13 KB 40ms
37ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 18:29:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13476
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Nov 2022 18:29:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DC6B 0
0 86ms
85ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111701&jk=2771262642247056&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 27AE 0
20 B 70ms
69ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e896defd9da58cd70544d59688f4a346.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame CD20 28 B
54 B 50ms
49ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/mG3nm_a0D0U
X-YouTube-Client-Version: 1.20211121.00.02
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs0T0JlTVFJaXkyNCjX_JmNBg%3D%3D
X-YouTube-Ad-Signals: dt=1638301272338&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C250%2C141&vis=1&wgl=true&ca_type=image&bid=ANyPxKrlQ2k6MXO5mhKiQA-m6yoUax5s1Iy11wMsm-F1ttYdgdKyq0TXAXuglUkrwgm5h4xsDvgYq0D2QnCALndQsUQVUw8EOQ

Response headers

date: Tue, 30 Nov 2021 19:41:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 30 Nov 2021 19:41:14 GMT

GET
DATA 200
OK truncated
/ Frame B756 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50568b5ea04f2c1cee70034645cf9b46ded5eebe3fbbb96fec6db860946e2efc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame B756 20 KB
20 KB 37ms
37ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 09:49:59 GMT
x-content-type-options: nosniff
age: 553876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 09:49:59 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C51A 28 B
55 B 51ms
51ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/10df06bb/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/cvga01tHYRc?autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fthedailyblog.co.nz&widgetid=1
X-YouTube-Client-Version: 1.20211121.00.02
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs0T0JlTVFJaXkyNCjY_JmNBg%3D%3D
X-YouTube-Ad-Signals: dt=1638301272677&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C409&vis=1&wgl=true&ca_type=image&bid=ANyPxKr2kYCiPA59CGXYfo81bIKuJ1jB57o3jvkGZucFtAfJbxw50BczRJmwjnZpnNT2qWZkG2dVeagUspCST6LFQWoeXg8xew

Response headers

date: Tue, 30 Nov 2021 19:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 30 Nov 2021 19:41:15 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame A3FD 16 B
232 B 81ms
81ms Fetch
application/json 34.247.11.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.11.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-11-162.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Nov 2021 19:41:15 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 114ms
28ms Preflight 34.247.11.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.11.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-11-162.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 30 Nov 2021 19:41:15 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111701&jk=2771262642247056&bg=!w8ClwITNAAZQLpa_UC47ACkAdvg8Wuh-8bPQzn1b77YrI7IkRDgEiLVZh1BxXdh0UE5WBKSALvNImAIAAABiUgAAALdoAQcKAMuGqbeGKFL9jDkMXaAXOQYxAOF3JSypKMRODHSq15bML2SuIVnDl50GgZgjzcr8vQ2VWVV9zg_VFENp2wPGbR20GAEFD3XYEUA6D6iWiRPE2QHiT8jruGD8iBnaLqHZJc8MkgqkxxvABRkb1im3wYNLPV6uWPE6vKCkmRIBwPmd1NysCAeDyEI8kAU8tl4_yX5uXyFhP1KY1CCLo7OJMEBbzhRhRAvIm2EtUPQrBRvdXW2c-GWhb5mJNJc8iTfUT-_saa4RL7pjuzh7DJkChaydd5N_d1cmiEF6Ge0VHNso2_LG8CNEbekRfTmKgQHitrBHzWI0Lvqv8svsF87aTbM2U4di3GXxLLphBhUV3ndqRzxryRjlHyrLfIquOlZY_TUL6oKTRGX3w-Rq6gvHrRJPvc12pNGYtLyTMWPCqDXKQI45YRUb7OFo4a8mJvsUrpnkamP1AXgeNjoiFIt3PQlxBEMDuzcGeyz_MAzTf56YBjFWaq0zTpI5W-0nBgiZVNu_osNYnSl5Re3KKoFN1Qfxup2dy2hOQ36YLp4zjrJaXF1AzTFDKoNwNaEsdVmp4qrKeFVXW4Op29fQq2dxxPC5iMkC_h55MdJ4XBPPHqFp1QNFgGgTyQjoxl7DzHEpgvxSb-DoiTM28OqYo7lwpPziRj0pLz5vzHYX1vdrmAGFsyGyXN3eMLxDOwjx1qmpuh9Bzw2f0pCZVv2hdFj41qVcSEmHPr6FZaYru9ec6lti6vGVMHM8TGIWJt_6akrG2kre_19It6D5dupPZwZKFn2Xdo1xdWbAyL4ZW4zxTFATnPRBrNhYEIF4j9iGdNvWah-Hy7Vv2jo5QharV9kU5nIv79vbbmXyKSZrqdMZzC3bWmKFUh3eP2OmifWTw_0lPOWjkplZyxmcdYFPE3M2va_Q3AC5sp29HVePUga6D8lJJTxMpxEL0jwI3DEm-VFPK2XhPOe8fvH3p2qqSi6rD9tAMszvJdyHwNYzGVyngrJvKwTjbPO5Rqaazi8TcBCIbkEiqD6C1IhCXTcJHQTP3vWOE0heODHNwJlagTQCp9HsnjA8V3hqm7nezkExEH4WfzuaX6GlM-pxtSMKh7SzWqdf8w0SIByzINc92AtyePjZcQyFvw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D222 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 30 Nov 2021 19:41:12 GMT
expires: Wed, 30 Nov 2022 19:41:12 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame D222 2 KB
532 B 47ms
47ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 17:53:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Nov 2021 19:41:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Nov 2021 19:41:15 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D222 1 KB
890 B 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:40:12 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D222 0
0 85ms
85ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Csl-LWn6mYbf0Lu-e7_UPkOm0uAqY15GcZt_qv5D7DZHOuM2UHRABIKLf0SBgleKQgqAHoAH7lJXKA8gBCakCokL3i4Hfsj7gAgCoAwHIA5sEqgSmAk_Q4863HosdYnjOpNMTNagZHS1wU2oBwC4Ss2gnhhcD2QV__UMpkRN5TrzEZ7iuDfQF79dRNZ0qKL6mr1abCy6U8n_xOtJUsf7DoAdlvCk6kchf3XDtBPLIORkuRhCXu4a0UcY9XObaUC9EmOBbjBf8toENNVFJFEf_CfS9O-riKPQmutfYWs7qpv9G9bt7RyrIsrwOfR9J8O_fd-oSvNQQgeWh5wSfAm8JfNpLVaminQk6i38-Fo1qLXvodZN7Nsg11uEiGM4NGJHjJwBPYFEFrHrCQX3kivTRkQ_JFXTOMzMCS2GdWBKwd71ODbQfk5qfD51MRNgR0LF1pw2_KnHKX9agNQDKcgNUTg65m6idOP2PW-Ju3A33Ssnbl46VC-xkXpgSccAE0JngjMwD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7_mpoEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcDELpm0ggJCIDhgBAQARgdgAoByAsB2BMC0BUBgBcBshceChwIABIUcHViLTYyNTExNTU2MDcyNzUzNDQY8vQU&sigh=84FnvUZj9V4&uach_m=[UACH]&template_id=494
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame D222 19 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:39:58 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D222 2 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:40:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D222 119 KB
36 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 19:41:15 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame D222 15 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:40:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:40:44 GMT

GET
H3 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame D222 27 KB
11 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 28 Feb 2022 16:53:57 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame D222 25 KB
25 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSMYxn-ukHdPxM_t2qogTClSpfthTka4r9RsTspBSKxrl8xxINkIG_ovPz4YA&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cd6b5e8baba806a56b9fa768eb0c147729255c9acf4e199f4c5df15b92aabef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:42:50 GMT
x-content-type-options: nosniff
age: 370705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25428
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 03:08:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 26 Nov 2022 12:42:50 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame D222 20 KB
20 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQlhzw4Wp0WSsq54jwHPy_2LgD8XIMIOB_BczWI0tfqAbt9Ak3A&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d12edc3eede1beec1941e7319d5a2694f911f0452e4ce1b8ee57e2deeb2f18d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 13:34:41 GMT
x-content-type-options: nosniff
age: 540394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20240
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 05:15:57 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Nov 2022 13:34:41 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame D222 15 KB
15 KB 42ms
42ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ0xR_THeq2yy1HceF5cdQVXDPOL_gDZpV1T89lKyicm6JB0loRxfXkF03JOEw&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57fff2e67384eebfe73b23ddb1e4ac2fe67dd0a729649dd24479b8f47e14dca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:49:30 GMT
x-content-type-options: nosniff
age: 561105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15151
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 03:37:00 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Nov 2022 07:49:30 GMT

GET
H3 200 shopping
encrypted-tbn3.gstatic.com/ Frame D222 31 KB
31 KB 45ms
44ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRiO-5Y3rwtXvyYZZHBlXAKyaE0ZiYqi2JMmi-REH3mUYGNp0a6&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d3b03926e895eaf46db8840e888a6381fdb0d702c8281ba4781b54676bb542d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:06:09 GMT
x-content-type-options: nosniff
age: 563706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31900
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 05:50:34 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Nov 2022 07:06:09 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame D222 12 KB
13 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQU25XtmKfcxT6EVkFsTZJGxyb7reRcHdNF99ZQMr4OuwtbtJbi&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97eb51452679a00c6d004c9a11922a33087716842674c405b3fa9d0148d90ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 23:20:54 GMT
x-content-type-options: nosniff
age: 591621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12788
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 06:07:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 23 Nov 2022 23:20:54 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame D222 19 KB
19 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQPteOK5AIoOTcJD8YXQWJw2GARSuEKAI92eGeK-1sQpv7EgUY_VYedRNJHDvA&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90e248089b9165829f5a4109317958c23e334486b8929a745fbf208eba06efb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 18:00:57 GMT
x-content-type-options: nosniff
age: 524418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19564
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 04:04:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Nov 2022 18:00:57 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame D222 18 KB
18 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSAF2jcDRmjRfskWPXh58UySwnxhcbkRLyoFQ_MH7SJEbZS02vJLuEpvrcygQ&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1893bedd62c4bd644d1a8dd10a8b33e9895930c6fa9fa29aea8d9b1e56d87adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 20:08:34 GMT
x-content-type-options: nosniff
age: 516761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18153
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 21:27:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Nov 2022 20:08:34 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame D222 19 KB
19 KB 49ms
49ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ7-VHw4n5XngY1ddrrkLveeg3We3Ecq0Za1g6ycRY5ySl6uHvBKQx-5-9mzw&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a233e2da3d86d92eb7ff798f64725be18ab7e9dc4b4795fba575ae1abfb0b97e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 18:38:38 GMT
x-content-type-options: nosniff
age: 522157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19114
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 01:41:34 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Nov 2022 18:38:38 GMT

GET
H3

200

3218002549567218547
tpc.googlesyndication.com/simgad/ Frame D222
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC7wqyMOBCcChicCjIIWCv19vqeVug
https://tpc.googlesyndication.com/simgad/3218002549567218547

95 KB
95 KB

40ms
39ms

Image
image/png

2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3218002549567218547

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a97ff2fde111556c2b1aab69d8186de7cde04292070318d622466cbd6e10d7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 07:52:42 GMT
x-content-type-options: nosniff
age: 42513
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97322
x-xss-protection: 0
last-modified: Wed, 23 Jan 2019 14:44:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Nov 2022 07:52:42 GMT

Redirect headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 21:31:45 GMT
x-content-type-options: nosniff
server: cafe
age: 79770
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/3218002549567218547
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 29 Dec 2021 21:31:45 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3D5D 1 KB
749 B 38ms
36ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 30 Nov 2021 05:53:44 GMT
expires: Wed, 01 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 49651
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D222 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: caa8efea9f14d7ff08c51de7969f59948a2d127417b29b42d13a84c012602f9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame D222 20 KB
20 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 09:49:59 GMT
x-content-type-options: nosniff
age: 553876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 09:49:59 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3D5D 35 B
463 B 29ms
11ms Image
image/gif 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJ_5YmsA0nfHAs1tAIKUCdo&google_cver=1&google_push=AYg5qPIJkgmie2vqEt9wtmi2qN032QqAgy1smMGG0vg6d_0x13L4TsX3UU2hS7IQB3OtxmUFWhuX2hNfnu78FtfvAGZNRoA43l3RDg

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:15 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D5D
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESECH8cPvClIJ7e3X3u364h28&google_cver=1&google_push=AYg5qPLirjcWh8ZXhcLP3y-OgaEfuPYKfLwhCTjTNdQAb1H7GjssQGlG7jZx-hM9NcNfYS0tBA6i9xqzlPVL9_JjPk3m3uhp9Spf
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLirjcWh8ZXhcLP3y-OgaEfuPYKfLwhCTjTNdQAb1H7GjssQGlG7jZx-hM9NcNfYS0tBA6i9xqzlPVL9_JjPk3m3uhp9Spf&google_hm=Q0FFU0VDSDhjUHZDbElKN...

170 B
188 B

67ms
66ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLirjcWh8ZXhcLP3y-OgaEfuPYKfLwhCTjTNdQAb1H7GjssQGlG7jZx-hM9NcNfYS0tBA6i9xqzlPVL9_JjPk3m3uhp9Spf&google_hm=Q0FFU0VDSDhjUHZDbElKN2UzWDN1MzY0aDI4

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 19:41:14 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLirjcWh8ZXhcLP3y-OgaEfuPYKfLwhCTjTNdQAb1H7GjssQGlG7jZx-hM9NcNfYS0tBA6i9xqzlPVL9_JjPk3m3uhp9Spf&google_hm=Q0FFU0VDSDhjUHZDbElKN2UzWDN1MzY0aDI4
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D5D
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLtIB1k...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLtIB1k...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMzAxOTQxMTUwMDA5MjU0MTc0MDkyOQ%3D%3D&google_push=AYg5qPLtIB1kKjzPfLs42kJHoO5w-y3OTNztBo6lhyNPWtMXPvx2KbMh-KfixzL7109Kva...

170 B
188 B

65ms
65ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMzAxOTQxMTUwMDA5MjU0MTc0MDkyOQ%3D%3D&google_push=AYg5qPLtIB1kKjzPfLs42kJHoO5w-y3OTNztBo6lhyNPWtMXPvx2KbMh-KfixzL7109Kva8ZhNo7bIrjMO4F6gBzX3EpWTlrmucyAQ

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTExMzAxOTQxMTUwMDA5MjU0MTc0MDkyOQ%3D%3D&google_push=AYg5qPLtIB1kKjzPfLs42kJHoO5w-y3OTNztBo6lhyNPWtMXPvx2KbMh-KfixzL7109Kva8ZhNo7bIrjMO4F6gBzX3EpWTlrmucyAQ
pragma: no-cache
date: Tue, 30 Nov 2021 19:41:15 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Tue, 30 Nov 2021 19:41:15 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 3D5D 43 B
351 B 52ms
21ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEIzp9c8PJSRr7ScBgcM7qQY&google_cver=1&google_push=AYg5qPKDxPWb1UaNtP508uQv3vuNWVW29DOlM32aAGenWWQQ1VrvZzps1Txcr_AR8hcGLdN5DL9fY7kpYAQzL1Yx2DhTRooMWZz_Ug
Requested by: Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:14 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: udqjsaqud5gm343cfjeaao5qtufbnphd

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D5D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MqzQGjbOTq20vnoO20RrqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

68ms
68ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MqzQGjbOTq20vnoO20RrqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJXgB3ZDX2rClrv_zGEixEGGdNaAxqZCTYuD-uFf3N7PFRU-PFaK-tQ-KNHXEBWvCv6oO9kvnT57ZY9mOksGYWo25P19Aul-g

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MqzQGjbOTq20vnoO20RrqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJXgB3ZDX2rClrv_zGEixEGGdNaAxqZCTYuD-uFf3N7PFRU-PFaK-tQ-KNHXEBWvCv6oO9kvnT57ZY9mOksGYWo25P19Aul-g
date: Tue, 30 Nov 2021 19:41:15 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3D5D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEE6Qy1_HMQaLeglqqT5NkfA&google_cver=1&google_push=AYg5qPKdaIUcNpxNHHQBIeThvDn2DXYPps8wK4NRaTTcWR8BQvzBL84W1P_WhRTFbyV74oEoqIn...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dNSUEyU1otMUItSDlVRA==&google_push=AYg5qPKdaIUcNpxNHHQBIeThvDn2DXYPps8wK4NRaTTcWR8BQvzBL84W1P_WhRTFbyV74oEoqIn5zEi6f36SSskoCgCeAXDj8kUYTA

170 B
188 B

65ms
65ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dNSUEyU1otMUItSDlVRA==&google_push=AYg5qPKdaIUcNpxNHHQBIeThvDn2DXYPps8wK4NRaTTcWR8BQvzBL84W1P_WhRTFbyV74oEoqIn5zEi6f36SSskoCgCeAXDj8kUYTA

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dNSUEyU1otMUItSDlVRA==&google_push=AYg5qPKdaIUcNpxNHHQBIeThvDn2DXYPps8wK4NRaTTcWR8BQvzBL84W1P_WhRTFbyV74oEoqIn5zEi6f36SSskoCgCeAXDj8kUYTA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 84e0f527cd81a00b0210e20b4ee7ed94
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 3D5D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieL...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3D5D 0
12 B 111ms
64ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JQHsQ3ptAzcATAHj0CMstj5qiOyYsEnVio4Su6eyvFsfLeXIy8HxjcbRtbBLP2Mp4O7IHe

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 container.html Show response
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F9AC 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://thedailyblog.co.nz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 30 Nov 2021 19:41:12 GMT
expires: Wed, 30 Nov 2022 19:41:12 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame F9AC 2 KB
532 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 17:51:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Nov 2021 19:41:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Nov 2021 19:41:16 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame F9AC 1 KB
890 B 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:40:12 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F9AC 0
0 82ms
82ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C7OHJW36mYf3nJKSl9u8Pu66w-AHBjK3qZtz5l-yBDtrK3cXZKRABIKLf0SBgleKQgqAHoAHrzcH7AcgBCeACAKgDAcgDmwSqBKkCT9BH3P5kPZy8-VUxqZRU-CghTR_xj7l7GLY2t4rXDkykLgaREwH1SwyHivFRCSr4NEghrCUmrbL1lvI1knrVWtl41eOepqL0uvx_7LsTwsRCoOb7E00pjtW0JAUO2jJBZf8DXncV5eWjTo0elG_dcOPxbBHp2ytldYYMrR7c0g03j6PYtwODdNUFLnGJPlcKQ58JvWV4m3Nq9PCJ-CxGEdSPUUgVNMblzJJjRPDyHzsSitcsDd4JxF7yQLA3h2Rt9SLprYh0Fy2A0AVakhFJGdgNdLr3uhzpl6oXl1_P7tONmlchSVc_mz97KrlOwEfN4lRaTgj8uQ9Gnbvmossb3Kfpkq8qgPrgUUdKqOLdNnxB4eM-MOE3NWA-3c-bQWh37pPDwau_LegZwATB78f61QPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHze2u5wKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwMQvmzSCAkIgOGAEBABGB2ACgHICwHYEw7QFQGAFwGyFx4KHAgAEhRwdWItNjI1MTE1NTYwNzI3NTM0NBjy9BQ&sigh=j0kQ5JaoFOw&uach_m=[UACH]&template_id=494
Requested by: Host: thedailyblog.co.nz
URL: https://thedailyblog.co.nz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame F9AC 19 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:39:58 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame F9AC 2 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:40:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F9AC 119 KB
36 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 19:41:16 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame F9AC 15 KB
6 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:40:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:40:44 GMT

GET
H3 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame F9AC 27 KB
11 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 28 Feb 2022 16:53:57 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame F9AC 34 KB
34 KB 44ms
44ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSuboKwciQC3d6rLA6QyIyBtgU6uhiFvY-Djis0Li72F_O2OHqEZiNPVLYVE-M&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0af876e881d62be795f61e9546668851e1f8959d1186a1d06e7bade17558f8b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 16:23:22 GMT
x-content-type-options: nosniff
age: 443874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34639
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 08:50:39 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 25 Nov 2022 16:23:22 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame F9AC 27 KB
27 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTknpWYO9yAAr5lIZ8gxgutoXZs2ykLYZE_jOuBiYlbxVKbS2V5495Xel6df1c&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3032aa2e11e011c57a42b15acd7f194bd22b6bcc23a8332c32b12fb7edf6100

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 10:55:47 GMT
x-content-type-options: nosniff
age: 463529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27202
x-xss-protection: 0
last-modified: Sun, 24 Oct 2021 02:09:11 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 25 Nov 2022 10:55:47 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame F9AC 19 KB
19 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTQx82cxGXhMUT6QUydhZh5a5ZhrWRQvqeDHKoIA5ozgJossRfk77EI_RBeZg&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a80193f67e5045f2bb3bd3f002cdddd1a0ed75889381a590ff8379a57afba564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:00:56 GMT
x-content-type-options: nosniff
age: 13220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 11:20:17 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 30 Nov 2022 16:00:56 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame F9AC 32 KB
32 KB 53ms
52ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSoelBE6JPFboPzrX4G2bUAemN1A-EKxwKw5c4EBxhxvdRCBUwtkWG5JZ2j0tM&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3db64adca2ce673f54d6fb8ce6d30114a2b69b47d59042179a708503799f9290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:42:23 GMT
x-content-type-options: nosniff
age: 604733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33208
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 23:46:57 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 23 Nov 2022 19:42:23 GMT

GET
H3 200 shopping
encrypted-tbn3.gstatic.com/ Frame F9AC 20 KB
20 KB 48ms
47ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRi_eIxA3LS_ergiO-2U_ug7qN1SenUphSG3LEwGCCXZVFXfqkDHm6qc_Lbm3w&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f122e1f3ea83bac5fea8db8fdd7af1f80f5bce1570eae99ed71c85ff746e07f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 18:06:33 GMT
x-content-type-options: nosniff
age: 351283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20767
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 10:38:42 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 26 Nov 2022 18:06:33 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame F9AC 36 KB
36 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRJ5qpl_tTf2vSzS27OZGOGzsbTJ4Bdjrv4Y9_n5k_w1G76rqPjNlXoDA6PQ2g&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c15dc602c7f26db362b306eb32adbfc51a1472752095059b748bc8e3fff59661

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 11:29:39 GMT
x-content-type-options: nosniff
age: 288697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37076
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 01:35:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 27 Nov 2022 11:29:39 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame F9AC 9 KB
9 KB 46ms
46ms Image
image/png 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRtRC4Dlp5T4P_vZELKblL49j1Uo4XLl2Oj16PJeZjRuag2vnTR&usqp=CAI

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81ab60093a572306ea4faeb5763d2640593e2f9960ed82b0a231cc75db9953bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 09:55:02 GMT
x-content-type-options: nosniff
age: 553574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8961
x-xss-protection: 0
last-modified: Fri, 10 Jul 2020 08:37:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Nov 2022 09:55:02 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5F52 1 KB
749 B 36ms
35ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 30 Nov 2021 05:53:44 GMT
expires: Wed, 01 Dec 2021 05:53:44 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 49652
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F9AC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea6aed5bb5cf0c5236d929830e4fb2cbf14e723e8a6655e9008accb48fd18769

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame F9AC 20 KB
20 KB 37ms
37ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 09:49:59 GMT
x-content-type-options: nosniff
age: 553877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 09:49:59 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F52
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGayuP6X5gr_ON-40SAM8r0&google_cver=1&google_push=AYg5qPK-ZxZa46-n5Y8oPd-EtUcWNyC2c-EzqWEySeLaxLrrK9fAAr5Vqn...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK-ZxZa46-n5Y8oPd-EtUcWNyC2c-EzqWEySeLaxLrrK9fAAr5VqnH_yh3tqrEi54GHxDRF314qXZU2c3sqP1pmqswVQAQ&google_hm=RA4O_Lo...

170 B
188 B

66ms
66ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK-ZxZa46-n5Y8oPd-EtUcWNyC2c-EzqWEySeLaxLrrK9fAAr5VqnH_yh3tqrEi54GHxDRF314qXZU2c3sqP1pmqswVQAQ&google_hm=RA4O_LoN8ckncZND0oWWrA

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPK-ZxZa46-n5Y8oPd-EtUcWNyC2c-EzqWEySeLaxLrrK9fAAr5VqnH_yh3tqrEi54GHxDRF314qXZU2c3sqP1pmqswVQAQ&google_hm=RA4O_LoN8ckncZND0oWWrA
pragma: no-cache
date: Tue, 30 Nov 2021 19:41:16 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F52
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIYW2SD3TA40TKBk-khoJEwi12jWaebhQQG_iM...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWFaQFhBQUFCWVRVbUZlaw&google_push=AYg5qPIYW2SD3TA40TKBk-khoJEwi12jWaebhQQG_iM3ecwv3AohNIkw1UKiTBqS0xb3ZNqNh4VwB9hbsd_kWx3H1EWMpsy1El8

170 B
188 B

64ms
64ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWFaQFhBQUFCWVRVbUZlaw&google_push=AYg5qPIYW2SD3TA40TKBk-khoJEwi12jWaebhQQG_iM3ecwv3AohNIkw1UKiTBqS0xb3ZNqNh4VwB9hbsd_kWx3H1EWMpsy1El8

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWFaQFhBQUFCWVRVbUZlaw&google_push=AYg5qPIYW2SD3TA40TKBk-khoJEwi12jWaebhQQG_iM3ecwv3AohNIkw1UKiTBqS0xb3ZNqNh4VwB9hbsd_kWx3H1EWMpsy1El8
Date: Tue, 30 Nov 2021 19:41:16 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3 200 dds
rtb.openx.net/sync/ Frame 5F52 43 B
64 B 38ms
21ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJcg0mKyZ9YNR3zQlTEIVhk&google_cver=1&google_push=AYg5qPJ6l81zG-46yhPLnAlTFy66gMoJ8viJe3CZGIr4vzRLDkm2SAvlStoqcbhZvbdJdVT2lguIGoKq2Tgt9_QrP8dGCGng1b8
Requested by: Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:15 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 7p0n6uop33b55o8kun68d36epnnggutj

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F52
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MqzQGjbOTq20vnoO20RrqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

66ms
66ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MqzQGjbOTq20vnoO20RrqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIHSHBlk69GL7ClxBedeNZEaw_LbZR330qpkFDs0ZkdUWs-iZXN_DpZqOBXWq0VV-tquKqFNrtSkQvH1ivwd3iJ7UC04w

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MqzQGjbOTq20vnoO20RrqA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIHSHBlk69GL7ClxBedeNZEaw_LbZR330qpkFDs0ZkdUWs-iZXN_DpZqOBXWq0VV-tquKqFNrtSkQvH1ivwd3iJ7UC04w
date: Tue, 30 Nov 2021 19:41:16 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5F52
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIa6pI3soUWQoWTJXu8xNIE&google_cver=1&google_push=AYg5qPLDZEhaaPXLQ6-hGu7X5LxlJS-234qLU5o01sI437U6qkLGELzw_G1bSYdvxjNbJgEqnF3...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dNSUEzNkUtMVotNlJQSA==&google_push=AYg5qPLDZEhaaPXLQ6-hGu7X5LxlJS-234qLU5o01sI437U6qkLGELzw_G1bSYdvxjNbJgEqnF3nHqFnaR-PjQtxiCH6eEzU2D0

170 B
188 B

65ms
65ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dNSUEzNkUtMVotNlJQSA==&google_push=AYg5qPLDZEhaaPXLQ6-hGu7X5LxlJS-234qLU5o01sI437U6qkLGELzw_G1bSYdvxjNbJgEqnF3nHqFnaR-PjQtxiCH6eEzU2D0

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dNSUEzNkUtMVotNlJQSA==&google_push=AYg5qPLDZEhaaPXLQ6-hGu7X5LxlJS-234qLU5o01sI437U6qkLGELzw_G1bSYdvxjNbJgEqnF3nHqFnaR-PjQtxiCH6eEzU2D0
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: d3682eda7e5cb79782b1d5475f50e8fc
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 5F52
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcex...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 5F52 43 B
297 B 563ms
20ms Image
image/gif 2a05:d01c:1d8:8102:a212:76ab:db1a:a790
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMS3aY6RJPCagNW46WZ_q7Q&google_cver=1&google_push=AYg5qPKZu3Yz1gw0YKYI0klXUKIVigN55T7CKIohR5gQ_EuSJhhju1hcK40ZPxXGVa-SEbgNLLh23JC-EHOnh8rBLKZZCr5r57E
Requested by: Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:a212:76ab:db1a:a790 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:41:16 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5F52 0
12 B 63ms
62ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kj9Mo4CEVfysKNpYtvhAwAYKmZgt9-IWh2iHRp4wd9sTmeqRDRNxwicjkkk8SFb2TBiTGs

Requested by

Host: 84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
URL: https://84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:41:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Sp2p2G3NQDM
.youtube.com/	1970-01-20 03:24:13	Name: VISITOR_INFO1_LIVE Value: 4OBeMQIiy24
.thedailyblog.co.nz/	1970-01-20 16:36:13	Name: _ga Value: GA1.3.1271377222.1638301272
.thedailyblog.co.nz/	1970-01-19 23:06:27	Name: _gid Value: GA1.3.113896429.1638301272
.thedailyblog.co.nz/	1970-01-19 23:05:01	Name: _gat_gtag_UA_41539225_10 Value: 1
.thedailyblog.co.nz/	1970-01-20 16:36:13	Name: sc_is_visitor_unique Value: rx11553132.1638301272.9385628C54634F5DCF09C56971DC6A94.1.1.1.1.1.1.1.1.1
.statcounter.com/	1970-01-21 18:53:48	Name: is_unique Value: sc11553132.1638301272.0
.statcounter.com/	1970-01-20 16:37:00	Name: is_visitor_unique Value: 1638301272307785454
.doubleclick.net/	1970-01-19 23:05:04	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 07:50:37	Name: CMID Value: YaZ.Wp1Fd22iraeQB251TAAA
.casalemedia.com/	1970-01-20 01:14:37	Name: CMPS Value: 3270
.adnxs.com/	1970-01-20 01:14:37	Name: uuid2 Value: 3951893680963212841
.casalemedia.com/	1970-01-20 01:14:37	Name: CMPRO Value: 1101
.casalemedia.com/	1970-01-20 07:50:37	Name: CMRUM3 Value: 2d61a67e5a2760CAESEADGRWgGDXqeQNmh5nKZu3Y
.adnxs.com/	1970-01-20 01:14:37	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVLpR8t3!]tbPl1M>e)ZlrFUfJ+tGXxpW?l?nKN#GSma<iA6XZLOy:@oBnaaTA64SMj$bpRzqF1`b_cl.bJh
.redintelligence.net/	1970-01-20 01:14:37	Name: 8lcfmzhxc8d6_uid Value: 4e179b04b943fbbb
.awin1.com/	1970-01-19 23:07:54	Name: awpv18332 Value: 296283\|1638301274\|7a779190-5215-11ec-a546-22340e667dce
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 376776:2601051
.medialead.de/	1970-01-20 07:50:37	Name: trscj Value: MTYzODMwMTI3NHxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRNekJoTjJSbU9HUmxaR0UwWVdFMlAzTjFZbWxrUFRRek9USTJNREF3TWpBME1qQTVOekF3TnpFd05qRTJNREV4TnprME1EQXlKblE5YUhSc2NBPT18YUhSMGNITTZMeTg0TkdVNU5XUmhNRGMyWlRNelpETTVNakZoWXpNMFpHSmpNbVU0Wm1VeU1pNXpZV1psWm5KaGJXVXVaMjl2WjJ4bGMzbHVaR2xqWVhScGIyNHVZMjl0THc9PQ%3D%3D
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: uxpf55222ycqp3plx4ow2ui1
pb.media01.eu/	1970-01-20 16:36:13	Name: DTU Value: 5BD35D4874543CE8112B5F4938CDBDA1
.office-partner.de/	1970-01-20 23:05:01	Name: source Value: {"webgains_webgains":{"timestamp":1638301274652,"clickCookie":false}}
.quantserve.com/	1970-01-20 01:14:37	Name: d Value: EFABCQHsJIEA
.quantserve.com/	1970-01-20 08:35:15	Name: mc Value: 61a67e5b-81998-d0256-5fa5a
.agkn.com/	1970-01-20 07:50:37	Name: ab Value: 0001%3A9afvYViivIlJzICFuTi9UlOpgTTWIBzd
.agkn.com/	1970-01-20 07:50:37	Name: u Value: C\|0CEApOTrbKTk62wAAAAAAAQ13AQCAAQpAAAAAAA
.pubmatic.com/	1970-01-19 23:06:27	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 01:14:37	Name: KADUSERCOOKIE Value: 32ACD01A-36CE-4EAD-B4BE-7A0EDB446BA8
.thedailyblog.co.nz/	1970-01-20 08:26:37	Name: __gads Value: ID=b9c062c731419ff1:T=1638301271:S=ALNI_MYZHwFCMgvhzq44SKrE9dPDIVGlrA
.e.dlx.addthis.com/	1970-01-20 08:35:15	Name: na_tc Value: Y
.addthis.com/	1970-01-20 08:35:15	Name: na_id Value: 2021113019411500092541740929
.addthis.com/	1970-01-20 08:35:15	Name: na_tc Value: Y
.addthis.com/	1970-01-20 08:35:15	Name: uid Value: 61a67e5b23354068
.addthis.com/	1970-01-20 08:35:15	Name: ouid Value: 61a67e5b00010b778d54db93b1bc567f87f1eff7d495e806bd6c
.dlx.addthis.com/	1970-01-19 23:48:13	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-19 23:48:13	Name: na_sr Value: 20211130
.dlx.addthis.com/	1970-01-19 23:05:01	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-19 23:48:13	Name: na_sc_e Value: 0
.doubleclick.net/	1970-01-20 08:26:37	Name: IDE Value: AHWqTUkiGF-Gfdm7gV1b8pcFcRLnYXnQbL7gbZeT2OWB0jEzD9glET7Ob2oUvMUzFaY
.casalemedia.com/	1970-01-19 23:06:27	Name: CMST Value: YaZ+WmGmflwA
.innovid.com/	1970-01-20 01:14:37	Name: uuid Value: 5b045e5e-64ad-416d-90e7-faf0f33586b6-20211130 14:41:16

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://thedailyblog.co.nz/(Line 3298) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://thedailyblog.co.nz/(Line 3298) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_push=AYg5qPIuCQCGiXvinzT5FwZYa_9Cboz8wSjY7tT1c57Q9FVdMlB0DBiFip3kaBPhssVPPBr6fpCO2p3qCk68deiieLHPB6gDrI9-bA&google_gid=CAESEJ-a5JhwGwrkXty8BXtCmFk&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YaZ-Wp1Fd22iraeQB251TAAABE0AAAIB&google_cver=1&google_gid=CAESEH7xNOwSZmI7z55j1XDEGOI&google_push=AYg5qPK-z5sl0As4tkFo43vZN5mUw6ieLjcexQ-p50E0gRMAn5LmCdfDso0NlJUzRABTG4J100LGLLfBr_bwFGOVcEaWGd3BNkE Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
84e95da076e33d3921ac34dbc2e8fe22.safeframe.googlesyndication.com
ad-server.eu
adservice.google.com
adservice.google.de
adv.office-partner.de
ag.innovid.com
analytics.webgains.io
api.webgains.io
apple-resources.s3.amazonaws.com
c.statcounter.com
cdn.ampproject.org
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eveningreport.nz
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90002.redintelligence.net
i.ytimg.com
ib.adnxs.com
image6.pubmatic.com
img.youtube.com
pagead2.googlesyndication.com
pb.media01.eu
pixel.everesttech.net
pixel.rubiconproject.com
pv.medialead.de
rtb.openx.net
secure.statcounter.com
securepubads.g.doubleclick.net
static.doubleclick.net
stats.g.doubleclick.net
thedailyblog.co.nz
tools.applemediaservices.com
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
cm.g.doubleclick.net
104.111.215.191
104.20.228.67
104.92.94.3
138.201.84.244
142.250.185.194
142.250.186.66
142.250.74.198
145.239.193.130
18.66.248.39
185.33.221.91
185.64.190.78
2.18.234.21
210.5.53.72
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:802::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:813::2016
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9c
2a05:d01c:1d8:8102:a212:76ab:db1a:a790
2a0b:4d07:101::1
34.247.11.162
35.156.157.11
35.227.252.103
46.236.13.147
46.4.10.47
52.18.11.109
52.216.101.139
54.76.176.197
69.173.151.100
75.101.226.202
88.198.250.30
01fa6d2ca5c5a9c10141c53387fbb2f0a72c0e77cceea23edac17c300314863f
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
037a1f8c14829784d3d6b6eb8889da5c955e253440c8f587ea65a14451dc1549
03966f855eacb7ab58e5d814869ce127bc956a6d8c96d8adaeb7182a75e5e7e3
0637f3a500b413b8352bc0e576e8de4150daf55a6d99a744f4e1eebd42ad605f
0746e2ef32ef6d5f9cad7e09128c601ac30419895f90a55ad774f50726eafa29
081a76be5cfc9a0b3d862570c8c3dccca4142348d07ee36b239027fef5d20eef
08f9cfe799c314f157fe6a88446be906373859e57a66ece7e866582e129622f2
090bfccf24b07e5178fe468500964411acd65badb135d0953c42743df50d41d4
0913125a85710095ce4e31d77f2a9a9917e2a7a9f3cf2575f74308b14c22b579
0a175bce85730a96d2facacbcc6c6bf0c2ea2744dd519ee6089225cdfb88ca25
0af876e881d62be795f61e9546668851e1f8959d1186a1d06e7bade17558f8b0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0beadc559ed158412d3e2c05023e3d81b622f831cd2398748f5ad38dc3c909a3
0d53e53662547ba7d7a2b5b82a2546ed1836fd30c1234f949d52218e31337859
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f74eda5ca917f0146ec28a71e0602f7a3b9dae063acfeecfe6549bdb165d47a
0fc1c182ca4b639cf2e6b8a1172c6e00f7c597e5d24ff191268f8f542104dfc6
1095cbc869aa37c70e64e526342033b0260704548ef331cf1cf218f427a144bc
110e64beb89f1827af4da07190ed859bb6ffd5d090cd43879c9bdc96cf678508
112cd63fd5ea29884b8bfb783298e9b62dfbb6957f72f6c314c319be19da7fd4
1191e5ba707655a4efca2e0939a4557c33d74e8a009135fba789878bd2244cbb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
15f408dbe95ea982498c273a0f8b5bb62663e63d05003b0b0a3cf3b921cd3656
162391f51ebd58aebb4215fe9c90db931c4514f37004742c29f1421edb42f71c
17fb87c96fb0c8607ca806340880caf12c3f64ef820aa46ad83f442c58bd8ae5
1893bedd62c4bd644d1a8dd10a8b33e9895930c6fa9fa29aea8d9b1e56d87adb
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1f1dad5118af2904b6baebf68ca6812accaa29e6e6991545c0c85952993b7955
1fd819fb7acd22b23e4fb5b8029ff301a74c7d9803aa8a1f5c5c50bb1aac7eab
21837485e10c6b663c4eec4b3bc5d9a2276632ba28d60feff08eb2fd0e66c5f7
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
25fcfee1ad623c5654d6a20d5936f56999688ce944da13f9ea606cf4b9fc18d5
28d1a6730ff05f9e14ba04cfa7e6cdb813e2fac5b1200a301bf03341428852a0
29a6d5ddf0b6b4ce05fa86a77f46e23fa0469595b5a94e2e496fb66c9b309a97
2b9a9e20a2087fbfe29c5ad841151f560719560927aab480b578abb759e3dacf
2cd7a95730591cfef472bb448ede01d404fb9342555cbc6246bebff399477622
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e48e1678c508bc7a9fc6eaacdd41f084266964cef2376dc9cd86b95ec4ad9dc
2f3d6f4f8120e43546823b135b11f38d90777f826669db7a4a4965e0fe51138e
2f9026bfd34af089ef174d86c7c4d3a7ca9162b22216b544e518d462e5f60e90
3026fe5d8b3c29b1505450207f48e80cb4b358cf0c9d8b42d691c9d7c2134454
3030cd165935e13129a538d05355e4cab04a5291003e37ecec8245cc513bcb8c
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
342ef537e7c4b83126b6c082466ec18d3fb17c994e6079a537f7ebd3fc2ba1ad
35042c496581e1d0b6f8b29ce448b35444c90cf4616a80b70331429aaa2166e7
353dd6889e2b035cfcc5f805e5422819a218a618f8b6ce7380c1ae1f2c2e0d18
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
367066087d5c480312745a1f35b64c2391cb7bb76f1a0da3db9ff669a21b4813
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3711272b4e0b88a53fd70a9833516e0df726443df4d5303e85d31de28d6a1fae
374fefdcddee55c37ce66bdc2f94c29d95089daf20eafd8a12c6e1e36eba4f4e
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38aea16b938dcd7510429cb96ea3e845f2451485538bc9dd9d40929dfb9fafcd
39ba78bb21ee97e4a8dfbffe40468ca376f3888a4eba366ddda4bc4126fb0660
3b79552b464a6cae059926b71822dc20c7eeabec6336b43b6d3074f00561a9e7
3c55743b58d342599d6de2048f24e73a34db12343acaf87b41083cb90d35304f
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3db64adca2ce673f54d6fb8ce6d30114a2b69b47d59042179a708503799f9290
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41c1c14d4949e2fe0d0f378f46800961b24b9a7cd8f515fd67727af809006245
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
452a41553aeea0a8b6a20a9610abbb8d1d3e1f57e77737b45defb8b43865a8e9
45f42a9e2401a2f382dd98f2bb8b0ad3a8f108b48cea1583c234374f819e4ecd
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
47869a51a42b38b3af59eabcb26553fea0373fa1e0a6155e2a1ed11d2ecfbd7b
4ade01c43a6a30c054628dabd4b086ca6566c6421ed69ccb37af29c642cc50c6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c4c2eaae069dd0c09b851c857f29774befad4241330ba685296d256435ea3cd
4d9b4c9c0fb4555dc93155778ce71c918f42a46e212d1e1358eeca27df4135c2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5da5ddf83a42ab5f30c5f474011805d1f84f859a10ddc6b5478556a33c4c81
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50568b5ea04f2c1cee70034645cf9b46ded5eebe3fbbb96fec6db860946e2efc
51d8b554bc4b79dac28be002c0774228f4797702851be15a3c4dab20ab322492
5241d3458a6081971613b26af579e3e5bb320d399bd699bf0b943f72f10271ef
541a22e85f3238899f2589d44b9390a8d6d6e193a5d436c10e8ec9ce7b256e76
545c4f635d9b7adc66a5d435227d5982d2cf1722cd19be7652d7d35da7f9298b
54f22aa5e8ca501f9a326bb2bfd66cda703af49194cbca042413ce710855d662
56e804210fd89a6c96bd70419ae26b19bed0629a143bb9b8f3aeffc28a4050ec
5715ccce357c101474624bcb4f6950296f7db5d10d650939b01dfc4e6e759e9b
57fff2e67384eebfe73b23ddb1e4ac2fe67dd0a729649dd24479b8f47e14dca0
58a0a3b8704ec1e1d8f37d3148cde822c6e7b3e7f38feb38dc196ebf34e5c2de
58abc50280b1ab8b51dbfba47cc6f29716891240da58dc367c4df680af13b8c9
59eea5789a6787902ce1ec6a71b34f32808d75f6a0be489cd4f5910d7bed804b
5b278d4956a05c098c4470ebc4e8eef09f6cc0603aec285b99f2390a549fcb53
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c5213ae9607e223883edb6fc2e766c15e2de3916e76855a226f8b539cce6b2b
5d3b03926e895eaf46db8840e888a6381fdb0d702c8281ba4781b54676bb542d
5d54dcd77074f01887904d8c513df01f4263607b438f5a98a3366f192b908d75
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
60f95df4a5e754f8d84e603841febc8b7b8cb5a0ae14a7440ef20d5dc804c840
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
631b3dae83647389ba77b86999a8aeaf4e86637c6e3ca966c3c7914beb9317ec
64e62b6ed84c308d8011efc4a92b313480ca230a7c2df6e3992aec36d300de37
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
67e6599b9fd28869eb047c72fd7486c191b54a661ec61accdf9b2de87f246ce9
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a928910f082e0c86d86100dca7cd9e10cd517eb1ebd2fc54bde6c64e56b6d93
6abd20d7799972da16c835c68da65121bc4722c77bb62b0a4d4c62cc87f205dd
6b471e3e0fe243d81bde212bfa10b56236464e52c9c84864b32fc392ff8c2290
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c43f80bf3ca6ced6a071c779581cf3f2d0b15347cc26cdc9259e20c3b69d856
6ca1978797374f9bfac40e1129dea601e2efb1ed6c28c608528bcc84505b1071
6cc9f7888aa74f17e27205ad59ecf79db56b25123b30aa7913b5a6617206b58a
6f5bb2c93033629733463ca6445e17b5e6d1978a4d62ed5910216f7c598337d5
6fdf2e738abfdce14ffdf46869ac63a03b357c9eeeed6a02411a68bb7714a0dc
705ab96fffcb6271b575e41f5a56f29302e9062742c472755b5ff67d4560bc3d
71b955427b418dd287d9fdeff8a28c0533181c79f0275d821c6056c98e1a90b3
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
7414c20598c02f964afbaa5f423af72885050a7aa71a363711b1c0a49fb37bfa
74774e29f34f591648d77455e2f2aa70bcc72eb4ecef7d06e76bc155989f86f6
749b1c397eff7ebda926c547943bae2e1f0d12b9dc5c30c60e095402080f705c
7b228b131f5265f370bf12a87c6a517aaa06fcd9f53adce94ecf5805fe3d0b60
7baeed670b9dfe277223ef349839f35391de32a5c4df26f241c90c1d878a30fd
7bc2c48f13ebfcc7698e88eac7e5bf3b4a8ef162830496e8eb849917753c76aa
7bc56885b54f01152ef604104f28278df6209a546216f0e2c133a81ff5999e06
7cd6b5e8baba806a56b9fa768eb0c147729255c9acf4e199f4c5df15b92aabef
7d6e6199c851602282d6bec87bf88a1f9a4aea35aa228937da59f520e354d705
7dadf41d55487432b3b4f5db5e8ed8a757ad7d295b1570567d2d2fc6929bd24f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80a9c29d12d183d279ae773c6552e674ed68a456b380476d13c47ee4eee8cc66
81ab60093a572306ea4faeb5763d2640593e2f9960ed82b0a231cc75db9953bb
81e5f11f8a2a8947ccb6cb8693b42f6d2acbeea99c44ae4b45917956b5ad7053
8607e1dba8e292c8dcd8bbb94e341f726b410cf61fa1bccf5dc3637b79b1b02e
872c97ba4a0520a75ad0e159768f93c47220ace2f07978ed667101a88b17774e
87d4eaf643585cc24cd1c85fa47a4ebdbd1afb6feba82d87a7ccb248432952be
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a4976aaa552e4588ae56d635078948327444020525c1a4a73a4eb24a5f49622
8a97ff2fde111556c2b1aab69d8186de7cde04292070318d622466cbd6e10d7c
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8bf199d1c59dbe0ebb318374f67f7e5c1c55b0f82e179b1978774c3583d35b4a
8d12edc3eede1beec1941e7319d5a2694f911f0452e4ce1b8ee57e2deeb2f18d
8d8aa9c2c3798099cba43890c7808bfb34b70dbc853177ef287b50bc28161911
8f6f1c01204988c94493b7611c3dfb5ca706efc0a0a2b20e75bb3a189bc54881
90e248089b9165829f5a4109317958c23e334486b8929a745fbf208eba06efb1
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
93ca0c9eb6a8c20f5c4c91c7791891bfbdb74199ecf15e352dfee1b300b37072
96c07c7efb7f667f57918d51a6eecbe397fffb0bfdd1b7c1dd6a6d9de4280ba9
97bb377e81d07773db24552f566e2d1d99763837fb5ce826513d80c417f2012e
97eb51452679a00c6d004c9a11922a33087716842674c405b3fa9d0148d90ed0
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5623b4ad4e21e08825566ea685829f4a8a5b570ce1709a75f27e0a35d5967f
9be859d5d10da790bbc506d3987dceb1dbd9b7f9210d9fa0abec298e58893275
9e003d0a9b6e48625f2545c1c244c1fd60c90365a9ca4644d34f33f0c9565f6c
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a233e2da3d86d92eb7ff798f64725be18ab7e9dc4b4795fba575ae1abfb0b97e
a28365cd282903fb5fffd8bad185af709326623d32def1f3613f594cb05083d6
a2f4e82889c321379d880ffccb70876e454cf53351ff4777a9905a37b12a9b98
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a68d2fb183323e0cb518ea83604a099751c8451f454c1e8abc7c51f5643e3e1e
a701d12a41eefbeca1b94b18cb069f4923885dd86c72f2d132127d2eeb201115
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a80193f67e5045f2bb3bd3f002cdddd1a0ed75889381a590ff8379a57afba564
a8acd6db992817ef0230b22e01b4772a59ef1e151112cbb039ad79a8d9260565
aa1cab67f2ce2f4fed626d0c140bae547db6dd55802e480438fd635ed7b1b5aa
aca2df4cadce191ac1a3971f0992dacdfe74bd91fac4be65bf44f50501fd090e
ad10bbf847525ba6a67fb1e619a42cd49e5b3aef41c6b3aae291fb7530b04d21
ad1e34304ab814ab8d6f79ed77db2ec72d8a445efe2cbace2dbef7065512151c
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
b014d8cb57db6f068a5005f39ab92efb138a9c3b11f30016effe7bbd9d4c3ef7
b0c275307b8e5e416916a37725bb7a8561bc98648534ebeabfe2c5402957e23b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29aaed9adc4ec2ddd131f9e65173f34be17e68efb348a675cb900942f9675c0
b326ea6de03ce4cf0e65d5f84d46bd3061e061f68b56b53189fa18b2f0bd6a2a
b40f986a9ddb9cc58ee58d4132eb20e89b1cc160f6ad4747a1d9a14af9047edf
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b56eecd25900ad77097a6c08f96c9ef7826cde9d8fbd64b5a5067f4bb2be0fe2
b5b703eeaf5065d45ab4bf9f4a256e2ebf791e0d4d6a82da4e7367cbe03ef30f
b5f671e0af697ecab4baa111def1d10fc177a156542554c954adc63c33ba9ea8
b67941a710bc007120fa919bf7feebe922b2e8835ff033cb4ae578745eef93eb
b8d672580b2905758e845bc540e20fa872e990610e21f2f60408a8bfae76abcb
babc40630140b5468e7d2f5ebe92b26f409e9b52d79a8ae0d176f58f2de9f5c7
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
beb5c0640cf41c5bdd5d61aa7abc2d847a9fa97d6df69c1e6eed3631e8ef8255
bfc68292dce3d30b4560f474533c284e190e30ab44adfec151584e409814b52c
c12b5a0cd92c9c7b2dc1eb27e61f457f3aea8a63efdb8730379b69b5699760f5
c15dc602c7f26db362b306eb32adbfc51a1472752095059b748bc8e3fff59661
c240a5146daf94f9fa762825b3d88545b0b8301b261ff0782b22016c17fc8add
c2fcc178cc00a442c558b4b319cc2a7c3b7a0c0237458d99f4fa91cc1b1e850f
c31d2b1c4652ec5a7c8e5c412fffe63773e5542ae9849ea5bbfe9c9dc597382d
c4e702a8b29fb467c446adbc495051fafd5446f9782ecc630e25ac15a9abee66
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c5a310590b84ddb8c45b12b32267c95961a7fc4f7bbd13828113d00abfdd24b4
c61a9f345c53f349e9cd65bdb793219f3313f6123e4a853d8816cb21c748974c
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9616efe33dcade754cca2b451c6fa9b65c28f2a717c7d4bbc076e3ae11d5992
caa8efea9f14d7ff08c51de7969f59948a2d127417b29b42d13a84c012602f9d
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdc5c77fe8175f57d1dfab4cfb8085616d8134bc78125aef0ad20e94eabea2f5
cf5185f75e3a887c7f312005d9d59a29893e6f964d8a351bd9d2c5ec0d983d70
cf929e11b42b085a4f5d5385314f7b7104d2e260a10691955ab6eed27f5c241f
d0d63bf5491efdf119ff9c1fccdb8361c8d05b3ae2add05305ce5a3668ac49a4
d1edac4e8b9235b20c47addd67ecf8d14815edc475cc1761be60d06c82efda94
d39565761da81a7a99fd66a537eeb7250c9bf5fe52529be9a6a91e67ad1ad46d
d4852779df5e8c22392d7581b7ebb1fa5d1933ddbd04cc30da0fd4caf9862577
d53996bb9cbdd1c2856522faccc16250a296942fecc92f8dde81109c7547aa7c
d7056c0a72648ef2f7dc77f9ba194755c45df5c9f7cc31eb6cbaa465f15c4945
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
ddca68622fef19ca9794aecf8a9b9566a3838d5892a5138bf5f0e1a3d56b5c92
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df9cf65cf8eeda243962715c134e21678d4c1ac8e5a90d96dd003b8352d57727
e20e81b00213976f21f87de80297a2047f24eb9c7702a74f17cb0d32d7931504
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
e64ecccb52fdb8676562da8fec80716ca7138b6d139422adfce24eec42c4eab0
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e9573e931158bcc83146a7882d6c298c1adf3828b6c785af7cbb9fd9d25ad884
ea6aed5bb5cf0c5236d929830e4fb2cbf14e723e8a6655e9008accb48fd18769
ebf941cf3b118bbe070e35c2ff116f3285eaf846ff87bb4b5119c8a496b683f5
ed6c2370e3d2a5e1a2ec2da2964b71b9f4ad159d5688cf3851958ac56278206f
ed783dc04a12297851b6cb79308338d982d19de35aaa3de92766ef8a57f33cae
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eef15e0f5b63223c06167149d13e65daa91155531c57c7672a2d60949031c87b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef841e92bcd2666d84e1f14b07e8b04e1040b82b4442edc2a2650769294ca0de
f11e712f5ba6206d7a0d18f722e4432541c83f305a4487df0221c177a77d82cf
f122e1f3ea83bac5fea8db8fdd7af1f80f5bce1570eae99ed71c85ff746e07f3
f2d6800181f55473a31864c278c85c544d8e7b0c07fd00206f82ebbce177d6e6
f3032aa2e11e011c57a42b15acd7f194bd22b6bcc23a8332c32b12fb7edf6100
f31ca53bcf23097920090516e35a88f95d38c2bf3170e0e209e6383df25031f8
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
f6287abfc98a913c318b4348a67f84a2d5432ee57f2ece29904a76fb4eff1167
f67468353051bd55e02f4851f957e9ee695c3f1e5a6b5353503ca548d2a62bd4
f8ddfc546b9bc7954137e92e16a27d0d980607b37194229312b2f89496dfccc9
f8fcaf54764f74d91dcdad1570ed73d9746d389f6bd46767bc1ce6d2a575bd42
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
f9c03055751bda88bf3b63a684f4ac960d54dfe1ec6d2bf80932e579ab0051c7

thedailyblog.co.nz Open in urlscan Pro 210.5.53.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

354 Requests

94 %HTTPS

50 %IPv6

36 Domains

53 Subdomains

42 IPs

10 Countries

8053 kBTransfer

16421 kBSize

41 Cookies

9 Outgoing links

Redirected requests

354 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

thedailyblog.co.nz Open in urlscan Pro
210.5.53.72 Public Scan

Screenshot
Live screenshot

Full Image

354
Requests

94 %
HTTPS

50 %
IPv6

36
Domains

53
Subdomains

42
IPs

10
Countries

8053 kB
Transfer

16421 kB
Size

41
Cookies

354 HTTP transactions
16 data transactions